Autoplay
Autocomplete
Speed
Previous Lecture
Complete and Continue
CASA: Cloud and Security Architecture v4
Preparation
Welcome to Cloud and Security Architecture (CASA)
Teachable platform tips
Meet your instructor
Initial survey: where do you come from, where do you want to go?
Don't study alone, many people want to help you!
Pre-class v4 AWS setup instructions
CSA Cloud Security Guidance document
ENISA Cloud Computing Security Risk Assessment
CCSK by module and by domain
The big WHY of cloud computing
CCSK Official Student Handbook and slide deck
A bit of relaxation
Preparation for online training
5 day online program
Online training sessions on Adobe Connect - date and time schedule
Tips for online sessions: tests and sound
Tools for online training, offline study and labs
Introduction - background refresher
Stuff you should know before you begin studying
Networking 101
VLAN
Basics of DNS
Understand public and private keys
Data storage background
NAS, SAN and storage networks
Containers and Docker
Organization of IT services
Day 1 starting up
Classroom training - Pitch your neighbour
Virtual classroom - Introduction into the CCSK sprint sessions
Day 1 Section 1 Introduction and Architecture
Cloud Computing is changing all jobs in IT
CCSK Official Module 1
The AWS story
Demo video: getting started on AWS EC2 (8:53)
A hybrid IT supply chain example (3:55)
What is cloud computing? Essential characteristics.
Service models
Virtualization versus cloud (2:41)
Activity: Service models
Deployment and private cloud
AWS Isolation features drilldown (3:48)
Hybrid cloud definition
Summary CCSK D1 Architecture (3:06)
Quiz CCSK Domain 1
More Domain 1 test questions
Reading guide section 1
Lab 1 Core account security
Links to day 1 live session and recordings
Section 1 Extra material beyond CCSK exam
Cloud concepts reference documents
Cloud brokers (and the business model canvas)
Bonus course: Cloud business value
Courseware on the major cloud providers
20 years of Amazon's journey - a case study
Section 2 Infrastructure Security
CCSK Official Module 2
Cloud infrastructure (15:57)
Cloud Saas/Paas architecture (10:51)
Types of PaaS (8:57)
Summary D7 Infrastructure Security (2:36)
Summary D8 Virtualization and Containers
Summary D6 Management Plane and Business Continuity
CCSKv4 Domain 7 test questions
CCSKv4 Domain 8 test questions
CCSKv4 Domain 6 test questions
Reading guide section 2
Lab 2 IAM and monitoring in-depth
Lab 3 Network and instance security
Links to day 2 recordings
Section 2 Extra material beyond CCSK exam
Software defined networking (SDN) (8:52)
Interoperability and Portability
Lab: Your first VM on OpenStack (Ref 06)
OpenStack Security Guide
Public cloud provider comparison: names for services
A deeper dive into AWS networking
Lab: infrastructure hardening to the next level
Gartner on Infrastructure security (2016)
Docker, Containers and Container Security (23:09)
Section 3 Risk and Governance
5 elements of cloud security (5:11)
CCSK Official Module 3
Risk and IT security
Governance and enterprise risk management
Summary D2 Governance and ERM
CCSKv4 Domain 2 test questions
Activity D3: legal roles
Activity D3: legal roles - answer unit
Service Agreements
Data protection in the EU (GDPR) (1:21)
Summary D3 Legal, Contracts and E-discovery
CCSKv4 Domain 3 test questions
Audit and Compliance
Summary D4 Compliance and Audit Management
CCSKv4 Domain 4 test questions
CCM AND CAIQ overview
Summary CCM & CAIQ
CCSKv4 CCM test questions
ENISA top risks
ENISA summary of 35 risks
Summary ENISA
CCSKv4 Domain ENISA questions
Reading guide section 3
CCM Cloud Controls Matrix download
Lab 6 Risk and provider assessment
Links to day 3 recordings
Section 3 Extra material beyond CCSK exam
SaaS security, with examples, and more podcasts
SaaS security in 2020
Cloud Governance Resources (5:05)
Cloud migration strategies and their impact on security and governance
A pragmatic perspective on the GDPR
CSA Security, Trust & Assurance Registry (STAR)
Bonus course: CAIQ, CCM and STAR
The Notorious 'Right to Audit'
Section 4 Data and Application Security
CCSK Official Module 4 (extended)
Data protection
Summary D11 Data Security and Encryption
CCSKv4 Domain 11 questions
Data Security Lifecycle
Summary D5 Information Governance
CCSKv4 Domain 5 questions
CCSK Official Module 5
Application security
Summary D10 Application security
CCSKv4 Domain 10 questions
Federated Identity Management
Entitlements
Summary D12 Identity, Entitlement and Access Management
CCSKv4 Domain 12 questions
Reading guide section 4
Lab 4 Encryption and storage security
Lab 5 Application security and federation
Links to day 4 recordings
Section 4 Extra material beyond CCSK exam
The Capital One breach - case study
Data Security resources
Identity management resources
Encryption (key) management steps
PEP, PDP and XACML
A sketch of the continous deployment toolchain (3:52)
Lab: API management with Zapier (Ref 31)
Security in the software supply chain
Lab & Demo: Continuous deployment (Ref 35) (4:23)
Google Cloud Function full cloud native example
Section 5 Cloud Security Operations
CCSK Official Module 6
Security as a Service
Summary D13 SecaaS
CCSKv4 Domain 13 questions
Private cloud example: solvency
Incident response
Summary D9 Incident Response
CCSKv4 Domain 9 questions
Domain 14 Related Technologies
Summary D14 Related Technologies
Reading guide section 5
CCSKv4 Domain 14 questions
Links to day 5 recordings
Section 5 Extra material beyond CCSK exam
Incident response resources
Lab: State of cloud (Ref 70)
How the NSA hacks you and what you can do about it
Hybrid cloud and migration architectures
Provider specific attack approaches
Wrap up and exam preparation
Wrapping up: reviewing the course
Exam preparation guide
ENISA Study guide
Abbreviations
Official CCSK exam preparation guide & FAQ
Answer key to the questions
More test questions
As you do the exam (including exam taker comments)
Need CPE points or a certificate of completion?
After your cloud and security architecture course
Additional resources
More research done by the CSA
CCSK versus CCSP
Frameworks and overviews
Data storage background
Lecture content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock