Projects
Assignments
Overview
The CCSK Plus v5 builds on the foundational CCSK course by offering a combination of theoretical knowledge and hands-on labs. This course provides an immersive learning experience where students engage in practical scenarios to securely transition a fictional organization into the cloud. Labs cover essential cloud security topics such as core account security, IAM, network and instance security, encryption, storage, and application security. Students can choose to perform labs on AWS or Azure environments.
Objectives
By the end of this course, leaner will be able to:
- Configure basic and advanced cloud account security settings, including MFA and IAM.
- Implement cloud network security by creating and securing virtual networks (VPCs).
- Deploy virtual machines, run vulnerability assessments, and ensure secure cloud instances.
- Manage data security by encrypting storage volumes and protecting snapshots.
- Secure cloud applications and enable federated identity through OpenID integration
Prerequisites
- Have a basic understanding of cloud computing concepts and cloud security models.
- Be familiar with cloud service platforms like AWS or Azure.
- Possess general knowledge of Identity and Access Management (IAM) and multi-factor authentication (MFA).
- Have experience in networking, encryption, and storage management in a cloud environment.
- Be comfortable with implementing security measures and monitoring cloud-based infrastructure.
Course Outline
Module 1: Core Account SecurityCourses2024-09-08T10:17:25+05:30
- Configure essential security controls (MFA, IAM) within the first minutes of opening a cloud account.
- Enable basic monitoring to track security events and threats.
Module 2: IAM and Monitoring In-DepthCourses2024-09-08T10:20:26+05:30
- Expand IAM with Attribute-Based Access Control (ABAC) and implement enterprise-scale identity management.
- Set up complex monitoring, create security alerts, and establish enterprise IAM frameworks.
Module 3: Network and Instance SecurityCourses2024-09-08T10:23:39+05:30
- Create a secure Virtual Private Cloud (VPC) and implement baseline network security.
- Launch secure virtual machines (instances) and run vulnerability assessments in the cloud.
Module 4: Encryption and Storage SecurityCourses2024-09-08T10:24:36+05:30
- Encrypt storage volumes with customer-managed encryption keys.
- Secure snapshots and learn best practices for protecting cloud data.
Module 5: Application Security and FederationCourses2024-09-08T10:26:17+05:30
- Build a 2-tier cloud application with complete security configurations.
- Implement federated identity management using OpenID for seamless access.
Module 6: Risk & Provider AssessmentCourses2024-09-17T16:41:55+05:30
- Practice using the CSA Cloud Controls Matrix (CCM) for risk evaluation
- Leveraging the CSA STAR registry to assess cloud service providers
- Developing criteria for selecting a secure cloud provider based on risk factors
