Introduction
CCSK introduction and overview
()
1. Cloud Computing Concepts and Architectures
Cloud computing definition
()
Cloud service models
()
Cloud deployment models
()
Reference architecture models
()
Cloud security scope responsibilities
()
2. Cloud Governance
Cloud governance
()
Cloud governance hierarchy
()
3. Risk, Audit, and Compliance
Cloud risk-management overview
()
Assessing cloud services
()
Compliance
()
Audit inheritance and artifacts
()
4. Organization Management
Organization hierarchy models
()
Managing organization-level security
()
Considerations for hybrid and multicloud deployments
()
5. Identity and Access Management
Identity and access management terminology
()
Federation
()
AuthZ and AuthN in the cloud
()
6. Security Monitoring
Security monitoring
()
Cloud telemetry sources and architecture
()
7. Infrastructure and Networking
Infrastructure and networking overview
()
Cloud network security and secure architectures
()
8. Cloud Workload Security
Introduction to cloud workload security
()
Securing containers
()
Securing serverless and function as a service (FaaS)
()
Threats to AI workloads
()
AI workload risk mitigation
()
9. Data Security
Cloud storage
()
Data security tools and techniques
()
Cloud data key management strategies
()
10. Application Security
Secure design and architecture
()
Secure coding, continuous build, integration, and testing
()
Continuous delivery and deployment
()
Runtime defense and monitoring
()
11. Incident Response and Resilience
Definition of incident and related terms
()
Incident preparation
()
Incident detection and analysis
()
Containment, eradication, recovery, and postanalysis
()
12. Related Technologies and Strategies
Zero Trust technical objectives
()
AI as a service (AIaaS)
()