CCSE: Certified Cloud Security Engineer

Course Information

Course Name

CCSE: Certified Cloud Security Engineer

Exam code

312-40

Duration

5 Days

Certification

Certified Cloud Security Engineer (CCSE)

 Overview

The Certified Cloud Security Engineer (C|CSE) is a multi-cloud security certification program crafted by industry experts. It offers a holistic understanding of cloud security and empowers cybersecurity professionals to apply practical skills in their work.
With our unique approach, the CICSE course curriculum is designed to match the latest security tools and techniques for the AWS, Azure, and GCP platforms, combined with a vendor-neutral cloud environment. This makes the program a perfect blend of vendor-neutral training topics with vendor-specific instruction and performance labs, offering cybersecurity professionals a well-rounded and unbiased learning experience.

 Audience Profile

EC-Council’s Certified Cloud Security Engineer (C|CSE) course is curated by cloud security professionals in association with renowned subject matter experts to deliver a mix of vendor-neutral and vendor-specific cloud security concepts. The vendor-neutral concepts focus on cloud security practices, technologies, frameworks, and principles. In contrast, the vendor-specific materials deliver the practical skills that are needed to configure specific platforms, such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). This offers candidates a well-balanced mix of theoretical and practical skills. In addition, advanced topics also cover modules on securing the cloud infrastructure by implementing regulations and standards to maintain security. EC-Council’s cloud security course is mapped to the real-time job roles and responsibilities of cloud security professionals and is ideal for beginners as well as experienced cybersecurity professionals.

• Network Security: Administrator/Engineer/Analyst

• Cybersecurity: Engineer/Analyst

• Cloud: Administrator/Analyst/Engineer

• InfoSec professionals

• CND Certified professionals

• OR any other role that involves network/cloud administration, management, and operations

 Prerequisites

• Have working knowledge in network security management

• Basic understanding of cloud computing concepts

• You will need an account (preferably, a new free tier account) on AWS, Azure, and GCP cloud services to perform labs

 At Course Completion

• Plan, implement, and execute cloud platform security for an organization.

• Securely access cloud resources through identity and access management (IAM).

• Evaluate and control organizational cloud network architecture by

• integrating various security controls the service provider offers.

• Evaluate cloud storage techniques and threats on data stored in the cloud and understand how to protect cloud data from attacks.

• Implement and manage cloud security on various cloud platforms, such as AWS, Azure, and GCP.

• Understand the shared responsibility model of the service provider.

• Evaluate various cloud security standards, compliance programs, and features offered by AWS, Azure, and GCP, and perform cloud computing security audits.

• Implement various threat detection and response services provided by Azure, AWS, and GCP to identify threats to an organization’s cloud services.

• Evaluate and mitigate security risks, threats, and vulnerabilities in a cloud platform.

• Integrate best practices to secure cloud infrastructure components (network, storage and virtualization, and management).

• Secure organizational cloud applications by understanding the secure software development lifecycle of cloud applications and by implementing additional security controls to enhance the security of hosted cloud applications.

• Design and implement a GRC framework, a cloud incident response plan, and a business continuity plan for cloud services.

• Utilize the security services and tools provided in Azure, AWS, and GCP to secure the organizational cloud environment.

• Understand the legal implications associated with cloud computing to protect organizations.

• Implement operational controls and standards to build, operate, manage, and maintain the cloud infrastructure.

• Understand and implement security for private, multi-tenant, and hybrid cloud environments.

 Course Outline

Module 1: Introduction to Cloud Security

In this module, you will be presented with the core concepts of cloud computing, cloud service models, and cloud-based threats and vulnerabilities. The module highlights service provider components, such as evaluation and the shared security responsibility model, that are essential to configuring a secure cloud environment and
protecting organizational resources.

Module 2: Platform and Infrastructure Security in the Cloud

This module explores the key components and technologies that form a cloud architecture and how to secure multi-tenant, virtualized, physical, and logical cloud components. This module demonstrates configurations and best practices for securing physical data centers and cloud infrastructure using the tools and techniques provided by Azure, AWS, and GCP

Module 3: Application Security in the Cloud

The focus of this module is securing cloud applications and explaining secure software development lifecycle changes. It explains the multiple services and tools for application security in Azure, AWS, and GCP.
Module 4: Data Security in the Cloud

This module covers the basics of cloud data storage, its lifecycle, and various controls for protecting data at rest and data in transit in the cloud. It also addresses data storage features and the multiple services and tools used for securing data stored in Azure, AWS, and GCP.

Module 5: Operation Security in the Cloud

This module encompasses the security controls essential to building, implementing, operating, managing, and maintaining physical and logical infrastructures for cloud environments and the required services, features, and tools for operational security provided by AWS, Azure, and GCP.

Module 6: Penetration Testing in the Cloud

This module demonstrates how to implement comprehensive penetration testing to assess the security of an organization’s cloud infrastructure and reviews the required services and tools used to perform penetration testing in AWS, Azure, and GCP.

Module 7: Incident Detection and Response in the Cloud

This module focuses on incident response (IR). It covers the IR lifecycle and the tools and techniques used to identify and respond to incidents; provides training on using SOAR technologies; and explores the IR capabilities provided by AWS, Azure, and GCP.

Module 8: Forensics Investigation in the Cloud

This module covers the forensic investigation process in cloud computing, including various cloud forensic challenges and data collection methods. It also explains how to investigate security incidents using AWS, Azure, and GCP tools.

Module 9: Business Continuity and Disaster Recovery in the Cloud

This module highlights the importance of business continuity and disaster recovery planning in IR. It covers the backup and recovery tools, services, and features provided by AWS, Azure, and GCP to monitor business continuity issues.

Module 10: Governance, Risk Management, and Compliance in the Cloud

This module focuses on the various governance frameworks, models, and regulations (ISO/IEC 27017, HIPAA, and PCI DSS) and the design and implementation of governance frameworks in the cloud. It also addresses cloud compliance frameworks and elaborates on the AWS, Azure, and GCP governance modules.

Module 11: Standards, Policies, and Legal Issues in the Cloud

This module discusses standards, policies, and legal issues associated with the cloud. It also covers the features, services, and tools needed for compliance and auditing in AWS, Azure, and GCP. 

All EC-Council certification courses are conducted by certified trainers from Iverson.

Digital Methods acts as the official training partner and assists with program consultation, registration, coordination, scheduling, and administrative arrangements to ensure a smooth and professionally managed training experience.