C)CSO: Cloud Security Officer

Mile2's Cloud Security Officer, C)CSO, course will provide you something you will not find in other class! The Cloud is being widely adopted today for a diverse set of reasons. However, many are finding that security in the cloud is a huge challenge.

The C)CSO looks to fill the gap in cloud security education and give you the skills you need to develop strong cloud security.

What makes this course powerful is the pairing of knowledge from leading cloud security authorities, with practical lab exercises. You will leave the course with a solid understanding of the cloud stack having been introduced to many technologies used in the cloud. Whether you are implementing private cloud architecture or managing solutions from various vendors, this course is for you.

Prerequisites

Any of the following Mile2 Courses:

  • 12 months experience with virtualization technology or equivalent knowledge.
  • General understanding of cloud architectures
  • Minimum 12 months experience with general security

Target audience
  • Virtualization Admins
  • Cloud Security Officers
  • CIO
  • Virtualization and Cloud Auditors
  • Virtualization and Cloud Compliance Officers

 


Modules:

  • Module 1 – Introduction to Cloud Computing and Architecture
  • Module 2 – Cloud Security Risks
  • Module 3 – ERM and Governance
  • Module 4 – Legal Issues
  • Module 5 – Virtualization
  • Module 6 – Data Security
  • Module 7 – Data Center Operations
  • Module 8 – Interoperability and Portabliity
  • Module 9 – Traditional Security
  • Module 10 – BCM and DR
  • Module 11 – Incident Response
  • Module 12 – Application Security
  • Module 13 – Encryption and Key Management
  • Module 14 – Identity, Entitlement and Access
  • Module 15 – Auditing and Compliance

Case study labs:

Lab 1 – Cloud Migration Evaluation
Lab 2 – Service Level Agreement Compliance
Lab 3 – Virtualization 101
Lab 4 – Understanding Network Traffic
Lab 5 – Hardening Your Virtual Machines
Lab 6 – ESXi Hosting Hardening
Lab 7 – Hardening vCenter
Lab 8 – Basics of Data Security in Azure
Lab 9 – 23: See Detailed Outline Below

Course Introduction 

Module 1 – Introduction to Cloud Computing and Architecture

  1. Cloud Computing Terminology
  2. Cloud Computing Definition
  3. Cloud Computing Characteristics
  4. Cloud Computing Benefits
  5. Cost Benefit Analysis Reference Model
  6. What is Security for the Cloud?

Module 2 – Cloud Risks

  1. Cloud Migration Security Evaluation
  2. ENISA Risk Evaluation
  3. Cloud Controls Matrix
  4. Relevant CCM Controls

Module 3 – ERM and Governance

  1. Application of Governance and Risk Management to the Cloud
  2. Importance of the SLA
  3. Relevant CCM controls

Module 4 – Legal Issues

  1. Understanding Unique Risks in the Cloud International Law and Potential Conflicts eDiscovery
  2. Contract Considerations
  3. Relevant CCM Controls

Module 5 – Virtualization

  1. Virtualization Principles
  2. Key Components Mapped to Cloud Layer
  3. Key Security Concerns
  4. Other Technologies Used in the Cloud
  5. The Layers
  6. Relevant CCM Controls

Module 6 – Data Security

  1. Cloud Data Life Cycle
  2. Design and Implement Cloud Data Storage Architectures
  3. Design and Apply Data Security Strategies Understand and Implement Data Discovery and Classification Technologies
  4. Design and Implement Relevant Jurisdictional Data Protection for PII
  5. Design and Implement Data Rights Management
  6. Plan and Implement Data Retention, Deletion and Archival Policies
  7. Design and Implement Auditability, Traceability, and Accountability of Data Events
  8. Relevant CCM Controls

Module 7 – Data Center Operations

  1. Build Logical Infrastructure for Cloud Environment
  2. Manage Logical Infrastructure for Cloud Environment
  3. Manage Communications with Relevant Parties
  4. Relevant CCM Controls

Module 8 – Interoperability and Portablility

  1. Interoperability
  2. Portability
  3. Relevant CCM Controls

Module 9 – Traditional Security

  1. The Physical Environment
  2. Support the Planning Process for the Data Center Design
  3. Run Physical Infrastructure for Cloud Environment
  4. Implement and Build Physical Infrastructure for Cloud Environment
  5. Manage Physical Infrastructure for Cloud Environment
  6. Relevant CCM Controls

Module 10 – BCM and DR

  1. Disaster Recovery and Business Continuity Management
  2. Examples
  3. Relevant CCM Controls

Module 11 – Incident Response

  1. Incident Response
  2. Forensics
  3. Relevant CCM Controls

Module 12 – Application Security

  1. Training and Awareness
  2. Secure Software Development Life Cycle Process
  3. Application of the Secure Software Development Life Cycle
  4. Verifying the use of Secure Software
  5. Identity and Access Management (IAM) Solutions
  6. Additional components for the Cloud Software Assurance and Validation
  7. Relevant CCM Controls

Module 13 – Encryption and Key Management

  1. Review from other chapters
  2. Key Management in today’s cloud services
  3. Recommendations
  4. Relevant CCM Controls

Module 14 – Identity, Entitlement and Access Management

  1. Introduction to Identity and Access Management Identities and Attributes
  2. Architectures for Interfacing to Identity and Attribute Providers
  3. The Identity Recommendations
  4. Relevant CCM Controls

Module 15 – Auditing and Compliance

  1. Compliance and Audit Cloud Issues Assurance Frameworks
  2. Auditing
  3. Relevant CCM Controls

 

Upon completion:

Upon completion, Certified Cloud Security Officer students will understand Cloud security from a real-world viewpoint and comprehend the industry security standards. The student will also be prepared to take the C)CSO exam.

