Module 1 Cloud Concepts, Architecture, and Design
-
11 Introduction CCSP (8:08)
-
12 Cloud Concepts, Architecture and Design CCSP (4:30)
-
13 What is Cloud Computing- CCSP (4:31)
-
14 Roles in Cloud Computing CCSP (5:23)
-
15 Cloud Security Concepts CCSP (5:28)
-
16 Cloud Service Models CCSP (5:21)
-
17 Infrastructure as a Service (IaaS) CCSP (5:03)
-
18 IaaS Specific Risks CCSP (5:44)
-
110 PaaS Risks CCSP (3:51)
-
111 Software as a Service (SaaS) CCSP (4:18)
-
112 SaaS Risks CCSP (6:00)
-
113 Virtualization Risks CCSP (5:45)
-
114 Cloud Deployment Models CCSP (5:05)
-
115 Public Cloud Deployment CCSP (4:00)
-
116 Public Cloud Deployment Risks CCSP (6:53)
-
117 Vendor Lock-In CCSP (4:51)
-
118 Vendor Lock-Out CCSP (4:25)
-
119 Multitenant Environment Risks CCSP (3:51)
-
120 Private Cloud Deployments CCSP (3:36)
-
121 Private Cloud Deployment Risks CCSP (6:41)
-
122 Community Cloud Deployments CCSP (4:20)
-
123 Community Cloud Deployment Risks CCSP (3:58)
-
124 Cloud Security Process CCSP (7:05)
-
125 Security Responsibility by Service Model CCSP (6:39)
-
126 Defense In Depth CCSP (6:45)
-
127 Cloud Security Frameworks and Standards CCSP (5:39)
-
128 Cost Benefit Analysis CCSP (6:25)
-
129 Developing Business Requirements CCSP (5:48)
-
130 Business impact Analysis CCSP (7:52)
-
131 Developing Security Requirements CCSP (5:10)
-
132 Domain 1 Summary CCSP (4:33)
Module 2 Cloud Data Security
-
21 Cloud Data Security and Data Classification CCSP (3:20)
-
22 Data Classification CCSP (5:48)
-
23 Data Roles CCSP (5:37)
-
24 Cloud Data Lifecycle CCSP (4:50)
-
25 Data Discovery CCSP (4:40)
-
26 Cloud Data Security Strategies CCSP (3:55)
-
27 Encrypting Data CCSP (5:42)
-
28 Encryption Types CCSP (5:12)
-
29 Encryption and Key Management CCSP (6:19)
-
210 Federal Information Processing Standard CCSP (3:41)
-
211 Hardening Devices CCSP (6:50)
-
212 Jurisdiction Requirements CCSP (4:16)
-
213 Protecting Data in Transit CCSP (3:39)
-
214 Data Storage Architecture CCSP (6:44)
-
215 Data Retention Policy CCSP (5:28)
-
216 Data Destruction Methods CCSP (4:29)
-
217 Auditability, Traceability and Accountability CCSP (6:39)
-
218 Data Audit Policy CCSP (6:18)
-
219 Data Privacy CCSP (6:14)
-
220 Privacy Safeguards CCSP (5:07)
-
221 Data Obfuscation CCSP (5:45)
-
222 Data Masking CCSP (3:41)
-
223 Tokenization CCSP (3:44)
-
224 Information Rights Management (IRM) CCSP (4:13)
-
225 Information Rights Implementation CCSP (5:13)
-
226 Information Rights Challenges CCSP (5:22)
-
227 Intellectual Property (US) CCSP (6:29)
-
228 Data Egress CCSP (4:41)
-
229 Domain 2 Summary CCSP (3:26)
Module 3 Cloud Platform and Infrastructure Security
-
31 Cloud Platform and Infrastructure Security CCSP (3:05)
-
32 Cloud Infrastructure Components CCSP (4:33)
-
33 The Management Plane CCSP (3:40)
-
34 Administering Middleware CCSP (4:50)
-
35 Virtualization CCSP (4:19)
-
36 Data Access CCSP (4:10)
-
37 Secure Networking CCSP (4:09)
-
38 Network Security CCSP (5:37)
-
39 System information and Event Management (SIEM) CCSP (5:25)
-
310 Cloud Provider Responsibility for Physical Plant CCSP (6:12)
-
311 Power Redundancy CCSP (5:50)
-
312 Other Redundancy and Safety Considerations CCSP (5:38)
-
313 Data Center Tiers CCSP (5:51)
-
314 Cloud Threats Part 1 CCSP (6:22)
-
315 Cloud Threats Part 2 CCSP (4:10)
-
316 Protecting Against Cloud Threats Part 1 CCSP (7:56)
-
317 Protecting Against Cloud Threats Part 2 CCSP (5:36)
-
318 Shared Responsibility for Cloud Platform Oversight CCSP (4:00)
-
319 Cloud-Based Business Continuity and Disaster Recovery CCSP (4:51)
-
320 Disaster Declaration CCSP (4:27)
-
321 Disaster Recovery Criteria CCSP (4:47)
-
322 Disaster Recovery Testing CCSP (4:58)
