Certified Cloud Security Engineer (CCSE) v2
Overview
The Certified Cloud Security Engineer (C|CSE) is a multi-cloud security certification program crafted by industry experts. It offers a holistic understanding of cloud security and empowers cybersecurity professionals to apply practical skills in their work.
With our unique approach, the C|CSE course curriculum is designed to match the latest security tools and techniques for the AWS, Azure, and GCP platforms, combined with a vendor-neutral cloud environment. This makes the program a perfect blend of vendor-neutral training topics with vendor-specific instruction and performance labs, offering cybersecurity professionals a well-rounded and unbiased learning experience.
Objectives
- Principles, concepts, and components of cloud security
- Shared responsibility model and its application
- Microsoft Cloud Adoption Framework for Azure to achieve cloud adoption goals
- Security measures to protect Azure resources such as virtual machines, databases, storage accounts, and networking components
- User identities, roles, and access controls management in Azure, including implementing Azure
- Active Directory (AAD), role-based access control (RBAC), and multi-factor authentication (MFA)
- Azure Virtual Network (VNet) and implementation of network security groups (NSGs), virtual network service endpoints, and private endpoints to secure network traffic within Azure using Azure
- Firewall and Azure DDoS Protection
- Protect data at rest and in transit using Azure features like Azure Disk Encryption, Azure Storage
- Service Encryption, Azure Key Vault, and Azure Information Protection
- Implement Azure Key Vault to manage and safeguard cryptographic keys, secrets, and certificates
- Azure AD security enhancement through the implementation of features like multi-factor authentication (MFA), conditional access, Privileged Identity Management (PIM), and Azure AD
- Identity Protection
- Microsoft Defender for the cloud to monitor, assess, and improve the security posture of Azure resources, including virtual machines, containers, and Azure services, and implement security recommendations and best practices
- Azure Monitor, Azure Sentinel, and Microsoft Defender for the cloud’s threat intelligence capabilities to detect and respond to security incidents effectively
- Azure governance frameworks and best practices for maintaining compliance and meeting regulatory requirements, including Azure Policy, Azure Blueprints, and Azure Audit and Security
- Logs
- Secure Azure virtual machines, including implementing Azure Bastion for secure remote access and using Microsoft Defender for cloud for VM monitoring and threat detection
- Best practices for securing Azure resources and implementing security controls
- Incident response procedures, disaster recovery planning, and utilizing Azure services such as Azure
- Site Recovery and Azure Backup
- Additional security services and solutions in Azure, including Azure DDoS Protection and Azure
- Advanced Threat Protection
- Best practices for securing Azure Storage accounts, Azure App Service, and Azure SQL Database
- Azure Backup and Azure Site Recovery for data protection and disaster recovery scenarios
Audience
- Network security engineers
- Cybersecurity analysts
- Network security analysts
- Cloud administrators and engineers
- Network security administrators
- Cloud analysts
- Cybersecurity engineers
- Those working in network and cloud management and operations
Outline
- Understand Cloud Computing Fundamentals.
- Understand Cloud Security Objectives and Issues.
- Understanding Cloud Security Insights.
- Evaluate CSPs for Security before Consuming a Cloud Service.
- Discuss Security Shared Responsibility Model in Amazon Cloud (AWS).
- Discuss Security Shared Responsibility Model in Microsoft Azure Cloud.
- Discuss Security Shared Responsibility Model in Google Cloud Platform (GCP).
- Understand Cloud Platform and Infrastructure.
- Understand the Risks and Threats Associated with Cloud Platform and Infrastructure.
- Learn how to Secure the Key Components of Cloud Platform and Infrastructure.
- Learn how to Design a Secure Data Center in Cloud.
- Understand Cloud Platform and Infrastructure Security in AWS.
- Learn how to Implement Cloud Platform and Infrastructure Security in AWS.
- Understand Cloud Platform and Infrastructure Security in GCP.
- Learn how to Implement Cloud Platform and Infrastructure Security in Google.
- Understand Cloud Platform and Infrastructure Security in Microsoft Azure .
- Learn to Implement Cloud Platform and Infrastructure Security in Microsoft Azure.
- Understand Cloud Application Security.
- Discuss cloud application security risks.
- Understand Secure Software Development Lifecycle (SSDLC) of Cloud Applications.
- Understand DevOps and Continuous Integration/ Continuous Deployment (CI/CD).
- Discuss cloud application security controls.
- Understand Application Security Features in AWS.
- Learn How to Implement Application Security in AW.
- Understand Application Security Features in Azure.
- Learn How to Implement Application Security in Azure.
- Understand Application Security Features in GCP.
- Learn How to Implement Application Security in GCP.
- Understand Data Security in Cloud.
