ﻥﻣﻷﺍ ﺔﺑﺎﺣﺳ ﺔﻓﺭﻌﻣﻟﺍ ﻥﻣ ﺓﺩﺎﻬﺷ …The examination consists of 60 multiple choice questions selected randomly from our question pool, and

Certificate of Cloud

Security KnowledgeCSA™ Approved Training

Organised by

www.isharaonline.com/ccsk www.clubcloudcomputing.com

Tel: +971 4 2955581 www.isharaonline.com/ccsk Email: [email protected]

The audience will be experienced staff of

IT departments of medium to large organi-

zations, as well as service providers to

these.

IT Security Officer, IT Manager, Security

Consultant, Solution consultant, Presales,

IT architect , IT Risk manager, Service

managers, Compliance officers,

Managerial – Expert, CIO, CISO,

IT Auditors (internal and external),

IT Risk Management, IT Staff looking to

advance their careers. Software develop-

ers and system administrators who seek

to broaden their scope will also find the

course beneficial.

Who Should Attend?COURSE OUTLINE

CCSK – Theory and presentations

• Cloud security fundamentals

• Description of cloud computing

• All major domains in the latest Guidance document from the

Cloud Security Alliance

• Recommendations from the European Network and

• Recommendations from the Information Security Agency (ENISA).

CCSK – Practical work

• Extensive hands-on activities

• Bringing a fictional organization securely into the cloud.

• Assessing, building, and securing a cloud infrastructure

March 31 - April 02, 2015 JW Marriott Dubai Hotel - Dubai, UAE

CCSK - Continuing Professional Education (CPE) Points Program

األمن سحابة المعرفة من شهادة

September 29 - October 01, 2015 - Crown Plaza Hotel, Nairobi - Kenya

Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]

September 29 - October 01, 2015 - Crowne Plaza, Nairobi, Kenya December 1 - 3, 2015 - Crowne Plaza, Nairobi, KenyaJune 30 - July 1 2016 - Hotel Intercontinental, Nairobi, Kenya

Dr. Peter HJ van Eijk is

one of the world’s most

experienced independent

cloud trainers. He has

delivered cloud training in

the US, Europe,

Middle-East and Asia to a

wide variety of

participants.

In the past he has worked for Deloitte Consult-

ing, IT supplier EDS, internet providers, and at

the University of Twente, where he received his

PhD in 1988.

He is a board member of the Dutch Cloud

Security Alliance Chapter.

Cloud training credentials

Peter is a certified trainer for CSA Certificate of

Cloud Security Knowledge (CCSK), CompTIA

Cloud Essentials, and Virtualization Essentials.

He was the single author of the ITpreneurs

Cloud Essentials course, and a contributor to

the Virtualization Essentials course. He contin-

ues to develop training and course material for

enhanced cloud value and reduced risk.

During the three days, theory and presentation will be alternated

with exercises that will strengthen understanding and

applicability.

day 1- Introduction to Cloud Computing

- Infrastructure Security for Cloud

- Introduction and Risk Analysis (practical exercise)

- Create and Secure a Public Cloud Instance (practical exercise)

- Evaluation, Q&A

day 2- Managing Cloud Security and Risk

- Encrypt an EBS Volume (practical exercise)

- Data Security for Cloud

- Create and Secure a Cloud Application (practical exercise)

- Securing Cloud Users and Applications

- Evaluation, Q&A

day 3- Identity and Access Management (practical exercise)

- Selecting Cloud Services

- Deploy and Secure a Private Cloud (practical exercise)

- Review, Evaluation and Test Preparation

What you will receive

• 3 days of training.

• All handouts

• Practical workbook

• After the course support

• Quizzes and sample questions

Exam

The CCSK examination is a timed, multiple choice examination

you take online at https://ccsk.cloudsecurityalliance.org.

The examination consists of 60 multiple choice questions

selected randomly from our question pool, and must be

completed within 90 minutes. A participant must correctly answer

80% of the questions to receive a passing score. Because the

exam is online, it is open book.

