Certified Cloud Security Engineer | CCSE

Certified Cloud Security Engineer | CCSE

Certified Cloud Security Engineer (CCSE) is a hands-on course designed and developed by cloud security professionals in association with subject matter experts across the globe. This course includes both vendor neutral and vendor specific cloud security concepts. Vendor neutral concepts include universally applicable general cloud security best practices, technology, frameworks, and principles that help individuals to strengthen their fundamentals. It helps professionals to develop and enhance their knowledge and skills in planning, configuring, implementing, and maintaining a secure cloud environment for their organizations, and validates their knowledge, skills, and abilities in protecting, detecting, and responding to threats in the cloud network infrastructure.

Pricing Options

On
Demand

On Demand Instructor-led Training Videos

Official E-Courseware

Online CyberQ Labs

Certification Exam

Certificate of Completion

Live Instructor-led Training (in-person or online)

Online Exam Prep (CEH, CHFI, CND Only)

One Additional Certification Course Included

CodeRed Continuing Education Video Subscription

$2,199
$1,515
$718
$2,014

Buy Now

*Financing Available (US Only)

Unlimited On Demand
(Club)

On Demand Instructor-led Training Videos

Official E-Courseware

Online CyberQ Labs

Certification Exam

Certificate of Completion

Live Instructor-led Training (in-person or online)*

Online Exam Prep (CEH, CHFI, CND Only)

Unlimited Additional Certification Courses Included

CodeRed Continuing Education Video Subscription

$2,999
$2,999
$2,999
$2,999

Buy Now

*Financing Available (US Only)


Live

On Demand Instructor-led Training Videos

Official E-Courseware

Online CyberQ Labs

Certification Exam

Certificate of Completion

Live Instructor-led Training (in-person or online)

Online Exam Prep (CEH, CHFI, CND Only)

One Additional Certification Course Included

CodeRed Continuing Education Video Subscription

$2,999
$2,999
$2,999
$2,999

Buy Now

*Financing Available (US Only)

*Upgrade any course to live training for $499

Why Certified Cloud Security Engineer?

Detailed Methodological Approach and Instructor-Led Program

The CCSE program provides hands-on training to teach students how to create and implement security policies to safeguard cloud infrastructure and applications.

Vendor-Neutral and Vendor-Specific Concepts

CCSE is the first certification to offer a blend of vendor-neutral and vendor-specific concepts. The course covers features of cloud service providers such as AWS, Azure, and GCP.

SOAR for Incident Response

Learn to collect threat-related data using Security Orchestration, Automation, and Response (SOAR). Learn to create incident analysis reports and to automate incident response in the cloud.

Best Practices to Secure Cloud Infrastructure

Students will learn best practices for securing cloud infrastructure through evaluating cloud storage techniques and threats, configuring cloud services, designing and implementing incident respons...

Governance, Risk Management, and Compliance in the Cloud

The CCSE program equips individuals with the skills to design and implement governance frameworks, models, and regulations such as ISO/IEC 27017, HIPAA, and PCI DSS.

Forensic Methodologies for Cloud Infrastructure

Students will learn about the tools and techniques to perform forensics investigations on cloud platforms such as AWS, Azure, and GCP.

Standards, Policies, and Legal Issues in the Cloud

The CCSE program teaches individuals how to implement tools for regulation and audits of AWS, Azure, and GCP.

Lab-Intensive Cloud Security Program

CCSE is the only cloud-based certification course that provides hands-on training with more than 50 labs that present real-world scenarios in a simulated environment.

Outline

Course Outline

  • Module 01: Introduction to Cloud Security
  • Module 02: Cloud Platform and Infrastructure Security in Cloud
  • Module 03: Application Security in Cloud
  • Module 04: Data Security in Cloud
  • Module 05: Security Operations in Cloud
  • Module 06: Cloud Penetration Testing in Cloud

  • Module 07: Incident Response in Cloud
  • Module 08: Forensic Investigation in Cloud
  • Module 09: Business Continuity and Disaster Recovery in Cloud
  • Module 10: Governance, Risk Management, and Compliance (GRC) in Cloud
  • Module 11: Standards, Policies, and Legal Issues in Cloud

Who Should Attend

Who Should Attend

  • Network security engineers
  • Cybersecurity analysts
  • Network security analysts
  • Cloud administrators and engineers

