Page 1
Certificate of Cloud
Security KnowledgeCSA™ Approved Training
Organised by
www.isharaonline.com/ccsk www.clubcloudcomputing.com
Tel: +971 4 2955581 www.isharaonline.com/ccsk Email: [email protected]
The audience will be experienced staff of
IT departments of medium to large organi-
zations, as well as service providers to
these.
IT Security Officer, IT Manager, Security
Consultant, Solution consultant, Presales,
IT architect , IT Risk manager, Service
managers, Compliance officers,
Managerial – Expert, CIO, CISO,
IT Auditors (internal and external),
IT Risk Management, IT Staff looking to
advance their careers. Software develop-
ers and system administrators who seek
to broaden their scope will also find the
course beneficial.
Who Should Attend?COURSE OUTLINE
CCSK – Theory and presentations
• Cloud security fundamentals
• Description of cloud computing
• All major domains in the latest Guidance document from the
Cloud Security Alliance
• Recommendations from the European Network and
• Recommendations from the Information Security Agency (ENISA).
CCSK – Practical work
• Extensive hands-on activities
• Bringing a fictional organization securely into the cloud.
• Assessing, building, and securing a cloud infrastructure
March 31 - April 02, 2015 JW Marriott Dubai Hotel - Dubai, UAE
CCSK - Continuing Professional Education (CPE) Points Program
األمن سحابة المعرفة من شهادة
September 29 - October 01, 2015 - Crown Plaza Hotel, Nairobi - Kenya
Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]
September 29 - October 01, 2015 - Crowne Plaza, Nairobi, Kenya December 1 - 3, 2015 - Crowne Plaza, Nairobi, KenyaJune 30 - July 1 2016 - Hotel Intercontinental, Nairobi, Kenya
Page 2
Dr. Peter HJ van Eijk is
one of the world’s most
experienced independent
cloud trainers. He has
delivered cloud training in
the US, Europe,
Middle-East and Asia to a
wide variety of
participants.
In the past he has worked for Deloitte Consult-
ing, IT supplier EDS, internet providers, and at
the University of Twente, where he received his
PhD in 1988.
He is a board member of the Dutch Cloud
Security Alliance Chapter.
Cloud training credentials
Peter is a certified trainer for CSA Certificate of
Cloud Security Knowledge (CCSK), CompTIA
Cloud Essentials, and Virtualization Essentials.
He was the single author of the ITpreneurs
Cloud Essentials course, and a contributor to
the Virtualization Essentials course. He contin-
ues to develop training and course material for
enhanced cloud value and reduced risk.
During the three days, theory and presentation will be alternated
with exercises that will strengthen understanding and
applicability.
day 1- Introduction to Cloud Computing
- Infrastructure Security for Cloud
- Introduction and Risk Analysis (practical exercise)
- Create and Secure a Public Cloud Instance (practical exercise)
- Evaluation, Q&A
day 2- Managing Cloud Security and Risk
- Encrypt an EBS Volume (practical exercise)
- Data Security for Cloud
- Create and Secure a Cloud Application (practical exercise)
- Securing Cloud Users and Applications
- Evaluation, Q&A
day 3- Identity and Access Management (practical exercise)
- Selecting Cloud Services
- Deploy and Secure a Private Cloud (practical exercise)
- Review, Evaluation and Test Preparation
What you will receive
• 3 days of training.
• All handouts
• Practical workbook
• After the course support
• Quizzes and sample questions
Exam
The CCSK examination is a timed, multiple choice examination
you take online at https://ccsk.cloudsecurityalliance.org.
The examination consists of 60 multiple choice questions
selected randomly from our question pool, and must be
completed within 90 minutes. A participant must correctly answer
80% of the questions to receive a passing score. Because the
exam is online, it is open book.
For candidates that fail the test, there is one retry included in the
Course TimingsCourse sessions will start each day promptly at 08:30am
and end at 16:00pm.