Exam information:

The Certified Cloud Security Officer exam is taken online through Mile2’s Learning Management System and is accessible on you Mile2.com account.  The exam will take approximately 2 hours and consist of 100 multiple choice questions. 

A minimum grade of 70% is required for certification.

Exam is included in the course fee!

Re-certification requirements:

All Mile2 certifications will be awarded a 3-year expiration date.

There are two requirements to maintain Mile2 certification:

  1. Pass the most current version of the exam for your respective existing certification
  2. Earn and submit 20 CEUs per year in your Mile2 account.   

FAQ

  1. Hvem passer dette kurset for?
    Kurset er laget for profesjonelle som har ansvar for cloud security, compliance og arkitektur. Det passer for:

    • Virtualization admins

    • Cloud Security Officers

    • CIOs og IT-ledere

    • Virtualization & Cloud auditors

    • Compliance Officers innen skytjenester

  2. Hvilke forkunnskaper bør jeg ha?
    Det anbefales at du har:

    • Minst 12 måneders erfaring med virtualiseringsteknologi eller tilsvarende kunnskap

    • Generell forståelse av cloud-arkitektur

    • Minimum 12 måneders erfaring med IT-sikkerhet
      Kurs som Mile2’s C)ISSO eller tilsvarende er anbefalt forkunnskap.

  3. Hva lærer jeg i kurset?
    Etter kurset kan du blant annet:

    • Evaluere og sikre cloud-arkitektur og migreringsprosesser

    • Identifisere og håndtere cloud-risikoer, governance og compliance

    • Forstå juridiske problemstillinger rundt skyløsninger (internasjonal lov, kontrakter, eDiscovery)

    • Sikre data gjennom hele cloud data life cycle

    • Implementere sikkerhetskontroller i virtualisering, IaaS, PaaS og SaaS

    • Styrke identitet, tilgang, kryptering og nøkkelhåndtering i skyen

    • Utføre auditing og compliance-revisjoner av skymiljøer

    • Arbeide med BCM og DR i skybaserte miljøer

  4. Hvordan foregår kurset?

    • Varighet: 5 dager instruktørledet undervisning

    • Format: Tilbys både fysisk i klasserom og som live virtuelt kurs

    • Kombinerer teori, case-studier og praktiske lab-øvelser

  5. Er dette kurset praktisk?
    Ja – kurset inkluderer en rekke hands-on labs, blant annet:

    • Cloud migration-evaluering og SLA compliance

    • Virtualisering og nettverksanalyse

    • Hardening av ESXi, vCenter og VM-er

    • Data security i Azure, IaaS/PaaS/SaaS

    • Identity & Access Management (IAM) i Azure og private cloud

    • Business continuity og auditing i skyen

    • Kryptering og key management i ulike cloud-miljøer

  6. Hva koster kurset?
    Kursavgiften er 35 000 NOK, og eksamen er inkludert i prisen.

  7. Hva slags materiell får jeg?
    Du får Mile2 sitt offisielle kursmateriell, digitale ressurser og tilgang til øvings- og labmiljø.

  8. Gir kurset sertifisering?
    Ja – kurset inkluderer eksamen for Certified Cloud Security Officer (C)CSO.

    • Format: Online via Mile2 LMS

    • Tid: Ca. 2 timer, 100 multiple-choice spørsmål

    • Bestått: 70 % eller mer kreves

    • Sertifiseringen er gyldig i 3 år

  9. Hva kreves for re-sertifisering?
    For å opprettholde sertifiseringen må du:

    1. Bestå den mest oppdaterte versjonen av eksamen

    2. Registrere minst 20 CEUs per år i Mile2-kontoen din

  10. Kan jeg delta digitalt?
    Ja – kurset kan tas både som fysisk klasseromskurs og som live virtuelt kurs.

  11. Kan jeg bestille kurset for min organisasjon?
    Ja – kurset tilbys også bedriftsinternt og kan tilpasses organisasjonens behov.

Andre relevante kurs

C)CSA: Cybersecurity Analyst
5 dager
Classroom Virtual
C)CSSA: Cybersecurity Systems Auditor
4 dager
Classroom Virtual
C)CSSM: Certified Cybersecurity Systems Manager
4 dager
Classroom Virtual
C)DFE: Digital Forensics Examiner
5 dager
Classroom Virtual