-
323 Domain 3 Summary CCSP (4:37)
Module 4 Cloud Application Security
-
41 Cloud Application Security CCSP (3:57)
-
42 Challenges of Cloud Application Deployment CCSP (7:02)
-
43 Training and Awareness CCSP (5:43)
-
44 Cloud Software Development Lifecycle (SDLC) CCSP (4:38)
-
45 Secure Software Development Lifecycle (SSDL) CCSP (5:42)
-
46 Application Security Standards CCSP (3:40)
-
47 Identity and Access Management (IAM) CCSP (6:03)
-
48 Multifactor Authentication (MFA) CCSP (5:21)
-
49 Single Sign-On and Federated Identity Management CCSP (5:41)
-
410 Federation Standards CCSP (3:27)
-
411 Application Programming Interfaces (APIs) CCSP (3:58)
-
412 API Approval and Management CCSP (4:37)
-
413 Open-Source Software CCSP (4:28)
-
414 Sandboxing CCSP (2:59)
-
415 Cloud Application Security Testing Concepts and Methods CCSP (4:00)
-
416 OWASP Top 10 CCSP (3:03)
-
417 OWASP Top 10 Part 1 - Code Injection CCSP (4:35)
-
418 OWASP Top Ten Part 2 - Broken Authentication CCSP (6:17)
-
419 OWASP Top 10 Part 3- Sensitive Data Exposure CCSP (5:06)
-
420 OWASP Top 10 Part 4- XML External Entities (XXE) CCSP (3:50)
-
421 OWASP Top 10 Part 5- Broken Access Control CCSP (3:14)
-
422 OWASP Top 10 Part 6- Security Misconfiguration CCSP (4:01)
-
423 OWASP Top 10 Part 7- Cross-Site Scripting (XSS) CCSP (3:19)
-
424 OWASP Top 10 Part 8- Insecure Deserialization CCSP (2:27)
-
425 OWASP Top 10 Part 9- Using Components with Known Vulnerabilities CCSP (3:34)
-
426 OWASP Top 10 Part 10- Insufficient Logging and Monitoring CCSP (4:31)
-
427 STRIDE CCSP (4:00)
-
428 Application Security Testing Approaches Part 1 CCSP (4:58)
-
429 Application Security Testing Approaches Part 2 CCSP (5:26)
-
430 Domain 4 Summary CCSP (4:45)
Module 5 Cloud Security Operations
-
51 Cloud Security Operations CCSP (3:30)
-
52 Change and Configuration Management CCSP (6:37)
-
53 Change Management CCSP (6:45)
-
54 Security Operations Center (SOC) CCSP (6:45)
-
55 Log Review Challenges CCSP (4:53)
-
56 Incident Response CCSP (6:17)
-
57 Treacherous 12 Part 1 CCSP (4:20)
-
58 Treacherous 12 Part 2- Data Breach CCSP (6:21)
-
59 Treacherous 12 Part 3- Insufficient Identity, Credential, and Access Management CCSP (5:23)
-
510 Treacherous 12 Part 4- Insure APIs CCSP (3:46)
-
511 Treacherous 12 Part 5- System Vulnerability CCSP (4:45)
-
512 Treacherous 12 Part 6- Account Hijacking CCSP (5:28)
-
513 Treacherous 12 Part 7- Malicious Insider CCSP (6:03)
-
514 Treacherous 12 Part 8- Advanced Persistent Threats (APTs) CCSP (6:19)
-
515 Treacherous 12 Part 9- Data Loss CCSP (4:58)
-
516 Treacherous 12 Part 10- Insufficient Due Diligence CCSP (5:08)
-
517 Treacherous 12 Part 11- Abuse of Cloud Services CCSP (3:39)
-
518 Treacherous 12 Part 12- Denial of Service CCSP (4:35)
-
519 Treacherous 12 Part 13- Shared Technology Vulnerability CCSP (4:30)
-
520 Domain 5 Summary CCSP (4:15)
Module 6 Legal, Risk, and Compliance
-
61 Legal, Risk and Compliance CCSP (5:00)
-
62 Legal Risks of Cloud Computing CCSP (6:05)
-
63 Due Diligence and Due Care CCSP (4:14)
-
64 Legal and Compliance Terms CCSP (4:34)
-
65 US Laws and Regulations CCSP (4:47)
-
66 Sarbanes-Oxley (SOX) CCSP (4:33)
-
67 Graham-Leach-Bliley Act (GLBA) CCSP (3:58)
-
68 Health Information Portability and Accountability Act (HIPAA) CCSP (4:46)
-
69 Payment Industry Card (PCI) CCSP (4:28)
-
610 General Data Protection Regulation (GDPR) CCSP (4:30)
-
611 GDPR Privacy Principles CCSP (4:45)
-
612 Risk Management CCSP (8:01)
-
613 Risk Management Frameworks CCSP (3:54)
-
614 Vendor Management CCSP (5:04)
-
615 Statement on Standards for Attestation Engagements (SSAE-18) CCSP (5:54)
-
616 Domain 6 Summary CCSP (3:42)
-
617 Conclusion CCSP (5:40)
