EC-Council Certified Cloud Security Engineer (CCSE) iLearn

This solution is an asynchronous, self-study environment in a video streaming format.

The Certified Cloud Security Engineer (CCSE) is a multi-cloud security certification program crafted by industry experts. It offers a holistic understanding of cloud security and empowers cybersecurity professionals to apply practical skills to build, operate, and defend their environments regardless of the selected infrastructure.

Our unique approach to designing curriculum allows CCSE content to match the latest security tools and techniques for the AWS, Azure, and GCP platforms, as well as private and hybrid architectures. This design makes the CCSE program a perfect blend of vendor-neutral training topics with vendor-specific instruction and performance labs, offering cybersecurity professionals an unbiased learning experience.

CCSE offers a hands-on practical approach, featuring over 85 labs to ensure candidates gain hands-on experience that can be immediately applied at the workplace to anticipate and overcome cloud security challenges.

With organizations storing and processing more data than ever on multiple cloud environments, multi-cloud security is essential to organizational cyber security initiatives. According toa forecast by Markets and Markets, the multi-cloud security market is expected to grow to USD 10.5 billion by2027, creating a significant demand across verticals such as BFSI, healthcare, telecommunications, IT, retail, ecommerce, and other industries.

Target Audience

The Certified Cloud Security Engineer (CCSE) program is tailored for an intermediate level and is ideally suited for individuals with prior experience in cybersecurity. The program offers a comprehensive exploration of advanced cloud security concepts, equipping working professionals with a holistic perspective covering a wide range of cloud platforms and service providers.

Professionals with experience in any of the below domains can apply:

• Network Security: Administrator/Engineer/Analyst:
• Cybersecurity: Engineer/Analyst
• Cloud: Administrator/Analyst/Engineer
• InfoSec professionals
• C|ND professionals

OR

• Any other role that involves network/cloud administration, management, and operations

Prerequisites

Should have a working knowledge of network security management

• Basic understanding of cloud computing concepts

What will you learn

After attending this cloud security course, participants will be able to gather:

Generic Cloud Security Concepts

• Understand the fundamentals of cloud computing and its architecture.
• Comprehend the key concepts and components of cloud security.
• Identify and evaluate cloud deployment models (public, private, hybrid) and their associated security considerations.
• Demonstrate knowledge of cloud service models (Infrastructure as a Service, Platform as a Service, Software as a Service) and their respective security challenges.
• Identify common vulnerabilities and threats specific to cloud environments and develop strategies for their prevention and mitigation. 
• Familiarize yourself with cloud security challenges and threats.
• Acquire knowledge of identity and access management (IAM) in cloud environments.
• Learn about authentication and authorization mechanisms for cloud services.
• Understand the principles of secure data storage and encryption in the cloud.
• Gain knowledge of network security in cloud environments, including virtual private networks (VPNs) and firewalls.
• Learn about security monitoring and logging in to the cloud.
• Understand incident response and disaster recovery strategies for cloud-based systems.
• Apply best practices for securing cloud-based infrastructure and services.
• Implement encryption techniques to safeguard sensitive information in the cloud.
• Apply principles of access control and IAM in the context of cloud environments.
• Understand and utilize security monitoring and incident response mechanisms in the cloud.
• Evaluate and select appropriate cloud service providers based on their security offerings.
• Comprehend regulatory and compliance requirements related to cloud security.
• Create and enforce cloud security policies and procedures within an organization.
• Conduct penetration tests, security audits, and assessments to ensure compliance with cloud security standards.
• Understand the shared responsibility model and the division of security responsibilities between cloud providers and customers.
• Demonstrate knowledge of cloud security frameworks, such as CSA (Cloud Security Alliance).

AWS Specific Security Concepts

• Understand AWS’s shared responsibility model and the security responsibilities division between AWS and the customer.
• Understand the AWS Cloud Adoption Framework and its security perspective capabilities.
• Gain knowledge of fundamental cloud security concepts and best practices in AWS.
• Secure AWS identities and access management, including user accounts, groups, and roles.
• Implement secure access control mechanisms, including IAM roles, policies, and permissions.
• Learn how to configure and secure AWS networking components such as Virtual Private Cloud(VPC), subnets, and security groups.
• Understand the various encryption mechanisms available in AWS, including data-at-rest and data-in-transit encryption.
• Gain knowledge of the AWS Key Management Service (KMS)and how to manage and secure cryptographic keys.
• Learn to secure AWS compute resources, such asEC2 instances and serverless functions.
• Develop an understanding of AWS monitoring and logging services, including AWS mCloudTrail and Amazon CloudWatch, and how to leverage them for security analysis and incident response.
• Gain knowledge of AWS security services and features such as AWS WAF (Web Application Firewall), AWS Shield, and AWS Inspector, as well as how to implement them to enhance security.
• Understand best practices for securing AWS storage services, such as Amazon S3 (Simple Storage Service) and Amazon EBS (Elastic Block Store).
• Learn about AWS security compliance programs and frameworks, such as the AWS Well-Architected Framework, and how to implement security controls to meet compliance requirements.
• Gain knowledge of AWS security automation and orchestration tools, such as AWS CloudFormation and AWS Config, and how to use them to automate security deployments and enforce security standards.
• Learn about incident response and disaster recovery in the AWS environment, including best practices for incident handling and data backup and recovery.

