Certified Cloud Security Engineer (C|CSE)

Course Modules

• Introduction to Cloud Security: This module covers the fundamentals of cloud computing, including service models (IaaS, PaaS, SaaS), deployment models (public, private, hybrid), and the shared responsibility model. It also delves into common cloud threats and vulnerabilities, emphasizing the importance of cloud security.

• Platform and Infrastructure Security in Cloud: Focuses on securing cloud infrastructure components such as compute, storage, and networking. Topics include virtualization security, container security, and best practices for securing cloud platforms like AWS, Azure, and Google Cloud.

• Application Security in Cloud: Emphasizes securing cloud-based applications by integrating security into the Software Development Lifecycle (SDLC). It covers topics like secure coding practices, application security testing, and the use of Web Application Firewalls (WAFs).

• Data Security in Cloud: Addresses strategies for protecting data in the cloud, including encryption methods for data at rest and in transit, data masking, tokenization, and implementing data loss prevention (DLP) solutions.

• Operation Security in Cloud: Highlights the importance of operational security in cloud environments. Topics include identity and access management (IAM), logging and monitoring, patch management, and incident response planning.

• Penetration Testing in Cloud: Provides methodologies and tools for conducting penetration tests in cloud environments. It covers reconnaissance, vulnerability scanning, exploitation, and post-exploitation techniques specific to cloud platforms.

• Incident Detection and Response in Cloud: Focuses on detecting and responding to security incidents in the cloud. It includes setting up monitoring and alerting systems, conducting forensic analysis, and implementing incident response workflows.

• Forensics Investigation in Cloud: Explores the process of conducting forensic investigations in cloud settings. Topics include evidence collection, analysis, and preservation, as well as understanding the legal implications of cloud forensics.

• Business Continuity and Disaster Recovery in Cloud: Covers strategies to ensure business continuity and disaster recovery in cloud environments. It includes planning for data backups, replication, and recovery procedures to maintain service availability during disruptions.

• Governance, Risk Management, and Compliance (GRC) in Cloud: Focuses on implementing governance frameworks, managing risks, and ensuring compliance with regulations in the cloud. It covers topics like policy development, risk assessment, and audit management.

• Standards, Policies, and Legal Issues in Cloud: Discusses various standards and policies relevant to cloud security, such as ISO/IEC 27017 and 27018. It also addresses legal considerations, including data sovereignty and privacy laws affecting cloud deployments.