Securing Cloud Deployments with Cisco Technologies (SECCLD) 1.0 (SECCLD)

The Securing Cloud Deployments with Cisco Technologies (SECCLD) v1.0 course shows you how to implement Cisco® cloud security solutions to secure access to the cloud, workloads in the cloud, and software as a service (SaaS) user accounts, applications, and data.

Through expert instruction and hands-on labs, you’ll learn a comprehensive set of skills and technologies including: how to use key Cisco cloud security solutions; detect suspicious traffic flows, policy violations, and compromised devices; implement security controls for cloud environments; and implement cloud security management.

This course covers usage of Cisco Cloudlock, Cisco Umbrella™, Cisco Cloud Email Security, Cisco Advanced Malware Protection (AMP) for Endpoints, Cisco Stealthwatch® Cloud and Enterprise, Cisco Firepower® NGFW (next-generation firewall), and more.

Who should attend?

This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments:

  • Security architects
  • Cloud architects
  • Security engineers
  • Cloud engineers
  • System engineers
  • Cisco integrators and partners


To fully benefit from this course, you should have completed the following course or obtained the equivalent knowledge and skills:

  • Knowledge of cloud computing and virtualization software basics
  • Ability to perform basic UNIX-like OS commands
  • Cisco CCNP® security knowledge or understanding of the following topic areas:
    • Cisco Adaptive Security Appliance (ASA) and Adaptive Security Virtual Appliance (ASAv) deployment
    • Cisco IOS Flexible NetFlow operations
    • Cisco NGFW (Cisco Firepower Threat Defense [FTD]), Cisco Firepower, and Cisco Firepower Management Center (FMC) deployment
    • Cisco Content Security operations including Cisco Web Security Appliance (WSA)/ Cisco Email Security Appliance (ESA)/ Cisco Cloud Web Security (CWS)
    • Cisco AMP for network and endpoints deployment
    • Cisco ISE operations and Cisco TrustSec architecture
    • VPN operation
Show details

Course Outline

Introducing the Cloud and Cloud Security

  • Describe the Evolution of Cloud Computing
  • Explain the Cloud Service Models
  • Explore the Security Responsibilities Within the Infrastructure as a Service (IaaS) Service Model
  • Explore the Security Responsibilities Within the Platform as a Service (PaaS) Service Model
  • Explore the Security Responsibilities Within the SaaS Service Model
  • Describe Cloud Deployment Models
  • Describe Cloud Security Basics

Implementing the CiscSecurity Solution for SaaS Access Control

  • Explore Security Challenges for Customers Using SaaS
  • Describe User and Entity Behavior Analytics, Data Loss Prevention (DLP), and Apps Firewall
  • Describe Cloud Access Security Broker (CASB)
  • Describe CiscCloudLock as the CASB
  • Describe OAuth and OAuth Attacks

Deploying CiscCloud-Based Security Solutions for Endpoints and Content Security

  • Describe CiscCloud Security Solutions for Endpoints
  • Describe AMP for Endpoints Architecture
  • Describe CiscUmbrella
  • Describe CiscCloud Email Security
  • Design Comprehensive Endpoint Security

Introducing CiscSecurity Solutions for Cloud Protection and Visibility

  • Describe Network Function Virtualization (NFV)
  • Describe CiscSecure Architectures for Enterprises (CiscSAFE)
  • Describe CiscNGFWv/CiscFirepower Management Center Virtual (FMCv)/CiscAMP for Networks
  • Describe CiscASAv
  • Describe CiscServices Router 1000V (CSR1Kv)
  • Describe CiscStealthwatch Cloud
  • Describe CiscTetration Cloud Zero-Trust Model

Describing the Network as the Sensor and Enforcer

  • Describe CiscStealthwatch Enterprise
  • Describe CiscISE Functions and Personas
  • Describe CiscTrustSec
  • Describe CiscStealthwatch and CiscISE Integration
  • Describe CiscEncrypted Traffic Analytics (ETA)

Implementing CiscSecurity Solutions in AWS

  • Explain AWS Security Offerings
  • Describe AWS Elastic Compute Cloud (EC2) and Virtual Private Cloud (VPC)
  • Discover CiscSecurity Solutions in AWS
  • Explain CiscStealthwatch Cloud in AWS
  • Describing Cloud Security Management
  • Describe Cloud Management and APIs
  • Explain API Protection
  • Illustrate an API Example: Integrate tISE Using pxGrid
  • Identify SecDevOps Best Practices
  • Illustrate a CiscCloud Security Management Tool Example: CiscDefense Orchestrator
  • Illustrate a CiscCloud Security Management Tool Example: CiscCloudCenter™
  • Describe CiscApplication Centric Infrastructure (ACI)
  • Describe AWS Reporting Tools