Azure Specific Security Concepts

• Gain knowledge of the basic principles, concepts, and components of cloud security in the Azure
• Understand the shared responsibility model and its application to securing Azure resources.
• Understand Microsoft Cloud Adoption Framework for Azure and achieve cloud adoption goals.
• Learn how to implement security measures to protect Azure resources such as virtual machines, databases, storage accounts, and networking components.
• Learn how to manage user identities, roles, and access controls in Azure, including implementing Azure Active Directory (AAD), role-based access control (RBAC), and multi-factor authentication (MFA).
• Learn about the Azure Virtual Network (VNet)and how to implement network security groups (NSGs), virtual network service endpoints, and private endpoints to secure network traffic within Azure using Azure Firewall and Azure DDoS Protection.
• Understand how to protect data at rest and in transit using Azure features like Azure Disk Encryption, Azure Storage Service Encryption, Azure Key Vault, and Azure Information Protection, and implement Azure Key Vault to manage and safeguard cryptographic keys, secrets, and certificates.
• Learn to enhance Azure AD security by implementing features like multi-factor authentication (MFA), conditional access, Privileged Identity Management (PIM), and Azure AD Identity Protection.
• Explore Microsoft Defender for the cloud and learn how to use it to monitor, assess, and improve the security posture of Azure resources, including virtual machines, containers, and Azure services, and implement security recommendations and best practices.
• Gain knowledge of Azure Monitor, Azure Sentinel, and Microsoft Defender for cloud’s threat intelligence capabilities to detect and respond to security incidents effectively.
• Understand Azure governance frameworks and best practices for maintaining compliance and meeting regulatory requirements, including Azure Policy, Azure Blueprints, and Azure Audit and Security Logs.
• Learn how to secure Azure virtual machines, including implementing Azure Bastion for secure remote access and using Microsoft Defender for cloud for VM monitoring and threat detection.
• Acquire knowledge of best practices for securing Azure resources and implementing security controls.
• Learn about incident response procedures, disaster recovery planning, and utilizing Azure services such as Azure Site Recovery and Azure Backup for data protection and business continuity.
• Gain knowledge of additional security services and solutions in Azure, such as Azure DDoS Protection and Azure Advanced Threat Protection.
• Explore best practices for securing Azure Storage accounts, Azure App Service, and Azure SQL Database.
• Understand Azure Backup and Azure Site Recovery for data protection and disaster recovery scenarios.

Google Cloud Specific Security Concepts

• Gain a solid understanding of the key concepts, principles, and best practices for securing applications and data in the GCP environment.
• Learn the fundamentals of cloud security and the shared responsibility model in GCP.
• Understand the Google Cloud Adoption Framework.
• Gain knowledge of GCP security concepts, tools, and services for protecting cloud-based resources.
• Learn how to implement and configure IAM roles, policies, and permissions to control access to GCP resources, services, and data.
• Understand how to design and configure secure virtual networks (VPCs) in GCP, including network segmentation, firewall rules, subnetworks, and VPC peering.
• Learn about GCP’s network security features and tools, such as Cloud Armor, Cloud Load Balancing, Cloud VPN, and Cloud DNS, to protect network traffic and prevent unauthorized access.
• Understand how to effectively protect sensitive data in GCP using encryption techniques, including encryption at rest and in transit, key management, and Google Cloud Key Management Service (KMS).
• Learn how to set up and configure logging and monitoring mechanisms in GCP to detect and respond to security incidents effectively. This may involve using tools like the Google Cloud Security Command Center and Operations Suite Logging.
• Understand best practices for secure application development on GCP, including secure coding techniques, vulnerability management, and integration with security services like Cloud Security Scanner and Cloud Security Command Center.
• Familiarize yourself with GCP’s compliance frameworks, certifications, and regulatory requirements, and learn how to implement security controls and practices to meet industry standards and compliance obligations.
• Develop skills in incident response planning, security incident management, and disaster recovery techniques specific to GCP, including incident detection, containment, and remediation procedures.
• Understand the recommended security practices and configurations for different GCP services and resources, including Compute Engine, Cloud Storage, Cloud SQL, and Google Kubernetes Engine (GKE).
• Learn how to leverage additional GCP services like Cloud Identity-Aware Proxy (IAP), Security Key Enforcement, and Identity Platform to enhance authentication and access control

