Course Outline

Domain 1: Architectural Concepts and Design Requirements

  • Demonstrate a comprehensive understanding of cloud computing concepts for government.
  • Provide an overview of the cloud reference architecture for government operations.
  • Understand security principles specific to cloud computing for government applications.
  • Grasp design principles for secure cloud computing in government environments.
  • Identify trusted cloud services suitable for government use.

Domain 2: Cloud Data Security

  • Understand the cloud data lifecycle, following guidance from the Cloud Security Alliance (CSA) for government agencies.
  • Design and implement secure cloud data storage architectures for government systems.
  • Develop and apply robust data security strategies for government data.
  • Implement data discovery and classification technologies for government datasets.
  • Design and enforce jurisdictional data protections for Personally Identifiable Information (PII) in government contexts.
  • Create and implement data rights management solutions for government use.
  • Plan and execute data retention, deletion, and archiving policies for government data.
  • Ensure auditability, traceability, and accountability of data events within government systems.

Domain 3: Cloud Platform and Infrastructure Security

  • Understand the components of cloud infrastructure for government operations.
  • Analyze risks associated with cloud infrastructure in government environments.
  • Design and plan security controls tailored to government needs.
  • Develop disaster recovery and business continuity management strategies for government agencies.

Domain 4: Cloud Application Security

  • Recognize the importance of training and awareness in application security for government personnel.
  • Understand cloud software assurance and validation processes for government applications.
  • Utilize verified secure software in government systems.
  • Comprehend the software development life-cycle (SDLC) process as it applies to government projects.
  • Apply a secure SDLC to government application development.
  • Understand the unique architecture of cloud applications for government use.
  • Design effective identity and access management (IAM) solutions for government applications.

Domain 5: Operations

  • Support the planning process for data center design in government environments.
  • Implement and build physical infrastructure for cloud environments in government agencies.
  • Operate physical infrastructure for cloud environments in government settings.
  • Manage physical infrastructure to ensure reliability and security in government operations.
  • Build logical infrastructure for cloud environments in government contexts.
  • Operate logical infrastructure to support government cloud services.
  • Manage logical infrastructure to maintain compliance and efficiency in government systems.
  • Ensure compliance with regulations and controls (e.g., ITIL, ISO/IEC 20000-1) for government operations.
  • Conduct risk assessments for both logical and physical infrastructure in government environments.
  • Understand the collection, acquisition, and preservation of digital evidence for government investigations.
  • Manage communication with relevant parties to ensure effective governance and accountability in government operations.

Domain 6: Legal and Compliance

  • Understand legal requirements and unique risks associated with cloud environments in government settings.
  • Address privacy issues, including jurisdictional variations, for government data.
  • Comprehend the audit process, methodologies, and required adaptations for a government cloud environment.
  • Understand the implications of cloud services on enterprise risk management for government agencies.
  • Grasp the principles of outsourcing and cloud contract design for government contracts.
  • Execute effective vendor management practices in government procurement processes.

Requirements

Recommended Prerequisites: Completion of the Certified Information Systems Security Professional (CISSP) certification for government personnel.

 35 Hours

Number of participants


Price per participant

Runs with a minimum of 4 + people. For 1-to-1 or private group training, request a quote.

Testimonials (3)

Azure web security, it was more what i was expecting, the penetration testing i would never do in my job

Toby
Course - Application Security in the Cloud

The trainer was extremely knowledgable and helpful. While walking through the exercises, I wasn't rushed and was allowed to make mistakes (to a point) and then help was given to correct to them where needed.

Tim Wilkes - Gamma
Course - OpenStack Security

The way in which he explained to us during the 2 days and his way of being, which makes learning enjoyable.

