SCAZT: Secure Cloud Access Design and Implementation Training Course
Length
5 days / 5 weeks
Price
$5499
Days
Mon - Fri
Why Choose This Course
Cloud security isn’t just a platform problem anymore—it’s an end-to-end access problem that spans users, devices, applications, and data. This instructor-led training gives you a structured way to design and implement secure cloud access with confidence. You’ll work through practical architectures and controls that align to Zero Trust principles, then apply them to real-world scenarios across hybrid and multicloud environments.
In practice, that means learning how to secure identity and devices, control access at the network and cloud edges, protect applications and data, and maintain visibility so you can detect and respond to threats faster. The course content aligns with the official SCAZT exam domains, covering cloud security architecture, user and device security, network and cloud security, application and data security, visibility and assurance, and threat response.
Expect a pragmatic approach: clear use cases, step-by-step configuration themes, and guidance on validating outcomes. The goal is to help you build secure, resilient access that stands up to day-to-day operations and audits—without over-promising or relying on buzzwords. A certificate of course attendance is included.
Prerequisites
- The vendor recommends a good understanding of enterprise routing and switching, WAN networking, Cisco SD-WAN, public cloud services, VPN technologies, and Cisco security solutions.
Exam
Candidates can achieve this certification by passing the following exam(s).
- Designing and Implementing Secure Cloud Access for Users and Endpoints
Books
- Designing and Implementing Secure Cloud Access for Users and Endpoints (SCAZT) course material included.
Delivery
- Live virtual online training attend in real-time from anywhere
Skills Gained
- Map requirements to the Cisco Security Reference Architecture and its core components.
- Compare and apply industry frameworks (for example, NIST, CISA, DISA) to cloud access designs.
- Design identity-centric access with certificate-based authentication for users and devices.
- Configure and integrate multi-factor authentication for protected applications and VPN access.
- Implement posture-based access with endpoint compliance checks.
- Configure SAML single sign-on and OpenID Connect for modern applications.
- Define and enforce network and cloud edge policies, including URL filtering and application controls.
- Deploy and tune secure web gateway and cloud-delivered firewall capabilities for SaaS access control.
- Plan and validate web application firewall protections for internet-facing apps.
- Apply microsegmentation and workload policy to prevent lateral movement.
- Use visibility and assurance tools to discover cloud applications and verify access policies.
- Interpret threat tactics (for example, MITRE ATT&CK) and design appropriate mitigations.
- Automate policy checks and assist troubleshooting through APIs in cloud environments.
- Investigate incidents and coordinate response using analytics and XDR workflows.
Audience
- This course is ideal for network engineers, network security engineers, network architects, and sales or presales engineers who design or implement secure cloud access.
Course Schedule & Pricing
Choose the schedule that fits your life — all options include full course materials & certification support
Full-time immersion for rapid certification readiness.
Balance your career while you upgrade your skills.
Maximum flexibility for busy working professionals.
Outline
- Architecture and Frameworks
- Industry security frameworks: NIST, CISA, DISA (concepts and application)
- Cisco Security Reference Architecture fundamentals and common use cases
- Cisco SAFE architecture, key structure, places in the network, and secure domains
- Identity, Users, and Devices
- Certificate-based authentication for users and devices
- Duo multi-factor authentication for application protection
- Duo with VPN for remote access scenarios
- Endpoint compliance and posture-based access with ISE
- SSO using SAML and OpenID Connect
- Network and Cloud Edge Controls
- SD-WAN threat prevention security services
- SD-WAN content filtering and direct internet access policies
- Integration with Umbrella Secure Internet Gateway (DNS security, cloud-delivered firewall, IPS)
- Reverse proxy patterns for internet-facing applications
- Security policies for remote users via VPN or application-based access
- Security services edge and enforcing application policy at the edge
- Application and Data Security
- Web application firewall capabilities and use cases
- Secure Workload: deployment, agents, connectors, dependency mapping, and policy discovery
- Microsegmentation for lateral movement prevention
- Cloud attack tactics and mitigation strategies (ATT&CK context)
- Visibility, Assurance, and Operations
- Discovering and controlling access to cloud-delivered apps (CASB features)
- ThousandEyes for SD-WAN visibility and assurance
- Secure Network Analytics and Security Analytics and Logging for telemetry and verification
- Attack Surface Management and XDR for investigation and response
- Automating cloud policy checks and responses via APIs
- Hands-on Themes
- BYOD onboarding and compliance-based access
- Duo MFA integrations for applications and AnyConnect VPN
- DNS and SIG policy configuration for SaaS control
- Remote access VPN on Secure Firewall and policy tuning
- Secure Workload exploration and ATT&CK technique mapping
- Incident investigation workflows with analytics and XDR
Terms & Conditions
Frequently Asked Questions (FAQ's)
Is this course aligned to the Cisco SCAZT exam domains?
Which certification path does SCAZT support?
Are there any mandatory prerequisites?
Our Partnership
Reliable certification testing is vital for validating professional skills in today’s tech-driven world. As a Pearson VUE Authorised Centre, we provide a secure environment for globally recognised IT exams. This partnership ensures convenient access to certifications with the highest standards of integrity and accuracy.
Our Accreditations