Course Outline

Module 1: Introduction to Cloud Security

This module provides a basic understanding of cloud computing and its service models, including the various threats and vulnerabilities found in the cloud. It highlights various factors for evaluating service providers and understanding the shared security responsibility model of service providers. Understanding the shared responsibility model provided by the cloud service provider is essential to configuring the cloud environment securely and protecting organizational resources.

Module 2: Platform and Infrastructure Security in the Cloud

This module explains the key components and technology that make the architecture of the cloud and the various techniques involved in securing the multi-tenancy, virtualized, physical, and logical cloud components. It demonstrates the configurations to secure the physical data center. Users can learn the best practices to secure the workload, computing resources, and networks in the cloud. This module demonstrates the use of various services and tools provided for network and computing security in Azure, AWS, and Google cloud.

Module 3: Application Security in the Cloud

This module focuses on securing cloud applications, from designing to deployment of an application in the cloud. It explains the changes in the Secure Software Development Life Cycle (SSDLC) in the cloud. It shows how service providers’ identity and access management features help implement authentication and authorization and restrict unauthorized users from accessing cloud resources. It teaches the implementation of security controls throughout the software development lifecycle. This module highlights integrating security into DevOps and the continuous integration/continuous deployment (CI/CD) model for developing and deploying cloud applications. This module demonstrates the use of various services and tools provided for application security in Azure, AWS, and Google Cloud.

Module 4: Data Security in the Cloud

Data security is the major concern while migrating to the cloud. This module covers the basics of cloud data storage, its life cycle, and various controls to protect data-in-rest and data-in-transit in the cloud. This module includes data storage features and various services and tools for securing the data stored in Azure, AWS, and Google Cloud.

Module 5: Operation Security in the Cloud

This module includes the security controls for building, implementing, operating, managing, and maintaining physical and logical infrastructure for cloud environments. It covers the services, features, and tools AWS, Azure, and Google Cloud provide for operational security.

Module 6: Penetration Testing in the Cloud

This module demonstrates how to implement a comprehensive penetration testing methodology for assessing the security of an organization’s cloud infrastructure. It demonstrates the various services and tools used to perform penetration testing in AWS, Azure, and Google Cloud.

Module 7: Incident Detection and Response in the Cloud

An incident response (IR) plan is crucial to prevent security breaches in the cloud. This module describes the incident response life cycle and highlights the considerations for responders in each phase of the IR plan in a cloud environment. It highlights the use of SOAR in automating incident response in the cloud. This module explores the incident response capabilities provided by AWS, Azure, and Google Cloud. It demonstrates various tools and services for incident detection and response.

Module 08: Forensics Investigation in the Cloud

Access to forensic data and the forensic investigation process in a cloud computing environment differ from the network forensic investigation process. This module highlights various cloud forensic challenges and data collection methodologies. It demonstrates how to investigate security incidents in the cloud using various tools provided by AWS, Azure, and Google Cloud.

Module 09: Business Continuity and Disaster Recovery in the Cloud

Business Continuity and Disaster Recovery (BC/DR) is important in the cloud because a third party manages the resources. This module teaches the role of the business continuity and disaster recovery plan in the cloud. It explains backup and recovery tools and the services and features provided by service providers such as AWS, Azure, and Google Cloud to prepare and manage outages to ensure business continuity.

Module 10: Governance, Risk Management, and Compliance in the Cloud

This module highlights the standards, policies, and legal issues related to the cloud. It highlights various legal and compliance issues found in a cloud environment. It discusses various cloud security standards and audit planning in the cloud. It demonstrates the features, services, and tools for compliance and auditing in Azure, AWS, and Google Cloud.

Module 11: Standards, Policies, and Legal Issues in the Cloud

This module highlights the standards, policies, and legal issues related to the cloud. It highlights various legal and compliance issues found in a cloud environment. It discusses various cloud security standards and audit planning in the cloud. It demonstrates the features, services, and tools for compliance and auditing in Azure, AWS, and Google Cloud.