  • Network security administrators
  • Cloud analysts
  • Cybersecurity engineers
  • Those working in network and cloud management and operations

Objectives

Course Objectives

After attending this cloud security course, students will have knowledge on the following:


Generic cloud security knowledge, skills, and abilities

  • Understand the fundamentals of cloud computing and its architecture.
  • Comprehend the key concepts and components of cloud security.
  • Identify and evaluate the different types of cloud deployment models (public, private, hybrid) and their associated security considerations.
    VDemonstrate knowledge of cloud service models (Infrastructure as a Service, Platform as a Service, Software as a Service) and their respective security challenges.
  • Identify common vulnerabilities and threats specific to cloud environments and develop strategies for their prevention and mitigation.
  • Familiarize yourself with cloud security challenges and threats.
  • Acquire knowledge of identity and access management (IAM) in cloud environments.
  • Learn about authentication and authorization mechanisms for cloud services.
  • Understand the principles of secure data storage and encryption in the cloud.
  • Gain knowledge of network security in cloud environments, including virtual private networks (VPNs) and firewalls.
  • Learn about security monitoring and logging in the cloud.
  • Understand incident response and disaster recovery strategies for cloud-based systems.
  • Acquire knowledge of compliance and regulatory considerations in cloud security.
  • Apply best practices for securing cloud-based infrastructure and services.
  • Implement encryption techniques to safeguard sensitive information in the cloud.
  • Apply principles of access control and IAM in the context of cloud environments.
  • Understand and utilize security monitoring and incident response mechanisms in the cloud.
  • Evaluate and select appropriate cloud service providers based on their security offerings.
  • Comprehend regulatory and compliance requirements related to cloud security.
  • Create and enforce cloud security policies and procedures within an organization.
  • Conduct penetration test, security audits, and assessments to ensure compliance with cloud security standards.
  • Understand the shared responsibility model and the division of security responsibilities between cloud providers and customers.
  • Demonstrate knowledge of cloud security frameworks, such as CSA (Cloud Security Alliance

AWS Cloud Security knowledge, skills, and abilities

  • Understand the shared responsibility model in AWS and the division of security responsibilities between AWS and the customer.
  • Understand AWS Cloud Adoption Framework and its security perspective Capabilities.
  • Gain knowledge of fundamental cloud security concepts and best practices in AWS.
  • Learn how to secure AWS identities and access management, including user accounts, groups, and roles.
  • Implement secure access control mechanisms, including IAM roles, policies, and permissions.
  • Learn how to configure and secure AWS networking components such as Virtual Private Cloud (VPC), subnets, and security groups.
  • Understand the various encryption mechanisms available in AWS, including data-at-rest and data-in-transit encryption.
  • Gain knowledge of AWS Key Management Service (KMS) and how to manage and secure cryptographic keys.
  • Learn how to secure AWS compute resources, such as EC2 instances and serverless functions.
  • Develop an understanding of AWS monitoring and logging services, including AWS CloudTrail and Amazon CloudWatch, and how to leverage them for security analysis and incident response.
  • Gain knowledge of AWS security services and features, such as AWS WAF (Web Application Firewall), AWS Shield, and AWS Inspector, and how to implement them to enhance security.
  • Understand best practices for securing AWS storage services, such as Amazon S3 (Simple Storage Service) and Amazon EBS (Elastic Block Store).
  • Learn about AWS security compliance programs and frameworks, such as AWS Well-Architected Framework, and how to implement security controls to meet compliance requirements.
  • Gain knowledge of AWS security automation and orchestration tools, such as AWS CloudFormation and AWS Config, and how to use them to automate security deployments and enforce security standards.
  • Learn about incident response and disaster recovery in the AWS environment, including best practices for incident handling and data backup and recovery.
  • Gain practical experience in configuring and managing security controls in Amazon Web Services

