Certificate Of Cloud Security Knowledge (CCSK) 7-8 November Singapore 2012
Organization: Flipside Pte Ltd
|Event Date/Time: Nov 07, 2012 / 8:30 am - (GMT +8:00 hours)||End Date/Time: Nov 08, 2012 / 5:30 pm - (GMT +8:00 hours)|
|Registration Date: Nov 06, 2012||Time: 17:30:00(GMT +8:00 hours)|
On passing the examination, you will obtain the Certificate of Cloud Security Knowledge (CCSK). This examination provides a consistent way of developing cloud security competency and provides, both organisations and agencies, the confidence they need to adopt secure cloud solutions.
The CCSK augments other credentialing programmes in information security, audit or governance by encouraging an additional level of competency in cloud computing security best practices.
The CCSK certification programme was only recently launched in September 2010 by the Cloud Security Alliance. It is the industry's first user certification programme for secure cloud computing. The CCSK is designed to ensure that a broad range of professionals with responsibility related to cloud computing have a demonstrated awareness of the security threats and best practices for securing the cloud.
Content Learning Outcomes
Upon successful completion of this course, you will be able to:
Understand Cloud Computing Architectural Framework
Point out Cloud Computing Security challenges
Point out Cloud Computing Security Controls recommendations
Take the CCSK examination.
Key Objectives of this Course
To understand the Cloud Computing Architectural Framework
To discover Cloud Computing security challenges
To point out industry best practices and security controls recommendations for Cloud Computing
Cloud Computing Architectural Framework
• Cloud computing evolution • Cloud vocabulary, • Essential characteristics of cloud computing, • Cloud deployment models • Cloud service models • Multi- Tenancy, • Approaches to create a barrier between the Tenants • Cloud computing threats, • Cloud Reference Model • The Cloud Cube Model • Security for cloud computing - How security gets integrated. Governance and Enterprise Risk Management
• Information security governance processes • Governance and enterprise risk management in cloud computing • Governance recommendations, • Enterprise Risk Management recommendations • Information Risk Management recommendations • Third Party Management recommendations Legal and Electronic Discovery Risk Management
• Legal and Electronic Discovery Risk Management Security recommendations Compliance and Audit
• Cloud customer responsibilities • Compliance • Audit Security Recommendations. Information Lifecycle Management
• Key challenges regarding data lifecycle security • Data Security recommendations by ILM Phase DAY TWO TOPICS
Portability and Interoperability
• Changing providers reasons • Changing providers expectations • Recommendations all cloud solutions • IaaS Cloud Solutions • PaaS Cloud Solutions • SaaS Cloud Solutions Traditional Security, Business Continuity, and Disaster Recovery
• Risk of insider abuse • Security baseline • Customers actions • Contract, Documentation, Recovery Time Objectives (RTOs) • Customers responsibility • Vendor Security Process (VSP) Data Center Operations
• Data Center Operations • Security challenge, • Implement “Five Principal Characteristics of Cloud Computing • Data center security recommendations Incident Response, Notification, and Remediation
• How to identify incidents • How to respond to security incidents • Security incident containment • Security incident response recommendations Application Security
• Web Application • Application Weaknesses • Attack Methods • What is Web Application Security • Application security layer • Vulnerability distribution • Why Web Application Risks Occur • Security solutions • Applications in cloud environments • Security recommendations Encryption and Key Management
• Encryption for confidentiality and integrity • Encrypting data at rest • Key management lifecycle • Cloud encryption standards • Recommendations Identity and Access Management
• Identity and Access Management in the cloud • Identity and Access Management functions • Identity and Access Management (IAM) Model • Identity Federation • Identity provisioning recommendations • Authentication for SaaS and Paas customers • Authentication for IaaS customers • Introducing Identity Services • Enterprise Architecture with IDaaS • IDaaS security recommendations Virtualisation
• Hardware Virtualisation • Software Virtualisation • Memory Virtualisation • Storage Virtualisation • Data Virtualisation • Network Virtualisation • Virtualisation Security recommendations Enisa - Cloud Computing Risk Assessment
Relevant to any IT professional who is planning to use cloud computing or who is already working in the cloud IT Professionals who want to understand more about the issues pertaining to security which are related to being in the cloud as well as recommendations as to how this can be dealt with The course is designed to interest any IT professional and there is no requirement for preliminary knowledge or understanding of this subject matter Naturally, this audience will include the likes of the Chief Information Officer (CIO)
Chief Information Security Officer (CISO), IT and security professionals.