• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced
Course Description

The Cloud Security and FedRAMP course provides students with an in-depth knowledge of cloud security requirements, cloud security issues, cloud computing architecture and security concepts for the three types of cloud computing: Infrastructure as a Service (IaaS) , Software as a Service (SaaS) and Platform as a Service (PaaS), and explains what cloud service providers and agencies must do to understand the latest guidance provided by NIST and to meet the requirements for the Federal Risk and Authorization Management Program (FedRAMP).

Learning Objectives

Module 1: Introduction to Cloud Computing Architecture and Security Concepts

  • Know cloud computing architectures
  • Identify security challenges for the cloud

Module 2: Cloud Security Fundamentals

  • Identify cloud security fundamentals

Module 3: Procuring Cloud Services for Federal Agencies

  • Define Assessment and Authorization roles and responsibilities
  • Know the requirements

Module 4: What is FedRAMP?

  • Know the purpose and focus of FedRAMP
  • Know the FedRAMP security requirements
  • Understand the required FedRAMP documentation:
    • Contingency Plan Template
    • Control Implementation Summary Template
    • Control Tailoring Workbook (CTW) Template
    • e-Authentication Template
    • Plan of Action and Milestones (POAM) Template
    • Rules of Behavior (RoB) Template
    • FIPS 199 Template
    • Privacy Threshold Analysis and Privacy Impact Assessment (PTA & PIA) Template
    • Security Assessment Plan (SAP) Template
    • Security Assessment Report (SAR) Template
    • System Security Plan (SSP) Template
    • Security Controls Quick Guide Template and Process Quick Guide

Module 5 - Continuous Monitoring

  • Know purpose of continuous monitoring
  • Understand FedRAMP continuous monitoring requirements
  • Understand process of continuous monitoring in a cloud environment

Framework Connections