There will be short breaks for refreshments and lunch
will be served.
March 31 - April 02, 2015
JW Marriott Dubai Hotel - Dubai, UAE
Course ObjectiveUpon completion of this course you will be able to
• Pass the CCSK exam
• Identify and mitigate cloud specific security risks
• Conduct cloud specific risk analyses
• Understand and apply cloud computing characteristics
• Demonstrate secure application deployment in the cloud
• Make educated choices for cloud provider service and
deployment models
Course ContentThe CCSK training provides an overview of cloud comput-
ing and its security issues and opportunities. It will therefore
benefit IT Management as well as security experts.
The training is designed to prepare you for taking the CCSK
exam, which you can do after the course in the comfort of your
own office or home. Our trainers will also cover projects and
cases from the real world, in order to guarantee an optimal
retention.
The Cloud Security Alliance has developed a widely adopted
catalog of security best practices, the “Security Guidance for
Critical Areas of Focus in Cloud Computing, V3.0“. In addi-
tion, the European Network and Information Security Agency
(ENISA) whitepaper “Cloud Computing: Benefits, Risks and
Recommendations for Information Security” is an important
contribution to the cloud security body of knowledge. The
Certificate of Cloud Security Knowledge (CCSK) provides
evidence that an individual has successfully completed an ex-
amination covering the key concepts of the CSA guidance and
ENISA whitepaper.
The three day course also covers practical work, lab exercis-
es on participant laptops, and discussion of participant cases
and questions.
Meet Your Expert Course Leader
Tel: +971 4 2955581 www.isharaonline.com/ccsk Email: [email protected]
CCSK Training
Course Overview
Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]
Crowne Plaza, Nairobi, KenyaSeptember 29 - October 01, 2015 Crowne Plaza, Nairobi - Kenya
December 1 - 3. 2015 December 1 - 3, 2015Crowne Plaza, Nairobi, Kenya
June 30 - July 1 2016Hotel Intercontinental, Nairobi
DAY 1DAY 1On the first day of the CCSK, participants cover all major aspects of cloud security
DAY 1On the first day of CCSK, participants cover all major aspects of cloud security
Page 3
CSA Guidance For Cri�cal Areas of Focus in
Cloud Compu�ng V3.0 English
Domain 1: Cloud Compu�ng Architectural
Framework
-NIST Defini�on of Cloud Compu�ng
(Essen�al Characteris�cs, Cloud Service
Models, Cloud Deployment Models)
-Mul�-Tenancy
-CSA Cloud Reference Model
-Jericho Cloud Cube Model
-Cloud Security Reference Model
-Cloud Service Brokers
-Service Level Agreements
Domain 2: Governance and Enterprise Risk
Management
-Contractual Security Requirements
-Enterprise and Informa�on Risk
Management
-Third Party Management
Recommenda�ons
-Supply chain examina�on
-Use of Cost Savings for Cloud
Domain 3: Legal issues: Contracts and
Electronic Discovery
-Considera�on of cloud-related issues in
three dimensions
-eDiscovery considera�ons
-Jurisdic�ons and data loca�ons
-Liability for ac�vi�es of subcontractors
-Due diligence responsibility
-Federal Rules of Civil Procedure and
electronically stored informa�on
-Metadata
Domain 4: Compliance and Audit
Management
-Defini�on of Compliance
-Right to audit
-Compliance impact on cloud contracts
-Audit scope and compliance scope
-Compliance analysis requirements
-Auditor requirements
Domain 5: Informa�on Management and
Data Security
-Six phases of the Data Security Lifecycle
and their key elements
-Volume storage
-Object storage