Azure Cloud Security knowledge, skills, and abilities

  • Gain knowledge of the basic principles, concepts, and components of cloud security in the Azure environment.
  • Understand the shared responsibility model and how it applies to securing Azure resources.
  • Understand Microsoft Cloud Adoption Framework for Azure and achieve cloud adoption goals.
  • Learn how to implement security measures to protect Azure resources such as virtual machines, databases, storage accounts, and networking components.
  • Learn how to manage user identities, roles, and access controls in Azure, including implementing Azure Active Directory (AAD), role-based access control (RBAC), and multi-factor authentication (MFA)
  • Learn about Azure Virtual Network (VNet) and how to implement network security groups (NSGs), virtual network service endpoints, and private endpoints to secure network traffic within Azure using Azure Firewall, and Azure DDoS Protection.
  • Understand how to protect data at rest and in transit using Azure features like Azure Disk Encryption, Azure Storage Service Encryption, Azure Key Vault, and Azure Information Protection and Implement Azure Key Vault to manage and safeguard cryptographic keys, secrets, and certificates.
  • Learn how to enhance Azure AD security by implementing features like multifactor authentication (MFA), conditional access, Privileged Identity Management (PIM), and Azure AD Identity Protection.
  • Explore Microsoft Defender for cloud and learn how to use it to monitor, assess, and improve the security posture of Azure resources, including virtual machines, containers, and Azure services as well as implementing security recommendations and best practices.
  • Gain knowledge of Azure Monitor, Azure Sentinel, and Microsoft Defender for cloud’s threat intelligence capabilities to detect and respond to security incidents effectively.
  • Understand Azure governance frameworks and best practices for maintaining compliance and meeting regulatory requirements, including Azure Policy, Azure Blueprints, and Azure Audit and Security Logs.
  • Learn how to secure Azure virtual machines including, implementing Azure Bastion for secure remote access and using Microsoft Defender for cloud for VM monitoring and threat detection.
  • Acquire knowledge of best practices for securing Azure resources and implementing security controls.
  • Learn about incident response procedures, disaster recovery planning, and utilizing Azure services such as Azure Site Recovery and Azure Backup for data protection and business continuity.
  • Gain knowledge of additional security services and solutions in Azure, such as Azure DDoS Protection, and Azure Advanced Threat Protection.
    Explore best practices for securing Azure Storage accounts, Azure App Service, and Azure SQL Database.
  • Understand Azure Backup and Azure Site Recovery for data protection and disaster recovery scenarios.
  • Gain practical experience in configuring and managing security controls in Microsoft Azure

GCP Specific Concepts

  • Gain a solid understanding of the key concepts, principles, and best practices related to securing applications and data in the GCP environment.
  • Understanding the fundamentals of cloud security and the shared responsibility model in GCP.
  • Understand Google Cloud Adoption Framework.
  • Knowledge of GCP security concepts, tools, and services for protecting cloud-based resources.
  • Learn how to implement and configure IAM roles, policies, and permissions to control access to GCP resources, services, and data.
  • Understand how to design and configure secure virtual networks (VPCs) in GCP, including network segmentation, firewall rules, subnetworks, and VPC peering.
  • Learn about GCP’s network security features and tools, such as Cloud Armor, Cloud Load Balancing, Cloud VPN, and Cloud DNS, to protect network traffic and prevent unauthorized access.
  • Understand how to effectively protect sensitive data in GCP using encryption techniques, including encryption at rest and in transit, key management, and Google Cloud Key Management Service (KMS).
  • Learn how to set up and configure logging and monitoring mechanisms in GCP to detect and respond to security incidents effectively. This may involve using tools like Google Cloud Security Command Center and Operations Suite Logging.
  • Understand best practices for secure application development on GCP, including secure coding techniques, vulnerability management, and integration with GCP security services like Cloud Security Scanner and Cloud Security Command Center.
  • Familiarize yourself with GCP’s compliance frameworks, certifications, and regulatory requirements, and learn how to implement security controls and practices to meet industry standards and compliance obligations.
  • Develop skills in incident response planning, security incident management, and disaster recovery techniques specific to GCP, including incident detection, containment, and remediation procedures.
  • Understand the recommended security practices and configurations for different GCP services and resources, including Compute Engine, Cloud Storage, Cloud SQL, and Google Kubernetes Engine (GKE)
  • Learn how to leverage additional GCP services like Cloud Identity-Aware Proxy (IAP), Security Key Enforcement, and Identity Platform to enhance authentication and access control.
  • Gain practical experience in configuring and managing security controls in Google Cloud Platform

Exam

Passing Score

In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 78%.