For candidates that fail the test, there is one retry included in the

Course TimingsCourse sessions will start each day promptly at 08:30am

and end at 16:00pm.

There will be short breaks for refreshments and lunch

will be served.

March 31 - April 02, 2015

JW Marriott Dubai Hotel - Dubai, UAE

Course ObjectiveUpon completion of this course you will be able to

• Pass the CCSK exam

• Identify and mitigate cloud specific security risks

• Conduct cloud specific risk analyses

• Understand and apply cloud computing characteristics

• Demonstrate secure application deployment in the cloud

• Make educated choices for cloud provider service and

deployment models

Course ContentThe CCSK training provides an overview of cloud comput-

ing and its security issues and opportunities. It will therefore

benefit IT Management as well as security experts.

The training is designed to prepare you for taking the CCSK

exam, which you can do after the course in the comfort of your

own office or home. Our trainers will also cover projects and

cases from the real world, in order to guarantee an optimal

retention.

The Cloud Security Alliance has developed a widely adopted

catalog of security best practices, the “Security Guidance for

Critical Areas of Focus in Cloud Computing, V3.0“. In addi-

tion, the European Network and Information Security Agency

(ENISA) whitepaper “Cloud Computing: Benefits, Risks and

Recommendations for Information Security” is an important

contribution to the cloud security body of knowledge. The

Certificate of Cloud Security Knowledge (CCSK) provides

evidence that an individual has successfully completed an ex-

amination covering the key concepts of the CSA guidance and

ENISA whitepaper.

The three day course also covers practical work, lab exercis-

es on participant laptops, and discussion of participant cases

and questions.

Meet Your Expert Course Leader

Tel: +971 4 2955581 www.isharaonline.com/ccsk Email: [email protected]

CCSK Training

Course Overview

Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]

Crowne Plaza, Nairobi, KenyaSeptember 29 - October 01, 2015 Crowne Plaza, Nairobi - Kenya

December 1 - 3. 2015 December 1 - 3, 2015Crowne Plaza, Nairobi, Kenya

June 30 - July 1 2016Hotel Intercontinental, Nairobi

DAY 1DAY 1On the first day of the CCSK, participants cover all major aspects of cloud security

DAY 1On the first day of CCSK, participants cover all major aspects of cloud security

CSA Guidance For Cri�cal Areas of Focus in

Cloud Compu�ng V3.0 English

Domain 1: Cloud Compu�ng Architectural

Framework

-NIST Defini�on of Cloud Compu�ng

(Essen�al Characteris�cs, Cloud Service

Models, Cloud Deployment Models)