-Logical vs physical loca�ons of data
-Three valid op�ons for protec�ng data
-Data Loss Preven�on
-Detec�on Data Migra�on to the Cloud
-Encryp�on in IaaS, PaaS & SaaS
-Database Ac�vity Monitoring and File
Ac�vity Monitoring
-Data Backup
-Data Dispersion
-Data Fragmenta�on
Domain 6: Interoperability and Portability
-Defini�ons of Portability and
Interoperability
-Virtualiza�on impacts on Portability and
Interoperability
-SAML and WS-Security
-Size of Data Sets
-Lock-In considera�ons by IaaS, PaaS & SaaS
delivery models
- Mi�ga�ng hardware compa�bility issues
Domain 7: Tradi�onal Security, Business
Con�nuity, and Disaster Recovery
-Four D’s of perimeter security
-Cloud backup and disaster recovery
services
-Customer due diligence related to BCM/DR
-Business Con�nuity Management/Disaster
Recovery due diligence
-Restora�on Plan
-Physical loca�on of cloud provider
Domain 8: Data Center Opera�ons
-Rela�on to Cloud Controls Matrix
-Queries run by data center operators
-Technical aspects of a Provider’s data center
opera�ons customer should understand
-Logging and report genera�on in mul�-site
clouds
Domain 9: Incident Response
-Factor allowing for more efficient and
effec�ve containment and recovery in a
cloud
-Main data source for detec�on and
analysis of an incident
-Inves�ga�ng and containing an incident in
an Infrastructure as a Service environment
-Reducing the occurrence of applica�on
level incidents
-How o#en should incident response tes�ng
occur
-Offline analysis of poten�al incidents
Domain 10: Applica�on Security
-iden�ty, en�tlement, and access
management (IdEA)
-SDLC impact and implica�ons
-Differences in S-P-I models
-Considera�on when performing a remote
vulnerability test of a cloud-based
applica�on
-Categories of security monitoring for
applica�ons
-En�tlement matrix
Domain 11: Encryp�on and Key Manage-
ment
-Adequate encryp�on protec�on of data in
the cloud
-Key management best prac�ces, loca�on
of keys, keys per user
-Rela�onship to tokeniza�on, masking,
anonymiza�on and cloud database controls
Domain 12: Iden�ty, En�tlement, and Ac-
cess Management
-Rela�onship between iden��es and
a%ributes
-Iden�ty Federa�on
-Rela�onship between Policy Decision Point
(PDP) and Policy Enforcement Point (PEP)
-SAML and WS-Federa�on
-Provisioning and authorita�ve
Domain 13: Virtualiza�on
-Security concerns for hypervisor architec-
ture
-VM guest hardening, blind spots, VM
Sprawl, data comingling, instant-on gaps
-In-Mo�on VM characteris�cs that can
create a serious complexity for audits
-How can virtual machine communica�ons
bypass network security controls
-VM a%ack surfaces
-Compartmentaliza�on of VMs
Domain 14: Security as a Service
-10 categories
-Barriers to developing full confidence in
security as a service (SECaaS)
-When deploying Security as a Service in a
highly regulated industry or environment,
what should both par�es agree on in
advance and include in the SLA
-Logging and repor�ng implica�ons
-How can web security as a service be
deployed
-What measures do Security as a Service
providers take to earn the trust of their
customers
ENISA Cloud Compu�ng: Benefits, Risks
and Recommenda�ons for Informa�on
Security
-Isola�on failure
-Economic Denial of Service
-Licensing Risks
-VM hopping
-Five key legal issues common across all
scenarios
-Top security risks in ENISA research
-OVF
-Underlying vulnerability in Loss of
Governance
-User provisioning vulnerability
-Risk concerns of a cloud provider being
acquired
-Security benefits of cloud
-Risks R.1 – R.35 and underlying vulner-
abili�es
