ISC2 CCSP - Certified Cloud Security Professional

Agenda Domain 1: Architectural Concepts and Design Requirements

• Understand cloud computing concepts
• Describe cloud reference architecture
• Understand security concepts relevant to cloud computing
• Understand design principles of secure cloud computing
• Identify trusted cloud services

Domain 2: Cloud Data Security

• Describe Cloud Data Concepts
• Design and Implement Cloud Data Storage Architectures
• Design and Apply Data Security Technologies and Strategies
• Implement Data Discovery
• Implement Data Classification
• Design and Implement Information Rights Management (IRM)
• Plan and Implement Data Retention, Deletion and Archiving Policies
• Design and Implement Auditability, Traceability and Accountability of Data Events

Domain 3: Cloud Platform & Infrastructure Security

• Comprehend Cloud Infrastructure Comp
• Design a Secure Data Center
• Analyze Risks Associated to Cloud Infrastructure
• Design and Plan Security Controls
• Plans Disaster Recovery & Business Continuity Management

Domain 4: Cloud Application Security

• Advocate Training and Awareness for Application Security
• Describe the Secure Software Development Life Cycle (SDLC) Process
• Apply the Secure Software Development Life Cycle (SDLC)
• Apply Cloud Software Assurance and Validation
• Use Verified Secure Software
• Comprehend the Specifics of Cloud Application Architecture
• Design Appropriate Identity and Access Management (IAM) Solutions

Domain 5: Operations

• Implement and Build Physical and Logical Infrastructure for Cloud Environment
• Operate Physical and Logical Infrastructure for Cloud Environment
• Manage Physical and Logical Infrastructure for Cloud Environment
• Implement ITIL Operational Controls and Standards
• Implement ISO/IEC 20000-1 Operational Controls and Standards
• Support Digital Forensics
• Manage Communication with Relevant Parties
• Manage Security Operations

Domain 6: Legal and Compliance

• Articulate Legal Requirements and Unique Risks within the Cloud Environment
• Understand Privacy Issues
• Understand Audit Process, Methodologies, and Required Adaptations for a Cloud Environment
• Understand the Implications of Cloud to Enterprise Risk Management
• Understand Outsourcing and Cloud Contract Design

Voraussetzungen

Für eine optimale Teilnahme am Kurs empfehlen wir folgende Vorkenntnisse:

• Langjährige Berufserfahrung in der IT und/oder Informationssicherheit mit Basiskenntnissen in Cloud-Security

Zielgruppe

• Cloud Architect
• Cloud Engineer
• Cloud Consultant
• Cloud Administrator
• Cloud Security Analyst
• Cloud Specialist
• Auditor of Cloud Computing Services
• Professional Cloud Developer