-Mul�-Tenancy

-CSA Cloud Reference Model

-Jericho Cloud Cube Model

-Cloud Security Reference Model

-Cloud Service Brokers

-Service Level Agreements

Domain 2: Governance and Enterprise Risk

Management

-Contractual Security Requirements

-Enterprise and Informa�on Risk

Management

-Third Party Management

Recommenda�ons

-Supply chain examina�on

-Use of Cost Savings for Cloud

Domain 3: Legal issues: Contracts and

Electronic Discovery

-Considera�on of cloud-related issues in

three dimensions

-eDiscovery considera�ons

-Jurisdic�ons and data loca�ons

-Liability for ac�vi�es of subcontractors

-Due diligence responsibility

-Federal Rules of Civil Procedure and

electronically stored informa�on

-Metadata

Domain 4: Compliance and Audit

Management

-Defini�on of Compliance

-Right to audit

-Compliance impact on cloud contracts

-Audit scope and compliance scope

-Compliance analysis requirements

-Auditor requirements

Domain 5: Informa�on Management and

Data Security

-Six phases of the Data Security Lifecycle

and their key elements

-Volume storage

-Object storage

-Logical vs physical loca�ons of data

-Three valid op�ons for protec�ng data

-Data Loss Preven�on

-Detec�on Data Migra�on to the Cloud

-Encryp�on in IaaS, PaaS & SaaS

-Database Ac�vity Monitoring and File

Ac�vity Monitoring

-Data Backup

-Data Dispersion

-Data Fragmenta�on

Domain 6: Interoperability and Portability

-Defini�ons of Portability and

Interoperability

-Virtualiza�on impacts on Portability and

Interoperability

-SAML and WS-Security

-Size of Data Sets

-Lock-In considera�ons by IaaS, PaaS & SaaS

delivery models

- Mi�ga�ng hardware compa�bility issues

Domain 7: Tradi�onal Security, Business

Con�nuity, and Disaster Recovery

-Four D’s of perimeter security

-Cloud backup and disaster recovery

services

-Customer due diligence related to BCM/DR

-Business Con�nuity Management/Disaster

Recovery due diligence

-Restora�on Plan

-Physical loca�on of cloud provider

Domain 8: Data Center Opera�ons

-Rela�on to Cloud Controls Matrix

-Queries run by data center operators

-Technical aspects of a Provider’s data center

opera�ons customer should understand

-Logging and report genera�on in mul�-site

clouds

Domain 9: Incident Response

-Factor allowing for more efficient and

effec�ve containment and recovery in a

cloud

-Main data source for detec�on and

analysis of an incident

-Inves�ga�ng and containing an incident in

an Infrastructure as a Service environment

-Reducing the occurrence of applica�on

level incidents

-How o#en should incident response tes�ng

occur

-Offline analysis of poten�al incidents

Domain 10: Applica�on Security

-iden�ty, en�tlement, and access

management (IdEA)

-SDLC impact and implica�ons

-Differences in S-P-I models

-Considera�on when performing a remote

vulnerability test of a cloud-based

applica�on

-Categories of security monitoring for

applica�ons

-En�tlement matrix

Domain 11: Encryp�on and Key Manage-

ment

-Adequate encryp�on protec�on of data in

the cloud

-Key management best prac�ces, loca�on

of keys, keys per user

-Rela�onship to tokeniza�on, masking,

anonymiza�on and cloud database controls

Domain 12: Iden�ty, En�tlement, and Ac-

cess Management

-Rela�onship between iden��es and

a%ributes

-Iden�ty Federa�on

-Rela�onship between Policy Decision Point

(PDP) and Policy Enforcement Point (PEP)

-SAML and WS-Federa�on

-Provisioning and authorita�ve

Domain 13: Virtualiza�on

-Security concerns for hypervisor architec-

ture

-VM guest hardening, blind spots, VM

Sprawl, data comingling, instant-on gaps

-In-Mo�on VM characteris�cs that can

create a serious complexity for audits

-How can virtual machine communica�ons

bypass network security controls

-VM a%ack surfaces

-Compartmentaliza�on of VMs

Domain 14: Security as a Service

-10 categories

-Barriers to developing full confidence in

security as a service (SECaaS)

-When deploying Security as a Service in a

highly regulated industry or environment,

what should both par�es agree on in

advance and include in the SLA

-Logging and repor�ng implica�ons

-How can web security as a service be

deployed

-What measures do Security as a Service

providers take to earn the trust of their

customers

ENISA Cloud Compu�ng: Benefits, Risks

and Recommenda�ons for Informa�on

Security

-Isola�on failure

-Economic Denial of Service

-Licensing Risks

-VM hopping

-Five key legal issues common across all

scenarios

-Top security risks in ENISA research

-OVF

-Underlying vulnerability in Loss of

Governance

-User provisioning vulnerability

-Risk concerns of a cloud provider being

acquired

-Security benefits of cloud

-Risks R.1 – R.35 and underlying vulner-

abili�es

-Data controller vs data processor

defini�ons

-in Infrastructure as a Service (IaaS), who is

responsible for guest systems monitoring

CCSK Key Examina�on ConceptsCSA Guidance For Cri�cal Areas of Focus in Cloud Compu�ng V3.0 English

