This course on cloud and security architecture is strongly focussed on CCSK (Certificate of Cloud Security Knowledge) and in particular the CCSK domains as described in the CSA guidance and the ENISA document.

The CSA guidance was written by a committee, and its structure is not the most productive one from a learning perspective. That is why in this course a different structure has been applied.

Below is the sequence that we will go through, in domains per section. Depending on the delivery format this will be mapped onto multiple days of training.

Introduction and infrastructure

• 1: Architecture

Infrastructure

• 13: Virtualization
• 7: Traditional Security, Business Continuity, and Disaster Recovery
• 8: Data Center Operations

Data, Risk and Process

• 5: Information lifecycle
• 6: Portability and interoperability
• 9: Incident response
• ENISA doc

Application Software

• 11: Encryption and Key Management
• 10: Application Security
• 12: Identity and Access Management
• 14: Security as a Service

Governance

• 2: Governance and Enterprise risk
• 3: Legal and Electronic Discovery
• 4: Compliance and Audit
• ENISA doc