Certified Cloud Security Professional

Overview:

Prove You’re on the Forefront of Cloud Security

In the ever-changing world of the cloud, you face unique security challenges every day — from new threats to sensitive data, to uneducated internal teams. Take command with the CCSP: the premier cloud security certification.The CCSP is a global credential that represents the highest standard for cloud security expertise. It was co-created by (ISC)² and Cloud Security Alliance — leading stewards for information security and cloud computing security.When you earn this cloud security certification, you prove you have deep knowledge and hands-on experience with cloud security architecture, design, operations and service orchestration. Start earning your CCSP today.


This training seminar provides a comprehensive review of cloud security concepts and industry best practices, covering the 6 domains of the CCSP CBK:

  • Architectural Concepts & Design Requirements
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal & Compliance

Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. This interactive learning technique is based on sound adult learning theories. This training course will help candidates review and refresh their cloud security knowledge and help

identify areas they need to study for the CCSP exam and features:

  • Official (ISC)² courseware
  • Taught by an international instructor
  • Student handbook
  • Collaboration with classmates
  • Real-world learning activities and scenarios

You Will Learn How To:

  • Identify and explain the five characteristics required to satisfy the NIST definition of cloud computing
  • Differentiate between various as-a-service delivery models and frameworks that are incorporated into the cloud computing reference architecture
  • Explain strategies for protecting data at rest and data in motion
  • Discuss strategies for safeguarding data, classifying data, ensuring privacy, assuring compliance with regulatory agencies, and working with authorities during legal investigations
  • Contrast between forensic analysis in corporate data center and cloud computing environments

Requirements:

  • Five years of cumulative, full-time working experience in IT (three of which must be in information security, and one of which must be in one of the six CCSP CBK domains)
  • Those without the required experience can take the exam to become an Associate of (ISC)² while working toward the experience needed for full certification

Course Preparation:

  • You will be asked to read documents before the course that will help with your learning and exam preparation

Course Outline

Architectural Concepts and Designs Requirements

  • Reviewing cloud computing concepts
  • Describing cloud reference architecture
  • Security concepts relevant to cloud computing
  • Design principles of secure cloud computing
  • Identifying trusted cloud services

Cloud Data Security

  • Understanding cloud data lifecycle
  • Designing and implementing cloud data storage architectures
  • Designing and applying data security strategies
  • Understanding and implementing data discovery and classification technologies
  • Designing and implementing relevant jurisdictional data protections for personally identifiable information

Cloud Platform and Infrastructure Security

  • Comprehending cloud infrastructure components
  • Analyzing risks associated to cloud infrastructure
  • Designing and planning security controls
  • Planning disaster recovery and business continuity management

Cloud Application Security

  • Recognizing the need for training and awareness in application security
  • Understanding cloud software assurance and validation
  • Using verified secure software
  • Comprehending the Software Development Life-Cycle (SDLC) process
  • Applying the Secure Software Development Life-Cycle

Operations

  • Supporting the planning process for the data center design
  • Implementing and building physical infrastructure for cloud environment
  • Running physical infrastructure for cloud environment
  • Managing physical infrastructure for cloud environment
  • Building logical infrastructure for cloud environment

Legal and Compliance

  • Legal requirements and unique risks within the cloud environment
  • Privacy issues, including jurisdictional variation
  • The audit process, methodologies, and required adaptions for a cloud environment
  • Implications of cloud to enterprise risk management
  • Outsourcing and cloud contract design

In this 2-day instructor-led classroom or online class, you will learn basic configuration and administration of the most commonly used features of FortiGate appliances. In interactive labs, you will explore firewall policies, user authentication, basic VPNs, explicit proxy, virus detection, web filtering, application control and more. These administrative fundamentals will provide you with a solid understanding of how to integrate and maintain basic network security.  

Audience: This course is intended for networking professionals involved in the design and implementation of a security infrastructure using FortiGate Unified Threat Management appliances. This advanced-level course is a continuation of the topics discussed in FortiGate Multi-Threat Security System I – Administration, Content Inspection and SSL VPN (Course 201). Content in the 301 course is geared to professionals with a sound knowledge of the concepts involved in the operation of a FortiGate device. It is assumed that students are familiar with the topics presented in the 201 course.

