The Securing Cloud Deployments with Cisco Technologies (SECCLD) v1.0 course shows you how to implement Cisco® cloud security solutions to secure access to the cloud, workloads in the cloud, and software as a service (SaaS) user accounts, applications, and data. Through expert instruction and hands-on labs, you’ll learn a comprehensive set of skills and technologies including: how to use key Cisco cloud security solutions; detect suspicious traffic flows, policy violations, and compromised devices; implement security controls for cloud environments; and implement cloud security management. This course covers usage of Cisco Cloudlock, Cisco Umbrella™, Cisco Cloud Email Security, Cisco Advanced Malware Protection (AMP) for Endpoints, Cisco Stealthwatch® Cloud and Enterprise, Cisco Firepower® NGFW (next-generation firewall), and more.

Introducing the Cloud and Cloud Security

• Describe the Evolution of Cloud Computing
• Explain the Cloud Service Models
• Explore the Security Responsibilities Within the Infrastructure as a Service (IaaS) Service Model
• Explore the Security Responsibilities Within the Platform as a Service (PaaS) Service Model
• Explore the Security Responsibilities Within the SaaS Service Model
• Describe Cloud Deployment Models
• Describe Cloud Security Basics

Implementing the CiscSecurity Solution for SaaS Access Control

• Explore Security Challenges for Customers Using SaaS
• Describe User and Entity Behavior Analytics, Data Loss Prevention (DLP), and Apps Firewall
• Describe Cloud Access Security Broker (CASB)
• Describe CiscCloudLock as the CASB
• Describe OAuth and OAuth Attacks

Deploying CiscCloud-Based Security Solutions for Endpoints and Content Security

• Describe CiscCloud Security Solutions for Endpoints
• Describe AMP for Endpoints Architecture
• Describe CiscUmbrella
• Describe CiscCloud Email Security
• Design Comprehensive Endpoint Security

Introducing CiscSecurity Solutions for Cloud Protection and Visibility

• Describe Network Function Virtualization (NFV)
• Describe CiscSecure Architectures for Enterprises (CiscSAFE)
• Describe CiscNGFWv/CiscFirepower Management Center Virtual (FMCv)/CiscAMP for Networks
• Describe CiscASAv
• Describe CiscServices Router 1000V (CSR1Kv)
• Describe CiscStealthwatch Cloud
• Describe CiscTetration Cloud Zero-Trust Model

Describing the Network as the Sensor and Enforcer

• Describe CiscStealthwatch Enterprise
• Describe CiscISE Functions and Personas
• Describe CiscTrustSec
• Describe CiscStealthwatch and CiscISE Integration
• Describe CiscEncrypted Traffic Analytics (ETA)

Implementing CiscSecurity Solutions in AWS

• Explain AWS Security Offerings
• Describe AWS Elastic Compute Cloud (EC2) and Virtual Private Cloud (VPC)
• Discover CiscSecurity Solutions in AWS
• Explain CiscStealthwatch Cloud in AWS

Describing Cloud Security Management

• Describe Cloud Management and APIs
• Explain API Protection
• Illustrate an API Example: Integrate tISE Using pxGrid
• Identify SecDevOps Best Practices
• Illustrate a CiscCloud Security Management Tool Example: CiscDefense Orchestrator
• Illustrate a CiscCloud Security Management Tool Example: CiscCloudCenter™
• Describe CiscApplication Centric Infrastructure (ACI)
• Describe AWS Reporting Tools

This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments:

• Security architects
• Cloud architects
• Security engineers
• Cloud engineers
• System engineers
• Cisco integrators and partners

To fully benefit from this course, you should have completed the following course or obtained the equivalent knowledge and skills:

• Knowledge of cloud computing and virtualization software basics
• Ability to perform basic UNIX-like OS commands
• Cisco CCNP® security knowledge or understanding of the following topic areas:

1. Cisco Adaptive Security Appliance (ASA) and Adaptive Security Virtual Appliance (ASAv) deployment
2. Cisco IOS Flexible NetFlow operations
   Available in this course: Implementing Cisco Edge Network Security Solutions (SENSS)
3. Cisco NGFW (Cisco Firepower Threat Defense [FTD]), Cisco Firepower, and Cisco Firepower Management Center (FMC) deployment
4. Cisco Content Security operations including Cisco Web Security Appliance (WSA)/ Cisco Email Security Appliance (ESA)/ Cisco Cloud Web Security (CWS)
5. Cisco AMP for network and endpoints deployment
   Available in this course: Implementing Cisco Threat Control Solutions (SITCS)
6. Cisco ISE operations and Cisco TrustSec architecture
   Available in this course:Implementing Cisco Secure Access Solutions (SISAS)
7. VPN operation
   Available in this course:Implementing Cisco Secure Mobility solutions (SIMOS)