Victor Miguel Prado Saster - Blue Indico Investments, S.L.U.
Course - CCSK - Certificate of Cloud Security Knowledge - Plus

Upcoming Courses

Certified Cloud Security Professional

2026-02-05 09:30
35 hours
VA, Reston - Reston Town Center I
$ 6757 (Online)
$ 9757 (Classroom)

Certified Cloud Security Professional

2026-02-19 09:30
35 hours
VA, Richmond - Sun Trust Center Downtown
$ 6757 (Online)
$ 9757 (Classroom)

Certified Cloud Security Professional

2026-03-05 09:30
35 hours
Jacksonville, FL – Deerwood Park
$ 6757 (Online)
$ 9757 (Classroom)

Certified Cloud Security Professional

2026-03-19 09:30
35 hours
FL, Orlando – GAI Building
$ 6757 (Online)
$ 9757 (Classroom)

Certified Cloud Security Professional

2026-04-02 09:30
35 hours
FL, Jacksonville - Bank of America Tower
$ 6757 (Online)
$ 9757 (Classroom)

Certified Cloud Security Professional

2026-04-16 09:30
35 hours
FL, Tallahassee – Alliance Center
$ 6757 (Online)
$ 9757 (Classroom)

Related Courses

Cloud Computing Security Knowledge (CCSK) Preparation Course

 21 Hours

Cloud Computing Security Knowledge (CCSK) Preparation Course

The CCSK course is designed to provide a comprehensive understanding of security issues and best practices across various cloud computing domains. As cloud computing continues to be the predominant IT framework, this course is relevant for a wide array of IT and information security roles in virtually every organization, including those within the public sector. It is particularly recommended for IT auditors, system administrators, and security professionals with at least five years of experience.

Upon completion of this course, participants will be able to:

  • Validate their competence in cloud security gained through practical experience
  • Prepare for the CCSK certification exam
  • Demonstrate technical knowledge, skills, and abilities necessary to develop a comprehensive cloud security program aligned with global standards
  • Differentiate themselves from other candidates in the competitive cloud security job market
  • Access valuable career resources, including tools, networking opportunities, and peer collaboration
  • Protect against threats by leveraging the expertise of qualified professionals who can competently design, build, and maintain a secure cloud environment

Format of the Course

  • Interactive lectures and discussions
  • Extensive exercises and practice sessions
  • Hands-on implementation in a live-lab environment

Course Customization Options for Government

  • To request a customized training session tailored to the specific needs of government agencies, please contact us to arrange.
Read more...

Certificate of Cloud Security Knowledge

 14 Hours

Description:

This 2-day CCSK Plus course encompasses all the content from the CCSK Foundation course and builds upon it with extensive hands-on labs on the second day of training. Participants will gain practical experience by performing a series of exercises that involve securely migrating a fictional organization to the cloud. Upon completion, students will be well-prepared for the CCSK certification exam, which is sponsored by the Cloud Security Alliance. The second day of the course includes additional lectures, though the focus remains on assessing, building, and securing cloud infrastructure through hands-on exercises.

Objectives:

This two-day class begins with CCSK Basic training and continues with a second day of expanded content and practical activities designed to enhance participants' skills in cloud security.

Target Audience:

This course is tailored for security professionals but is also beneficial for anyone seeking to deepen their understanding of cloud security, particularly those working in or supporting government agencies for government operations.

Read more...

Certificate of Cloud Security Knowledge (CCSK) Foundation (CSA authorized)

 14 Hours
The CCSK Foundation course begins with an introduction to fundamental concepts, gradually advancing through all 16 domains of the CSA Security Guidance, incorporating recommendations from the European Union Agency for Network and Information Security (ENISA), and providing a comprehensive overview of the Cloud Controls Matrix. This course is officially authorized by the Cloud Security Alliance (CSA), and NobleProg serves as an accredited CSA Training Partner. The course is delivered by CSA Authorized CCSK Instructors. All participants will receive: - Official CSA CCSK Foundation course certificates - Official CCSK Foundation Student Handbooks - One CCSK exam voucher and one re-attempt exam voucher The curriculum covers the latest version of the CCSK exam, currently version 4.1, ensuring that learners are well-prepared with the most up-to-date knowledge for government and private sector applications.
Read more...