Course Detail: Module 11: Routing. This module introduces students to the logic used behind FortiGate device routing decisions. Students will learn how to read routing table entries, perform routing diagnostics and create routes on a FortiGate device. Module 12: Virtual Networking. This module introduces the concept of working with virtual network resources including VLANs, virtual domains and link aggregation. Module 13: Transparent Mode. This module familiarizes students with operating a FortiGate appliance in transparent mode and discusses aspects to consider in this type of deployment. Module 14: High Availability. This module discusses the functionality of a FortiGate unit operating in HA mode. Module 15: Advanced IPSec VPN. This module covers the advanced methods of VPN deployment (hub and spoke, star, full and partial meshed configurations), PPTP and in depth troubleshooting diagnostics. Module 16: Intrusion Prevention System. This module provides a detailed look at the configuration and operating behavior of the FortiGate appliance’s intrusion prevention system. Module 17: Fortinet Single Sign On (FSSO). In this module, Fortinet Single Sign On communications are explained and students will learn how to configure FSSO to link domain log in credentials to firewall policies in order to restrict access. Module 18: Certificate-Based Operations. This module builds the groundwork for all SSL based inspection that a FortiGate appliance is capable of performing.

Course Detail 1: Module 19: Data Leak Prevention. This module will introduce students to working with the data leak prevention (DLP) feature including configuration, methodology, diagnostics, and debugging. Module 20: Diagnostics. This module describes various basic troubleshooting commands that can be used to diagnose the most common technical issues. It explains how to interpret the output of the debug flow diagnostics, FortiGate session table, as well as CPU and memory diagnostic commands. Module 21: Putting It All Together. In this module, students will be given an opportunity to put their skills to the test. This multi-part interactive lab assesses the student’s ability to work with multiple FortiGate features at once to fulfill a set of customer needs and requirements.

Pre-Requisite Text:
Prerequisites: Previous experience working with FortiGate appliances. Solid knowledge of the web management interface and the FortiGate unit Command Line Interface (CLI). Knowledge of IPSec, VPNs and intrusion detection concepts. Successful completion of the FortiGate Multi-Threat Security System I course is highly recommended.

 

This is a 2-day training, participants learn the basic configuration and administration aspects of the most commonly used features on the FortiGate Unified Threat Management (UTM) Appliance. Through interactive modules, participants explore firewall policies, user authentication, VPNs, virus detection, email filtering, web filtering, application control and more. FortiGate unit administrative fundamentals provide a solid understanding of how to integrate and ensure operational maintenance for optimal performance in the corporate environment.

Audience: This introductory-level course is intended for anyone who is responsible for the day-to-day administration and management of a FortiGate unit. Students must be familiar with the topics presented in this course before attending the FortiGate Multi-Threat Security Systems II - Secured Network Deployment and IPSec VPN course.

Course Detail: Module 1: Introduction to Fortinet Unified Threat Management This module introduces students to the FortiGate unit, comparing and describing the essential. FortiGate features, as compared to other firewall devices. Feature usage and their order of operations are explained and students examine how these can affect system performance and resources. Finally this module will cover configuration backup and restore, factory default settings and establishing connectivity to the FortiGate device GUI. Module 2: Logging and Monitoring. This module familiarizes students with how to search various logs from the FortiGate device GUI and understand how these logs are used. Different methods of logging will be discussed (both on and off the device), as well as getting information from the logs that may not be initially visible. Module 3: Firewall Policies. This module demonstrates setting up the Firewall policies on a FortiGate device and explains. the logic for how a match on a firewall policy is determined. Module 4: Local User Authentication. This module familiarizes students with utilizing Identity based policies. The focus will be on setting up and manipulating traffic based on authentication using local users. Module 5: SSL VPN. In this module students learn how to configure and connect to an SSL VPN. Module 6: IPSec VPN. The students will be shown how to configure an IPSec VPN on the FortiGate device using Interface-based and policy-based modes. Module 7: Antivirus. This section will teach students how to configure and enable traffic scanning for the detection of viruses. Module 8: Email Filtering. This module will introduce students to email inspection and spam detection. Module 9: Web Filtering. This module introduces students to the web filtering functions available on the FortiGate unit.

Course Detail 1: Module 10: Application Control. This module teaches Students the inner workings of Application Control, how to configure it, and how signature triggers are accomplished.

Pre-Requisite Text:
Prerequisites: Introductory-level network security experience. Basic understanding of firewall concepts.

This is a 3-day training, participants will gain a comprehensive understanding of the advanced networking and security functions of FortiGate appliances. With a focus on core feature skills, specific topics include routing, virtual domains, transparent mode, high availability, advanced IPSec VPN, intrusion prevention system, single sign on, certificate operations, data leak prevention, diagnostics and resource utilization. At the end of this course, students complete an interactive in-lab assessment of skills learned. Designed to demonstrate advanced use of FortiGate appliance features, this training is a continuation of the FortiGate Multi-Threat Security System I Course.

Audience: This course is intended for networking professionals involved in the design and implementation of a security infrastructure using FortiGate Unified Threat Management appliances. This advanced-level course is a continuation of the topics discussed in FortiGate Multi-Threat Security System I – Administration, Content Inspection and SSL VPN (Course 201). Content in the 301 course is geared to professionals with a sound knowledge of the concepts involved in the operation of a FortiGate device. It is assumed that students are familiar with the topics presented in the 201 course.


Course Detail: Module 11: Routing. This module introduces students to the logic used behind FortiGate device routing decisions. Students will learn how to read routing table entries, perform routing diagnostics and create routes on a FortiGate device. Module 12: Virtual Networking. This module introduces the concept of working with virtual network resources including VLANs, virtual domains and link aggregation. Module 13: Transparent Mode. This module familiarizes students with operating a FortiGate appliance in transparent mode and discusses aspects to consider in this type of deployment. Module 14: High Availability. This module discusses the functionality of a FortiGate unit operating in HA mode. Module 15: Advanced IPSec VPN. This module covers the advanced methods of VPN deployment (hub and spoke, star, full and partial meshed configurations), PPTP and in depth troubleshooting diagnostics. Module 16: Intrusion Prevention System. This module provides a detailed look at the configuration and operating behavior of the FortiGate appliance’s intrusion prevention system. Module 17: Fortinet Single Sign On (FSSO). In this module, Fortinet Single Sign On communications are explained and students will learn how to configure FSSO to link domain log in credentials to firewall policies in order to restrict access. Module 18: Certificate-Based Operations. This module builds the groundwork for all SSL based inspection that a FortiGate appliance is capable of performing.

Course Detail 1: Module 19: Data Leak Prevention. This module will introduce students to working with the data leak prevention (DLP) feature including configuration, methodology, diagnostics, and debugging. Module 20: Diagnostics. This module describes various basic troubleshooting commands that can be used to diagnose the most common technical issues. It explains how to interpret the output of the debug flow diagnostics, FortiGate session table, as well as CPU and memory diagnostic commands. Module 21: Putting It All Together. In this module, students will be given an opportunity to put their skills to the test. This multi-part interactive lab assesses the student’s ability to work with multiple FortiGate features at once to fulfill a set of customer needs and requirements.

Pre-Requisite Text:
Prerequisites: Previous experience working with FortiGate appliances. Solid knowledge of the web management interface and the FortiGate unit Command Line Interface (CLI). Knowledge of IPSec, VPNs and intrusion detection concepts. Successful completion of the FortiGate Multi-Threat Security System I course is highly recommended.

Audience: This course is designed for IT professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments. The target student should aspire to apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; analyze risk impact; and respond to security incidents. This course is also designed for students who are seeking the CompTIA Advanced Security Practitioner (CASP) certification and who want to prepare for Exam CAS-002. Students seeking CASP certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.

Course Detail: Overview: Welcome to CyberSAFE (Securing Assets For End-users) Extended Edition. Regardless of your computer experience, this class will help you become more aware of technology-related risks and what you can do to protect yourself and your organization from them. This course will help you to understand security compliance considerations, social engineering, malware, and various other data security-related concepts. In this course, you will explore the hazards and pitfalls and learn how to use technology safely and securely.

Course Detail 1: In this course, you will identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect yourself from those risks. You will: Identify the need for security. Secure devices like desktops, laptops, smartphones, and more. Secure your use of the Internet.

Course Detail 2: Lesson 1: Identifying the Need for Security Topic A: Identify Security Compliance Requirements Topic B: Recognize Social Engineering Lesson 2: Securing Devices Topic A: Maintain Physical Security of Devices Topic B: Use Passwords for Security Topic C: Protect Your Data Topic D: Identify and Mitigate Malware Topic E: Use Wireless Devices Securely Lesson 3: Using the Internet Securely Topic A: Browse the Web Safely Topic B: Use Email Securely Topic C: Use Social Networking Securely Topic D: Use Cloud Services Securely

Pre-Requisite Text:
This course is designed for you as a non-technical end-user of computers, mobile devices, To ensure your success in this course you should have experience with the basic use of conventional end-user technology, including desktop, laptop, or tablet computers, cell phones, and basic Internet functions such as web browsing and email. To obtain much of this prerequisite knowledge, you should consider taking the following Logical Operations course: Using Microsoft® Windows® 8.1