DAY ONE
Introduction
- Introductions
- Objectives of course
- Agenda
Cloud Concepts
- CCSK - What is Cloud Computing?
- CCSK - Why is everyone moving to the Cloud?
- CCSK - Cloud computing model
- CCSK - Infrastructure, Platform and Software as a Service
- CCSK - Boundaries and responsibilities
- CCSK - Cloud Service Providers – Gartner Magic Quadrant(s)
- CCSK - Cloud reference architectures
Virtualisation
- Overview of different virtualisation technologies and types covering storage, networks and systems.
Cloud Security Frameworks, Principles, Patterns and Certifications
- CCSK - Security Principles
- CCSK - Cloud Security Alliance (CSA) Cloud Control Matrix
- GOV.UK Cabinet Office and NCSC Cloud Security Principles
- CCSK - Security Architecture Frameworks
- CSSK - Security Architecture Patterns
- CSSK - Cloud Security Architecture Patterns
- CSSK - Trusted Cloud Initiative Reference Architecture
- CSSK - Cloud Security Certifications
AWS Security Technologies
- EC2 (Elastic Compute Cloud) and VPC (Virtual Private Cloud) fundamentals
- Availability zones and regions
- Internet Gateway, Elastic IPs, NAT Gateway, DirectConnect
- Security Implications of Elastic Load Balancing (ELB) and auto-scaling
- Security Groups, Flow Logs, S3, ACLs and subnet routing
- AWS Config, CloudTrail, CloudWatch, Trusted Advisor
- IPSec VPN options: AWS VPNs, third party solutions
- AWS CloudFront, Web Application Firewall and Certificate Manager
- Vulnerability management using AWS Inspector
- AWS Key Management Service (KMS) and CloudHSM
- AWS Identity and Access Management (IAM)
- Labs providing practical experience of implementing and using AWS security technologies
Quiz
- End of day knowledge check – exam style questions
DAY TWO
Microsoft Azure and Office 365
- Azure platform security architecture
- Azure Virtual Networks
- Azure network security best practices
- Azure data security and encryption best practices
- Azure Active Directory
- Federated identity and Single Sign On
- Azure Multi-factor authentication
- Azure Key Vault
- Azure Virtual Machine encryption
- Microsoft Antimalware for Azure Cloud Services and Virtual Machines
- Azure Security Center
- Office 365 Service Architectures
- Office 365 security across physical, logical and data layers
- Office 365 email encryption options
- Exchange Online Protection
- GOV.UK Microsoft Office Security Guidance
- Labs providing practical experience of implementing and using Microsoft Azure security technologies
Google Apps for Work
- Google Apps for Work applications and architectures
- Integration with corporate directories
- Single sign-on to enforce use of corporate devices and threat prevention
- GOV.UK Google Apps for Work Security Guidance
- Google Admin Console
- Google Authenticator
- Organisational Units
- Administrative roles
- Data privacy opt-in
Assurance
- Centre for Internet Security (CIS) Foundation Benchmarks
- CCSK - Penetration tests of cloud environments
- CCSK - External audit and configuration review
Data Protection and Compliance
- CCSK - Personally Identifiable Information (PII) and Personal Data
- UK Data Protection Act and Information Commissioner’s Office (ICO)
- CCSK - European Union (EU) Data Protection Directive
- CCSK - EU General Data Protection Regulation (GDPR)
- Cyber Essentials Plus
- CCSK - Cloud Security Alliance STAR
- CCSK - PCI DSS
- CCSK - AICPA SOC3 (formerly SAS70)
- CCSK - ISO 27001
DAY THREE
Containers
- Concept of containers
- Docker
- Why development teams are moving to containers
- Security issues of containers
- Container security good practice
- CIS Benchmark for Docker and Docker Bench tool
- Orchestration – Kubernetes
- Security features of Kubernetes
- Orchestration – Docker Swarm
- Cloud Service Provider container platforms (AWS, Azure, Google)
- Container security solutions (e.g. Twistlock, NeuVector, AquaSecurity)
- Labs providing hands-on experience of Docker containers and potential security issue
Web Application Security
- OWASP Top 10
- Threat Modelling
- CCSK - Secure Software Development Lifecycle
Cloud Identity Services
- CCSK - SAML
- CCSK - oAuth, oAuth 2.0 and OpenID Connect
- CCSK - Cloud Identity Providers
DAY FOUR
Serverless
- CCSK - Concept of ‘serverless’
- CCSK - Pros and Cons
- AWS Lambda
- Step functions
- Dynamo DB
- SQS, SWS, S3
- Serverless application architecture
- Security implications
- Environment Variable encryption
- Azure Cloud Functions
- Google Cloud Functions
- Labs providing hands-on experience of Serverless architectures
Cloud Security as a Service
- CCSK - Cloud Security Services
- CCSK - Cloud analytics, e.g. Splunk Cloud
- CCSK - Cloud security operations management, e.g. AlertLogic
Cloud Security Workshop
- Scenario requirement
- Develop security architecture in groups
- Present back to wider group, review and discuss
DAY FIVE
Automation
- Cloud service provider automation tools
- Terraform by Hashicorp
- Hardened build images
- Vault by Hashicorp
- Patching and update strategies
- DevSecOps
Continuous Integration Pipeline
- CCSK - Continuous Integration Pipeline
- Automated environment testing
- Jenkins
- Security issues
DevSecOps Lab
- Hands-on experience of coding security improvements and automated deployments
- End of section quiz – exam style questions
Exams taken post course:
CCSK Exam - This is an open-book, online exam, completed in 90 minutes with 60 multiple-choice questions selected randomly from the CCSK question pool. The minimum passing score is 80%.
Practitioner Certificate in Cloud Security Exam – This is a closed book, online exam, completed in 70 minutes with 70 multiple –choice questions, minimum pass mark 50%