- Discuss cloud data storage fundamentals.
- Understand the cloud storage architecture and life cycle phases.
- Evaluate the risks, attacks, and issues in cloud data storage.
- Understand data security strategies and technologies in the cloud.
- Discuss Information Rights management Systems.
- Discuss Data retention and archiving strategies.
- Discuss Storage and Analysis of Data events.
- Understand storage services in Amazon Webservices (AWS).
- Learn how to implement data security in Amazon Webservices (AWS).
- Understand storage services in Google Cloud Platform (GCP).
- Learn how to implement data security in Google Cloud Platform (GCP).
- Understand storage services in Microsoft Azure.
- Learn how to implement data security in Microsoft Azure.
- Discuss cloud security operations.
- Understand elements (standards and methods) in cloud data center physical/logical Operations.
- Learn Security Operations to Build Cloud Infrastructure.
- Learn How to Perform Security Operations for Cloud Infrastructures.
- Learn Security Operations to Manage Cloud Infrastructure.
- Discuss Security Configurations Management for Cloud Infrastructure.
- Learn to Monitor Security Operations for Cloud Infrastructure.
- Understand security operations in Microsoft Azure.
- Learn to implement security operations in Microsoft Azure.
- Understand security operations in Amazon Webservices (AWS).
- Learn to implement security operations in Amazon Webservices (AWS).
- Understand security operations in Google Cloud Platform (GCP).
- Learn to implement security operations in Google Cloud Platform (GCP).
- Understand the scope of cloud penetration testing.
- Learn generic penetration testing steps in the cloud.
- Learn AWS-specific penetration testing steps.
- Learn Azure-specific penetration testing steps.
- Learn GCP-specific penetration testing steps.
- Understand Cloud Incident Response.
- Understand Cloud Incident Response Lifecycle.
- Understand How SOAR Accelerates Incident Response.
- Discuss Security Incident Response in AWS.
- Discuss AWS Investigation and Detection Tools.
- Discuss Security Incident Response in Microsoft Azure Cloud.
- Discuss Security Incident Response in Google Cloud Platform (GCP).
- Discuss cloud forensics.
- Learn how to investigate security incidents in Amazon Web Services (AWS).
- Learn how to investigate security incidents in Microsoft Azure.
- Learn how to investigate security incidents in Google Cloud Platform (GCP.
- Discuss Cloud Disaster Recovery and Business Continuity.
- Learn to Design Disaster Recovery and Business Continuity in Cloud.
- Learn to Architect Recovery and Resilience in AWS.
- Learn to Implement Recovery and Resilience in AWS.
- Understand Business Continuity and Disaster Recovery in Microsoft Azure.
- Learn Disaster Recovery Configurations in Azure.
- Learn to Implement BC/DR with Azure SQL Database.
- Learn to Configure BCDR for Azure Stack Edge VPN.
- Understand Various Disaster Recovery Scenarios in Azure.
- Learn to Implement BCDR in Azure.
- Discuss Azure Partner Solutions for BCDR.
- Discuss BC/DR in Google Cloud Platform (GCP).
- Discuss GCP Resources for Disaster Recovery (DR) and Business Continuity Plan (BCP).
- Understand Disaster Recovery for Data in GCP.
- Understand Disaster Recovery for Applications in GCP.
- Learn to Architect DR for Cloud Infrastructure Outages.
- Learn to Implement BCDR in Google Cloud Platform (GCP).
- Discuss Partners Solutions for Implementing BCDR in GCP.
- Understand GRC in the Cloud.
- Discuss Cloud Governance.
- Learn to Implement and Maintain Governance for Cloud Computing.
- Discuss Risk management in the Cloud.
- Discuss Risk Management Framework and Process in the Cloud.
- Understand Cloud Compliance.
- Learn to Implement GRC in the cloud.
- Understand GRC in Amazon Web Services (AWS).
- Understand GRC in Azure.
- Understand GRC in Google Cloud Platform (GCP).
- Understand Laws Impacting Cloud Computing.
- Learn the Cloud Computing Standards.
- Describe the Legal Frameworks for Data Protection and Privacy.
- Learn Audit Planning and Reporting in the Cloud.
- Describe Outsourcing and Vendor Management.
- Understand Standards, Policies, and Auditing in AWS.
- Understand Standards, Policies, and Auditing in Azure.
- Understand Standards, Policies, and Auditing in GCP.
Exam Facts
| Delivery | Online (Web based) |
| Format | Multiple choice |
| Proctoring | Live |
| Duration | 4 hours |
| # of questions | 125 |
| Pass grade | Depending on which exam form is challenged, cut scores can range from 60% to 78% |
Related Certification
- Cloud Security Engineer (CCSE)