Certificate of Cloud Security Knowledge (CCSK) Plus (CSA authorized)

 21 Hours
The CCSK Plus course builds upon the foundational class by offering expanded content and a comprehensive set of hands-on activities designed to reinforce classroom learning. Students participate in a scenario that involves securely transitioning a fictional organization to the cloud, providing them with practical experience in performing tasks that are essential in real-world environments. The CCSK Plus Course includes all modules from the CCSK Foundation course, along with additional material. This is an authorized Cloud Security Alliance (CSA) course, and NobleProg serves as an official CSA Training Partner. Delivered by CSA Authorized CCSK Instructors, this course ensures that participants receive: - Official CSA CCSK Plus course certificates - Official CCSK Foundation Student Handbooks - One CCSK exam voucher and one re-attempt exam voucher The course covers the most current version of the CCSK exam, which is currently version 4.1, ensuring that it aligns with the latest standards for government and industry.
Read more...

Application Security in the Cloud

 21 Hours

Cloud adoption changes how applications are built, deployed, and operated — shifting responsibility between vendor and customer while introducing cloud-native platforms (containers, serverless, managed services) that require adapted security controls. Security must therefore address infrastructure hardening, identity and access management, data protection, secure development practices, and cloud-specific threat vectors.

This instructor-led, live training (online or onsite) is aimed at intermediate-level developers, security engineers, and IT managers who wish to gain practical, hands-on skills to secure cloud applications and their supporting infrastructure, while learning repeatable controls and assessment techniques that map to current industry frameworks and cloud provider guidance for government.

By the end of this training, participants will be able to:

  • Explain the cloud shared-responsibility model and apply it to application security decisions.
  • Harden cloud infrastructure (IaaS), secure platform services (PaaS) and evaluate SaaS configurations.
  • Apply secure coding and OWASP-based mitigation patterns to cloud-hosted applications.
  • Integrate security tooling into CI/CD pipelines (SAST/DAST/DAST/IAST/RASP) and adopt shift-left practices.

Format of the Course

  • Interactive lecture and discussion tied to live demos.
  • Hands-on labs using cloud consoles, containers, serverless functions, and CI/CD pipelines.
  • Practical exercises: secure configuration, vulnerability scanning, attack simulation, and remediation planning.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.
Read more...

Cloud Security Essentials

 21 Hours
This course is designed to equip participants with the skills necessary to implement appropriate security controls in the cloud, often utilizing automation to ensure compliance. We will start by exploring one of the most critical aspects of cloud security: Identity and Access Management (IAM). Following this, we will delve into securing cloud environments through a combination of discussions and practical, hands-on exercises that cover several key topics. These exercises are aimed at defending various cloud workloads operating in different Cloud Service Provider (CSP) models, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Functions as a Service (FaaS). This comprehensive approach ensures that participants are well-prepared to enhance security for government and other critical sectors.
Read more...

OpenStack Security

 14 Hours
The course provides practical knowledge on OpenStack and private cloud security, tailored specifically for government agencies. It begins with an introduction to the system, followed by in-depth, hands-on training on security measures for private clouds and securing OpenStack installations. Throughout the course, each core OpenStack module is thoroughly covered, enabling participants to build virtual identity, image, network, compute, and storage resources while discussing pertinent security issues. Each participant receives their own training environment featuring a complete OpenStack installation based on selected cloud architecture (e.g., storage, networking). The training can be highly customized to meet the specific needs of government clients. ### Customization Options The course can be structured to fit within a 2-day timeframe, focusing on core aspects relevant to the client's requirements. Alternatively, it can be extended to include additional topics such as administrative tasks, design considerations, networking, and troubleshooting issues related to OpenStack deployments for government use.
Read more...

Related Categories

Cloud Security
Cloud Security