Tel: +971 4 2955581 www.isharaonline.com/ccsk Email: [email protected]

Certificate of Cloud Security Knowledge March 31 - April 02, 2015 September 29 - October 01, 2015

Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]

December 1 - 3, 2015

Registration Form

Cancellation Policy If you are unable to attend this event, you may send a substitute delegate in your place at no additional cost. Please advise us of any substitutions as

soon as possible. If this is not suitable 20% service charge will be payable. Alternatively, you may transfer your registration to another event. A 10%

service fee may apply. Should you wish to cancel your registration, please notify us in writing as soon as possible and a credit note will be issued valid

for use towards any future events. A 10% service fee may apply and does not provide refunds for cancellation

Re

gis

tra

!o

n I

nfo

rma

!o

n

Personal Details

Delegates Full Name E mail

1st

2nd

3rd

4th

Au

tho

risa

!o

n

Authorisa!on Manager Details:

Contact Person Name: Designa!on:

Organisa!on Name:

Address:

PO Box:

Mobile :

Authorised Signature: Email:

Fax this form to : +971 4 2948486 Please call us if you require any assistance on +971 4 2955581 , Mobile +971 50 1555684

Pa

ym

en

t D

eta

ils

Please Note: Payment is required prior to a"ending this event Payment Informa!on Training Venue

Electronic Fund Transfer

Cheque (payable to ishara consultants)

Credit Card

Cash

Purchase Order No:

Please transfer the Fee to:

ISHARA CONSULTANTS

BANK : Emirates NBD

ACCOUNT #: 101-13139241-01

DEIRA BRANCH , DUBAI - UAE

SWIFT CODE: EBILAEAD

IBAN: AE580260001011313924101

JW Marriott Hotel Deira, Dubai - UAE

7 * : )Se

nd

To

TOTAL US $

Tel:+971 4 2955581 Fax:+971 4 2948486 www.isharaonline.com/ccsk Email: [email protected]

Designa!on

PO Box :1420

Dubai - UAE

Mail Email PhoneFax

+971 4 2955581+971 4 2948486 [email protected]

We highly recommend you secure your room reservation at the earliest to avoid last minute inconvenience.

Tel: +971 4 6077802 Fax: +971 4 6077 011

Zip Code: City: Country:

Tel: Fax:

Certificate of Cloud Security Knowledge March 31 - April 02, 2015

JW Marriott Dubai Hotel - Dubai, UAE

Registration fee for 3 days per participant US $ 2400/- Group Discounts Available:- 3 – 4 people: 10% , 5 – +++ people: 15%

Note: Course Materials, Certificate , Lunch & Refreshments are included.

Conditions: Group Discounts apply for bookings made simultaneously and on one invoice only

Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]

Crown Plaza, HotelKenya Road, Upper Hill Nairobi, Kenya+254 20 2746000

Crown Plaza Hotel, Kenya Road, Upper Hill, Nairobi, Kenya +254 20 274 6000

Account No. 8702012975100Name: Managecom Systems LtdStandard Chartered BankKenyatta AvenueSwift Code: SCBLKENXAXXXNAIROBI

Electronic Fund Transfer

Cheque (payable to Managecom Systems)

Purchase Order

Cash

September 29 - October 01, 2015 Crown Plaza Hotel, Nairobi - Kenya

Registration Form

Registration Form

Crowne Plaza, Nairobi, Kenya

Crowne Plaza Hotel, Nairobi, Kenya +254 20 274 6000

December 1 - 3, 2015Crowne Plaza, Nairobi, Kenya

Certificate of Cloud Security Knowldge

June 30 - July 1 2016Hotel Intercontinental, Nairobi, KenyaHotel Intercontinental, Nairobi, Kenya

3Registration fee per participant: USD 2400

Hotel Intercontinental Nairobi, Kenya +254 20 320 0000