Cloud Security Essentials Training Course

Cloud Computing Security Knowledge (CCSK) Preparation Course

The CCSK course is designed to provide a comprehensive understanding of security issues and best practices across various cloud computing domains. As cloud computing continues to be the predominant IT framework, this course is relevant for a wide array of IT and information security roles in virtually every organization, including those within the public sector. It is particularly recommended for IT auditors, system administrators, and security professionals with at least five years of experience.

Upon completion of this course, participants will be able to:

• Validate their competence in cloud security gained through practical experience
• Prepare for the CCSK certification exam
• Demonstrate technical knowledge, skills, and abilities necessary to develop a comprehensive cloud security program aligned with global standards
• Differentiate themselves from other candidates in the competitive cloud security job market
• Access valuable career resources, including tools, networking opportunities, and peer collaboration
• Protect against threats by leveraging the expertise of qualified professionals who can competently design, build, and maintain a secure cloud environment

Format of the Course

• Interactive lectures and discussions
• Extensive exercises and practice sessions
• Hands-on implementation in a live-lab environment

Course Customization Options for Government

• To request a customized training session tailored to the specific needs of government agencies, please contact us to arrange.

Description:

This 2-day CCSK Plus course encompasses all the content from the CCSK Foundation course and builds upon it with extensive hands-on labs on the second day of training. Participants will gain practical experience by performing a series of exercises that involve securely migrating a fictional organization to the cloud. Upon completion, students will be well-prepared for the CCSK certification exam, which is sponsored by the Cloud Security Alliance. The second day of the course includes additional lectures, though the focus remains on assessing, building, and securing cloud infrastructure through hands-on exercises.

Objectives:

This two-day class begins with CCSK Basic training and continues with a second day of expanded content and practical activities designed to enhance participants' skills in cloud security.

Target Audience:

This course is tailored for security professionals but is also beneficial for anyone seeking to deepen their understanding of cloud security, particularly those working in or supporting government agencies for government operations.

The CCSK Foundation course begins with an introduction to fundamental concepts, gradually advancing through all 16 domains of the CSA Security Guidance, incorporating recommendations from the European Union Agency for Network and Information Security (ENISA), and providing a comprehensive overview of the Cloud Controls Matrix. This course is officially authorized by the Cloud Security Alliance (CSA), and NobleProg serves as an accredited CSA Training Partner. The course is delivered by CSA Authorized CCSK Instructors. All participants will receive: - Official CSA CCSK Foundation course certificates - Official CCSK Foundation Student Handbooks - One CCSK exam voucher and one re-attempt exam voucher The curriculum covers the latest version of the CCSK exam, currently version 4.1, ensuring that learners are well-prepared with the most up-to-date knowledge for government and private sector applications.

The CCSK Plus course builds upon the foundational class by offering expanded content and a comprehensive set of hands-on activities designed to reinforce classroom learning. Students participate in a scenario that involves securely transitioning a fictional organization to the cloud, providing them with practical experience in performing tasks that are essential in real-world environments. The CCSK Plus Course includes all modules from the CCSK Foundation course, along with additional material. This is an authorized Cloud Security Alliance (CSA) course, and NobleProg serves as an official CSA Training Partner. Delivered by CSA Authorized CCSK Instructors, this course ensures that participants receive: - Official CSA CCSK Plus course certificates - Official CCSK Foundation Student Handbooks - One CCSK exam voucher and one re-attempt exam voucher The course covers the most current version of the CCSK exam, which is currently version 4.1, ensuring that it aligns with the latest standards for government and industry.

The Certified Cloud Security Professional (CCSP) credential is a globally recognized certification developed through the collaborative expertise of two leading organizations in information systems and cloud computing security, (ISC)² and the Cloud Security Alliance (CSA). The CCSP credential is particularly relevant for government and other sectors that require robust cloud security measures in a global context. This is crucial given the complex legal, regulatory, and compliance challenges associated with the multi-jurisdictional storage of personally identifiable information (PII). For those who qualify, the CCSP exam assesses their proficiency across six domains of the (ISC)² Common Body of Knowledge (CBK), which include: - Architectural Concepts & Design Requirements - Cloud Data Security - Cloud Platform & Infrastructure Security - Cloud Application Security - Operations - Legal & Compliance These domains ensure that professionals are well-equipped to address the multifaceted security needs in cloud environments, aligning with the stringent requirements for government and other public sector workflows.

Cloud adoption changes how applications are built, deployed, and operated — shifting responsibility between vendor and customer while introducing cloud-native platforms (containers, serverless, managed services) that require adapted security controls. Security must therefore address infrastructure hardening, identity and access management, data protection, secure development practices, and cloud-specific threat vectors.

This instructor-led, live training (online or onsite) is aimed at intermediate-level developers, security engineers, and IT managers who wish to gain practical, hands-on skills to secure cloud applications and their supporting infrastructure, while learning repeatable controls and assessment techniques that map to current industry frameworks and cloud provider guidance for government.

By the end of this training, participants will be able to:

• Explain the cloud shared-responsibility model and apply it to application security decisions.
• Harden cloud infrastructure (IaaS), secure platform services (PaaS) and evaluate SaaS configurations.
• Apply secure coding and OWASP-based mitigation patterns to cloud-hosted applications.
• Integrate security tooling into CI/CD pipelines (SAST/DAST/DAST/IAST/RASP) and adopt shift-left practices.

Format of the Course

• Interactive lecture and discussion tied to live demos.
• Hands-on labs using cloud consoles, containers, serverless functions, and CI/CD pipelines.
• Practical exercises: secure configuration, vulnerability scanning, attack simulation, and remediation planning.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

The course provides practical knowledge on OpenStack and private cloud security, tailored specifically for government agencies. It begins with an introduction to the system, followed by in-depth, hands-on training on security measures for private clouds and securing OpenStack installations. Throughout the course, each core OpenStack module is thoroughly covered, enabling participants to build virtual identity, image, network, compute, and storage resources while discussing pertinent security issues. Each participant receives their own training environment featuring a complete OpenStack installation based on selected cloud architecture (e.g., storage, networking). The training can be highly customized to meet the specific needs of government clients. ### Customization Options The course can be structured to fit within a 2-day timeframe, focusing on core aspects relevant to the client's requirements. Alternatively, it can be extended to include additional topics such as administrative tasks, design considerations, networking, and troubleshooting issues related to OpenStack deployments for government use.