certified-cloud-security-engineer-course

EC-Council’s Certified Cloud Security Engineer (C|CSE) course is curated by cloud security professionals in association with renowned subject matter experts to deliver a mix of vendor-neutral and vendor-specific cloud security concepts offering candidates a well-balanced mix of theoretical and practical skills. This program is mapped to the real-time job roles and responsibilities of cloud security professionals and is ideal for beginners as well as experienced cybersecurity professionals.

What is Cloud Security, and why is it Important?

Enterprise IT spending on public cloud technologies is expected to jump from under 17% of expenditures in 2021 to over 45% by 2026 (Gartner, 2021). According to the same report, the public cloud service market is expected to reach USD 482 billion by the end of 2022. Cloud infrastructures facilitate seamless storage and data exchange, enhance productivity and reliability, and reduce operational and overhead costs for organizations. Despite these benets, migrating to the cloud can expose enterprises to a variety of security threats, including data loss, unsecured APIs, and data breaches. These threats have increased in recent years, due in part to the use of public clouds to store enterprises’ critical client and business data. With a growing number of enterprises shifting to the cloud, security concerns are at an all-time high. Cloud security is the practice of protecting cloud-based infrastructure, data, and applications. It is a series of principles, methodologies, and technologies designed to control and secure cloud environments.

Why Choose C|CSE? and Benefits of C|CSE

C|CSE is a unique course that stands apart from other cloud computing programs.

  • Offers comprehensive knowledge and practical learning of security practices, tools, and techniques used to congure widely used public cloud providers such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP)
  • Enables you to learn the kills required in real-world threat scenarios from industry experts
  • Plays an active role in enhancing your organization’s security posture by teaching you how to plan, configure, implement, and maintain a secure cloud environment
  • Demonstrates how to perform cloud computing security audits and penetration testing to help organizations comply with the standards, policies, procedures, and regulations governing cloud environments
  • Provides a simulated environment
    with over 50 complex labs to
    equip you with skills that matter
    and ensure job readiness
  • Is mapped with real-time job
    roles and responsibilities of
    cloud security professionals

When Hackers Are SMART Investigators Need To Be SMARTER.

Certified Cloud Security Engineer (CCSE)
Course Outline

Module 01 Introduction to Cloud Security

  • Understand Cloud Computing Fundamentals
  • Understand Cloud Security Objectives and Issues
  • Understanding Cloud Security Insights
  • Evaluate CSPs for Security before Consuming a Cloud Service
  • Discuss Security Shared Responsibility Model in Amazon Cloud (AWS)
  • Discuss Security Shared Responsibility Model in Microsoft Azure Cloud
  • Discuss Security Shared Responsibility Model in Google Cloud Platform (GCP)

In this module, you will be presented with the core concepts of cloud computing, cloud service models, and cloud-based threats and vulnerabilities. The module highlights service provider components, such as evaluation and the shared security responsibility model, that are essential to configuring secure cloud
environment and protecting organizational resources.

Module 02: Platform and Infrastructure Security in Cloud

  • Understand Cloud Platform and Infrastructure
  • Understand the Risks and Threats Associated with Cloud Platform and Infrastructure
  • Learn how to Secure the Key Components of Cloud Platform and Infrastructure
  • Learn how to Design a Secure Data Center in Cloud
  • Understand Cloud Platform and Infrastructure Security in AWS
  • Learn how to Implement Cloud Platform and Infrastructure Security in AWS
  • Understand Cloud Platform and Infrastructure Security in GCP
  • Learn how to Implement Cloud Platform and Infrastructure Security in Google
  • Understand Cloud Platform and Infrastructure Security in Microsoft Azure
  • Learn to Implement Cloud Platform and Infrastructure Security in Microsoft Azure

This module explores the key components and technologies that form a cloud architecture and how to secure multi-tenant, virtualized, physical, and logical cloud components. This module demonstrates configurations and best practices for securing physical data centers and cloud infrastructures using the tools and techniques provided by Azure, AWS, and GCP.

Module 03 Application Security in Cloud

  • Understand Cloud Application Security
  • Discuss cloud application security risks
  • Understand Secure Software Development Lifecycle (SSDLC) of Cloud Applications
  • Understand DevOps and Continuous Integration/ Continuous Deployment (CI/CD)
  • Discuss cloud application security controls
  • Understand Application Security Features in AWS
  • Learn How to Implement Application Security in AWS
  • Understand Application Security Features in Azure
  • Learn How to Implement Application Security in Azure
  • Understand Application Security Features in GCP
  • Learn How to Implement Application Security in GCP

The focus of this module is securing cloud applications and explaining secure software development lifecycle changes. It explains the multiple services and tools for application security in Azure, AWS, and GCP.

Module 04 Data Security in Cloud

  • Understand Data Security in Cloud
  • Discuss cloud data storage fundamentals
  • Understand the cloud storage architecture and life cycle phases
  • Evaluate the risks, attacks, and issues in cloud data storage
  • Understand data security strategies and technologies in the cloud
  • Discuss Information Rights management Systems
  • Discuss Data retention and archiving strategies
  • Discuss Storage and Analysis of Data events
  • Understand storage services in Amazon Webservices (AWS)
  • Learn how to implement data security in Amazon Webservices (AWS)
  • Understand storage services in Google Cloud Platform (GCP)
  • Learn how to implement data security in Google Cloud Platform (GCP)
  • Understand storage services in Microsoft Azure
  • Learn how to implement data security in Microsoft Azure

This module covers the basics of cloud data storage, its lifecycle, and various controls for protecting data at rest and data in transit in the cloud. It also addresses data storage features and the multiple services and tools used for securing data stored in Azure, AWS, and GCP.