Exam Prefix: 312-40 (ECC EXAM)

Number of Questions: 125

Test Duration: 4 Hours

Test Format: Multiple Choice

Test Delivery: EC-Council Exam Portal

Job Roles

Job Roles

  • Cloud Security Engineer
  • Cloud Security Consultant
  • Cyber Cloud Security Manager
  • Cloud Security Architect
  • Cloud Security Manager
  • API Cloud Security Engineer
  • Cloud Security Technical Lead
  • Cloud Security Administrator
  • Cloud Security Analyst
  • Cloud Security Specialist
  • IT Delivery Manager
  • Cloud Security Engineer

  • Cloud Security and Compliance Specialist
  • Cloud Security Operations Lead
  • Cloud Security Practice Manager
  • Cloud Security Engineer – DevSecOps
  • DevSecOps Cloud Security Architect
  • Cloud Security/OPS
  • Cloud Security SME
  • Cloud Security Project Manager
  • Cloud Security/Operations Engineer
  • Cloud Security/Infosec/SecOps Engineer
  • Clouds DevOps Engineer

Certification Club

Save big. Join the club.

As an iClass Club member, you receive unlimited access to EC-Council’s library of video courses. Upgrade to live classes for only $499 each during the subscription year.

You can even finance your Club membership through our partnership with Affirm. In the cart, you’ll be able to split your purchase into easy monthly payments. Term lengths range from 3 to 36 months depending on eligibility and purchase amount, with rates starting as low as 0% APR.

*Your rate will be 0% APR or 10–30% APR based on credit and is subject to an eligibility check. 0% APR is subject to change. Payment options through Affirm are provided by these lending partners: affirm.com/lenders. Options depend on your purchase amount, and a down payment may be required. US Residents Only.

Certification Club Benefits:

Don’t limit yourself to one class per year, join the iClass Club and get your cybersecurity training directly from the source! No one course can make you an expert, so take advantage of EC-Council Master trainers in each subject area and become a well-rounded cybersecurity professional.

For approximately the cost of one live course, the iClass Club will stretch your budget from one course to many. With savings like that, you can afford to build a strong foundation of cybersecurity knowledge in ethical hacking, pen testing, network defense, incident response, computer forensics, and so much more!

Get Started

One Year Subscription

$2,999

Access to EC-Council’s full library of on-demand courses

Official e-courseware

iLabs*

Certification exam*

Move to “enhance” to upgrade your experience.

Enhance

During your subscription, you can upgrade to a live course for $499!

Official Printed Courseware

iLabs*

Certification exam*

Lastly, receive ongoing professional development by moving to the Continuing Education phase!

Continuing Education

One year of CodeRed

Included

Continue to learn and gather continuing education credits with CODERED!

Premium Content: 4000+ Premium Videos

Fresh Content: New courses and content are added weekly to keep up with the latest skills and technologies.

CodeRed course videos come with lab demos to reinforce course learning concepts and create a constant career learning companion.


Club Subscription in North America
Buy Now

Club Subscription outside of North America
Contact Us

Certification Club Terms:

*Not all courses and workshops have associated Labs and exams. Club members must complete 100% of a course before requesting their next course and to be eligible for that course’s exam voucher. CCISO students must meet the eligibility requirements to challenge the CCISO exam. Students who do not meet the CCISO qualifications must take the EISM exam. CodeRed subscription 12 months. Club membership applicable to EC-Council classes only and does not apply to third party or Hacker Halted classes. Devices such as drones or STORMs must be purchased separately at regular price. Drones and STORMs only ship to the US. Students outside of the US can attend drone workshops but must obtain a drone on their own. If a course version changes while your program is still active, you will be given updated material. If a course version changes after your Club is expired, you will need to purchase an extension to get the new version. Club valid for one year and term begins 24 hours after payment is received. After a period of one (1) year the program expires, and all courses are turned off. Lab access term is for 6 months from when a course is assigned. Additional lab time can be added for no extra charge upon request. Labs will not be extended beyond the Club term. Speak to your rep to extend your Club term for 1 year. Renewal price for the Club is $999. Discount not stackable. The Club is a single user license meaning that the courses cannot be shared, and the club is non-transferable.


If you are outside of North America and are interested in the club subscription, please click here.

If you are outside of North America and are interested in the club subscription, please click here.

If you are outside of North America and are interested in the club subscription, please click here.

Have questions?

Talk to an Expert

How do you like to learn?

US Military Solutions
Enterprise Solutions
Authorized Third Party Training