Certified Cloud Security Professional Training Course

Cloud Computing Security Knowledge (CCSK) Preparation Course

The CCSK course is designed to provide a comprehensive understanding of security issues and best practices across various cloud computing domains. As cloud computing becomes increasingly prevalent in the IT landscape, this course is relevant for a wide range of IT and information security roles within any organization. It is particularly recommended for IT auditors, system administrators, and security professionals with at least five years of experience.

Upon completing this course, participants will be able to:

• Validate their expertise in cloud security gained through practical experience
• Prepare for the CCSK certification examination
• Demonstrate their technical knowledge, skills, and abilities to effectively develop a comprehensive cloud security program aligned with globally recognized standards
• Distinguish themselves from other candidates in the rapidly expanding cloud security job market
• Access valuable career resources, including tools, networking opportunities, and peer collaboration
• Protect against threats with qualified professionals who have the expertise to competently design, build, and maintain a secure cloud environment for government and other sectors

Format of the Course

• Interactive lectures and discussions
• Extensive exercises and practical activities
• Hands-on implementation in a live-lab environment

Course Customization Options

• For customized training tailored to specific organizational needs, please contact Govtra to arrange.

Description:

This 2-day CCSK Plus course includes all content from the CCSK Foundation course and expands on it with extensive hands-on labs in a second day of training. Students will learn to apply their knowledge by performing a series of exercises involving a scenario that brings a fictional organization securely into the cloud. After completing this training, students will be well prepared for the CCSK certification exam, sponsored by the Cloud Security Alliance. This second day of training includes additional lecture, although students will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises.

Objectives:

This is a two-day class that begins with the CCSK Basic training, followed by a second day of additional content and hands-on activities designed to enhance practical skills for government and industry professionals.

Target Audience:

This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security, particularly for government applications.

The CCSK Foundation course begins with foundational concepts and gradually progresses to cover all 16 domains of the CSA Security Guidance, recommendations from the European Union Agency for Network & Information Security (ENISA), and an overview of the Cloud Controls Matrix.

This is a Cloud Security Alliance (CSA) authorized course, and Govtra is an official CSA Training Partner.

The course is delivered by CSA Authorized CCSK Instructors.
All attendees receive:

• official CSA CCSK Foundation course certificates
• official CCSK Foundation Student Handbooks
• 1 CCSK exam voucher and 1 re-attempt exam voucher

This course covers the most current version of the CCSK exam, currently version 4.1, ensuring that participants are well-prepared for government-specific cybersecurity challenges.

The CCSK Plus expands upon the foundational class by offering additional material and extensive hands-on activities to reinforce classroom instruction. Students participate in a scenario where they securely transition a fictional organization into the cloud, providing them with practical experience that mirrors real-world requirements.

The CCSK Plus Course includes all modules from the CCSK Foundation course, along with supplementary content.

This is an authorized Cloud Security Alliance (CSA) course, and Govtra is an official CSA Training Partner for government.

The course is delivered by CSA Authorized CCSK Instructors.

All attendees receive:

• official CSA CCSK Plus course certificates
• official CCSK Foundation Student Handbooks
• 1 CCSK exam voucher and 1 re-attempt exam voucher

The course covers the most current version of the CCSK exam, currently version 4.1.

Cloud adoption changes how applications are built, deployed, and operated — shifting responsibility between vendor and customer while introducing cloud-native platforms (containers, serverless, managed services) that require adapted security controls. Security must therefore address infrastructure hardening, identity and access management, data protection, secure development practices, and cloud-specific threat vectors.

This instructor-led, live training (online or onsite) is aimed at intermediate-level developers, security engineers, and IT managers who wish to gain practical, hands-on skills to secure cloud applications and their supporting infrastructure, while learning repeatable controls and assessment techniques that map to current industry frameworks and cloud provider guidance for government.

By the end of this training, participants will be able to:

• Explain the cloud shared-responsibility model and apply it to application security decisions.
• Harden cloud infrastructure (IaaS), secure platform services (PaaS) and evaluate SaaS configurations.
• Apply secure coding and OWASP-based mitigation patterns to cloud-hosted applications.
• Integrate security tooling into CI/CD pipelines (SAST/DAST/DAST/IAST/RASP) and adopt shift-left practices.

Format of the Course

• Interactive lecture and discussion tied to live demos.
• Hands-on labs using cloud consoles, containers, serverless functions, and CI/CD pipelines.
• Practical exercises: secure configuration, vulnerability scanning, attack simulation, and remediation planning.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This course is designed to equip participants with the necessary skills to implement appropriate security controls in the cloud, often utilizing automation to ensure compliance with established standards. We will begin by delving into one of the most critical aspects of cloud security: Identity and Access Management (IAM). Following this, we will explore various methods for securing cloud environments through a combination of theoretical discussions and practical, hands-on exercises. These exercises will cover several key topics aimed at defending different cloud workloads operating in the Cloud Service Provider (CSP) models, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Functions as a Service (FaaS). This comprehensive approach is tailored to enhance security practices for government agencies and ensure alignment with public sector workflows and governance requirements.

This course provides practical knowledge on OpenStack and private cloud security, tailored specifically for government agencies. It begins with an introduction to the system, followed by hands-on instruction on securing private clouds and implementing robust security measures in OpenStack installations. Throughout the course, participants will gain in-depth understanding of each core OpenStack module, building virtual identity, image, network, compute, and storage resources while discussing pertinent security issues. Each participant will have their own training environment featuring a complete OpenStack installation based on selected cloud architecture (e.g., storage, networking). The training can be highly customized to meet the specific needs of government clients.

Customization Options
The course can be condensed to 2 days, focusing on core aspects most relevant for government agencies. Alternatively, it can be extended to cover additional topics such as administrative tasks, design considerations, networking configurations, and troubleshooting issues related to OpenStack deployments.