Module 1: Cloud Architectural Concepts and Design Requirements
- Understand Cloud ComputingConcepts
- Describe Cloud Reference Architecture
- Understand Security Concepts Relevant to CloudComputing
- Understand Design Principles of Secure CloudComputing
- Identify Trusted CloudServices
Module 2: Cloud Data Security
- Understand Cloud Data Lifecycle (CSAGuidance)
- Design and Implement Cloud Data StorageArchitectures
- Design and Apply Data SecurityStrategies
- Understand and Implement Data Discovery and classification technologies
- Design and Implement Relevant JurisdictionalData Protections for personally identifiable information (PII)
- Design and Implement Data RightsManagement
- Plan and Implement Data Retention, Deletion, and archiving policies
- Design and Implement Auditability, Traceability and Accountability of DataEvents
Module 3: Cloud Platform Infrastructure Security
- Comprehend Cloud InfrastructureComponents
- Analyze Risks Associated to cloud infrastructure
- Design and Plan SecurityControls
- Plan Disaster Recovery and Business continuity management
Module 4: Cloud Application Security
- Recognize the need for Training and Awareness inApplicationSecurity
- Understand Cloud Software Assurance andValidation
- Use Verified SecureSoftware
- Comprehend the Software Development Life-Cycle(SDLC)Process
- Apply the Secure Software Development Life-Cycle
- Comprehend the Specifics of Cloud ApplicationArchitecture
- Design Appropriate Identity and access management (IAM)Solutions
Module 5: Cloud Security Operations
- Support the Planning Process for the Data CenterDesign
- Implement and Build Physical Infrastructure forCloudEnvironment
- Run Physical Infrastructure for CloudEnvironment
- Manage Physical Infrastructure for CloudEnvironment
- Build Logical Infrastructure for CloudEnvironment
- Run Logical Infrastructure for CloudEnvironment
- Manage Logical Infrastructure for CloudEnvironment
- Ensure Compliance with Regulations and Controls(e.g., ITIL, ISO/IEC20000-1)
- Conduct Risk Assessment to Logical and PhysicalInfrastructure
- Understand the Collection, Acquisition and preservation of digital evidence
- Manage Communication with RelevantParties
Module 6: Legal and Compliance for the Cloud
- Understand Legal Requirements and Unique Riskswithin the cloud environment
- Understand Privacy Issues, IncludingJurisdictionalVariation
- Understand Audit Process, Methodologies, and required Adaptations fora
- cloud environment
- Understand the Implications of Cloud to EnterpriseRiskManagement
- Understand Outsourcing and Cloud ContractDesign
- Execute Vendor Management