-Data controller vs data processor
defini�ons
-in Infrastructure as a Service (IaaS), who is
responsible for guest systems monitoring
CCSK Key Examina�on ConceptsCSA Guidance For Cri�cal Areas of Focus in Cloud Compu�ng V3.0 English
Tel: +971 4 2955581 www.isharaonline.com/ccsk Email: [email protected]
Certificate of Cloud Security Knowledge March 31 - April 02, 2015 September 29 - October 01, 2015
Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]
December 1 - 3, 2015
Page 4
Registration Form
Cancellation Policy If you are unable to attend this event, you may send a substitute delegate in your place at no additional cost. Please advise us of any substitutions as
soon as possible. If this is not suitable 20% service charge will be payable. Alternatively, you may transfer your registration to another event. A 10%
service fee may apply. Should you wish to cancel your registration, please notify us in writing as soon as possible and a credit note will be issued valid
for use towards any future events. A 10% service fee may apply and does not provide refunds for cancellation
Re
gis
tra
!o
n I
nfo
rma
!o
n
Personal Details
Delegates Full Name E mail
1st
2nd
3rd
4th
Au
tho
risa
!o
n
Authorisa!on Manager Details:
Contact Person Name: Designa!on:
Organisa!on Name:
Address:
PO Box:
Mobile :
Authorised Signature: Email:
Fax this form to : +971 4 2948486 Please call us if you require any assistance on +971 4 2955581 , Mobile +971 50 1555684
Pa
ym
en
t D
eta
ils
Please Note: Payment is required prior to a"ending this event Payment Informa!on Training Venue
Electronic Fund Transfer
Cheque (payable to ishara consultants)
Credit Card
Cash
Purchase Order No:
Please transfer the Fee to:
ISHARA CONSULTANTS
BANK : Emirates NBD
ACCOUNT #: 101-13139241-01
DEIRA BRANCH , DUBAI - UAE
SWIFT CODE: EBILAEAD
IBAN: AE580260001011313924101
JW Marriott Hotel Deira, Dubai - UAE
7 * : )Se
nd
To
TOTAL US $
Tel:+971 4 2955581 Fax:+971 4 2948486 www.isharaonline.com/ccsk Email: [email protected]
Designa!on
PO Box :1420
Dubai - UAE
Mail Email PhoneFax
+971 4 2955581+971 4 2948486 [email protected]
We highly recommend you secure your room reservation at the earliest to avoid last minute inconvenience.
Tel: +971 4 6077802 Fax: +971 4 6077 011
Zip Code: City: Country:
Tel: Fax:
Certificate of Cloud Security Knowledge March 31 - April 02, 2015
JW Marriott Dubai Hotel - Dubai, UAE
Registration fee for 3 days per participant US $ 2400/- Group Discounts Available:- 3 – 4 people: 10% , 5 – +++ people: 15%
Note: Course Materials, Certificate , Lunch & Refreshments are included.
Conditions: Group Discounts apply for bookings made simultaneously and on one invoice only
Tel: +254 721 226 324 / 733 973 999 | www.managecom.co.ke/ccsk | Email: [email protected]
Crown Plaza, HotelKenya Road, Upper Hill Nairobi, Kenya+254 20 2746000
Crown Plaza Hotel, Kenya Road, Upper Hill, Nairobi, Kenya +254 20 274 6000
Account No. 8702012975100Name: Managecom Systems LtdStandard Chartered BankKenyatta AvenueSwift Code: SCBLKENXAXXXNAIROBI
Electronic Fund Transfer
Cheque (payable to Managecom Systems)
Purchase Order
Cash
September 29 - October 01, 2015 Crown Plaza Hotel, Nairobi - Kenya
Registration Form
Registration Form
Crowne Plaza, Nairobi, Kenya
Crowne Plaza Hotel, Nairobi, Kenya +254 20 274 6000
December 1 - 3, 2015Crowne Plaza, Nairobi, Kenya
Certificate of Cloud Security Knowldge
June 30 - July 1 2016Hotel Intercontinental, Nairobi, KenyaHotel Intercontinental, Nairobi, Kenya
3Registration fee per participant: USD 2400
Hotel Intercontinental Nairobi, Kenya +254 20 320 0000