Module 05 Security Operations in Cloud

  • Discuss cloud security operations
  • Understand elements (standards and methods) in cloud data center physical/logical Operations
  • Learn Security Operations to Build Cloud Infrastructure
  • Learn How to Perform Security Operations for Cloud Infrastructures
  • Learn Security Operations to Manage Cloud Infrastructure
  • Discuss Security Configurations Management for Cloud Infrastructure
  • Learn to Monitor Security Operations for Cloud Infrastructure
  • Understand security operations in Microsoft Azure
  • Learn to implement security operations in Microsoft Azure
  • Understand security operations in Amazon Webservices (AWS)
  • Learn to implement security operations in Amazon Webservices (AWS)
  • Understand security operations in Google Cloud Platform (GCP)
  • Learn to implement security operations in Google Cloud Platform (GCP)

This module encompasses the security controls essential to building, implementing, operating, managing, and maintaining physical and logical infrastructures for cloud environments and the required services, features, and tools for operational security provided by AWS, Azure, and GCP.

Module 06: Penetration Testing in Cloud

  • Understand the scope of cloud penetration testing
  • Learn generic penetration testing steps in the cloud
  • Learn AWS-specific penetration testing steps
  • Learn Azure-specific penetration testing steps
  • Learn GCP-specific penetration testing steps

This module demonstrates how to implement comprehensive penetration testing to assess the security of an organization's cloud infrastructure and reviews the required services and tools used to perform penetration testing in AWS, Azure, and GCP.

Module 07: Incident Response in Cloud

  • Understand Cloud Incident Response
  • Understand Cloud Incident Response Lifecycle
  • Understand How SOAR Accelerates Incident Response
  • Discuss Security Incident Response in AWS
  • Discuss AWS Investigation and Detection Tools
  • Discuss Security Incident Response in Microsoft Azure Cloud
  • Discuss Security Incident Response in Google Cloud Platform (GCP)

This module focuses on incident response (IR). It covers the IR lifecycle and the tools and techniques used to identify and respond to incidents; provides training on using SOAR technologies; and explores the IR capabilities provided by AWS, Azure, and GCP.

Module 08 Forensic Investigation in Cloud

  • Discuss cloud forensics
  • Learn how to investigate security incidents in Amazon Web Services (AWS)
  • Learn how to investigate security incidents in Microsoft Azure
  • Learn how to investigate security incidents in Google Cloud Platform (GCP)

This module covers the forensic investigation process in cloud computing, including various cloud forensic challenges and data collection methods. It also explains how to investigate security incidents using AWS, Azure, and GCP tools.

Module 09: Business Continuity and Disaster Recovery in Cloud

  • Discuss Cloud Disaster Recovery and Business Continuity
  • Learn to Design Disaster Recovery and Business Continuity in Cloud
  • Learn to Architect Recovery and Resilience in AWS
  • Learn to Implement Recovery and Resilience in AWS
  • Understand Business Continuity and Disaster Recovery in Microsoft Azure
  • Learn Disaster Recovery Configurations in Azure
  • Learn to Implement BC/DR with Azure SQL Database
  • Learn to Configure BCDR for Azure Stack Edge VPN
  • Understand Various Disaster Recovery Scenarios in Azure
  • Learn to Implement BCDR in Azure
  • Discuss Azure Partner Solutions for BCDR
  • Discuss BC/DR in Google Cloud Platform (GCP)
  • Discuss GCP Resources for Disaster Recovery (DR) and Business Continuity Plan (BCP)
  • Understand Disaster Recovery for Data in GCP
  • Understand Disaster Recovery for Applications in GCP
  • Learn to Architect DR for Cloud Infrastructure Outages
  • Learn to Implement BCDR in Google Cloud Platform (GCP)
  • Discuss Partners Solutions for Implementing BCDR in GCP

This module highlights the importance of business continuity and disaster recovery planning in IR. It covers the backup and recovery tools, services, and features provided by AWS, Azure, and GCP to monitor business continuity issues.

Module 10: Governance, Risk management, and Compliance in Cloud

  • Understand GRC in the Cloud
  • Discuss Cloud Governance
  • Learn to Implement and Maintain Governance for Cloud Computing
  • Discuss Risk management in the Cloud
  • Discuss Risk Management Framework and Process in the Cloud
  • Understand Cloud Compliance
  • Learn to Implement GRC in the cloud
  • Understand GRC in Amazon Web Services (AWS)
  • Understand GRC in Azure
  • Understand GRC in Google Cloud Platform (GCP)

This module focuses on the various governance frameworks, models, and regulations (ISO/IEC 27017, HIPAA, and PCI DSS) and the design and implementation of governance frameworks in the cloud. It also addresses cloud compliance frameworks and elaborates on the AWS, Azure, and GCP governance modules.

Module 11: Standards, Policies and Legal Issues in Cloud

  • Understand Laws Impacting Cloud Computing
  • Learn the Cloud Computing Standards
  • Describe the Legal Frameworks for Data Protection and Privacy
  • Learn Audit Planning and Reporting in the Cloud
  • Describe Outsourcing and Vendor Management
  • Understand Standards, Policies, and Auditing in AWS
  • Understand Standards, Policies, and Auditing in Azure
  • Understand Standards, Policies, and Auditing in GCP

This module discusses standards, policies, and legal issues associated with the cloud. It also covers the features, services, and tools needed for compliance and auditing in AWS, Azure, and GCP.