CCSP - Certified Cloud Security Professional (cybersecurity) - eLearning (exam included)

- Domain and Learning Objectives
- Security Concepts
- Key Security Concepts, Defense in Depth, Due Care, and Due Diligence
- Security Controls and Functionalities
- Cloud Computing Concepts
- Business Drivers
- Scalability, Elasticity, Vendor Lock-in, and Vendor Lock-out
- Cloud Computing Concepts: Advantages
- Cloud Reference Architecture
- Cloud Computing Roles and Actors
- Cloud Service Categories: Infrastructure as a Service (IaaS)
- Cloud Service Categories: Platform as a Service (PaaS)
- Cloud Service Categories: Software as a Service (SaaS)
- Cloud Service Categories: Management
- Cloud Deployment Models: Public Cloud
- Cloud Deployment Models: Private Cloud
- Cloud Deployment Models: Hybrid Cloud
- Cloud Deployment Models: Community Cloud
- Models and Characteristics|- Comparison of Cloud Deployment Models
- Case Study: Hybrid Cloud
- Cloud Technology Roadmap
- Impact of Related Technologies
- Cryptography, Key Management, and Other Security Concepts
- Key Management
- IAM and Access Control
- Data Remanence
- Virtualization
- Cloud Computing Threats
- Design Principles of Secure Cloud Computing
- Cost-Benefit Analysis
- Evaluate Cloud Service Providers
- SOC
- IT Security Evaluation
- FIPS
- Scenario
- Key Takeaways

- Domain and Learning Objectives
- Cloud Data Life Cycle
- Cloud Data Life Cycle: Create, Store, Use, and Share
- Real-World Scenario
- Cloud Data Life Cycle: Archive
- Cloud Data Life Cycle: Destroy, Key Data Functions
- Cloud Data Storage Architectures
- Cloud Data Storage Architectures: Storage Types for IaaS
- Cloud Data Storage Architectures: Storage Types for PaaS
- Cloud Data Storage Architectures: Storage Types for SaaS
- Cloud Data Storage Architectures: Threats to Storage Types
- Real-World Scenario
- Data Security Strategies
- Real-World Scenario
- Data Security Strategies: Data Loss Prevention
- Scenario
- Data Discovery and Classification Technology

- Data Discovery and Classification Technology: Data Classification
- Data Discovery and Classification Technology: Challenges with Cloud Data
- Jurisdictional Data Protections for Personally Identifiable Information (PII)
- Privacy Acts: GDPR
- Privacy Acts: Data Protection policies
- Privacy Acts: United States
- Privacy Acts: HIPAA, FISMA, and SOX
- Jurisdictional Data Protections for PII: Responsibilities of Cloud Services
- Data Rights Management
- Data Retention, Deletion, and Archiving Policies
- Data Retention
- Data Deletion
- Real-World Scenario
- Data Archiving
- Real-World Scenario
- Legal Hold
- Auditability, Traceability, and Accountability of Data Events
- SIEM
- Chain of Custody
- Nonrepudiation
- Real-World Scenario
- Key Takeaways

- Domain and Learning objectives
- Cloud Infrastructure Components
- Network and Communications
- Management Plane and Virtualization
- Factors That Impact Datacenter Design
- Physical Design: Buy or Build
- Physical Design: Data Center Design Standards
- Physical Design: Uptime Institute
- Physical Design: Tiers
- Physical Design: Features of Tiers
- Real-World Scenario
- Environmental Design Considerations
- Connectivity
- Hypervisor and Resource Allocation
- Risks Associated with Cloud Infrastructure
- Policy, General, and Virtualization Risks
- Cloud-Specific, Legal, and Non-Cloud Specific Risks
- Cloud Attack Vectors and Compensating Controls
- Business Scenario
- Design and Plan Security Controls
- Real-World Scenario
- Plan Disaster Recovery and Business Continuity
- Real-World Scenario
- BCDR Planning Factors and Disruptive Events
- Characteristics of Cloud Infrastructure
- BCDR Strategies and Returning to Normal
- Real-World Scenario
- BCDR Creation
- BCDR Creation: Test
- Business Requirements
- BCDR Creation: Report and Revise
- Testing Types, Uptime, Availability, Activity, and Case Study
- Security Training and Awareness
- Real-World Scenario
- Key Takeaways

- Domain and Learning objectives
- Advocate Training and Awareness for Application Security
- Real-World Scenario
- Common Pitfalls
- Encryption Dependency Awareness
- Business Scenario
- Understanding Software Development Lifecycle Process
- Real-World Scenario
- Vulnerabilities and Risks
- Threat Modeling
- Real-World Scenario
- Encryption
- Sandboxing and Application Virtualization
- Federated Identity Management
- SAML Authentication
- Identity and Access Management
- Multi-Factor Authentication
- Real-World Scenario
- Cloud Access Security Broker
- Application Security Testing
- Software Supply Chain Management
- Real-World Scenario
- Key Takeaways

- Domain and Learning objectives
- Secure Configuration of Hardware: Servers
- Secure Configuration of Hardware: Storage Controllers (Part 1)
- Real-World Scenario
- Secure Configuration of Hardware: Storage Controllers (Part 2)
- Secure Configuration of Hardware: Virtual Switches
- Configuration of VM Tools
- Configuration of VM Tools: Running a Physical Infrastructure (Part 1)
- Configuration of VM Tools: Running a Physical Infrastructure (Part 2)
- Configuration of VM Tools: Running a Physical Infrastructure (Part 3)
- Configuration of VM Tools: Running a Physical Infrastructure (Part 4)

- Real-World Scenario
- Securing Network Configuration (Part 1)
- Real-World Scenario
- Clustered Hosts
- Dynamic Optimization and Clustered Storage
- Maintenance Mode and Patch Management
- Performance Monitoring
- Real-World Scenario
- Network Security Controls: Layered Security and Honeypots
- Network Security Controls: SIEM
- Log Management
- Orchestration
- Availability of Guest OS
- Operations Management (Part 1)
- Real-World Scenario
- Operations Management (Part 2)
- Risk-Management Process: Framing Risk and Risk Assessment
- Quantitative Risk Analysis
- Scenario
- Risk Response and Risk Monitoring
- Collection and Preservation of Digital Evidence
- Communication with Relevant Parties
- Real-World Scenario
- Security Operations Center
- Key Takeaways

- Domain and Learning objectives
- Case Study
- Legislative Concepts
- Intellectual Property Laws
- Case Study
- Scenario
- Acts and Agreements
- Case Study
- NERC
- Privacy Shield and Generally Accepted Privacy Principles (GAPP)
- Jurisdictional Difference in Data Privacy
- Terminologies and eDiscovery
- Forensic Requirements and PII
- Gap Analysis, SOC Reports, and Chain of Custody
- Vendor Management
- Cloud Computing Policies and Risk Attitude
- SLA
- Quality of Service
- Risk Mitigation
- Risk Management Metrics and ISO 28000:2007
- Real-World Scenario
- Key Takeaways