View Descriptor
Descriptor Details
-
Cloud Security Fundamentals
-
Not Identified
-
171
-
Not Identified
-
Not Identified
-
3
-
Not Identified
-
Uploaded: Problem accessing file: template_758.doc
Students will learn how to properly evaluate cloud providers, and to perform risk assessment and review. Students will be introduced to the various cloud computing delivery models, ranging from Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and how each delivery models represents an entirely separate set of security conditions to consider, especially when coupled with various cloud types, including public, private, and hybrid. The course will also touch on architecture and infrastructure fundamentals for the private, public, and hybrid clouds, including a wide range of topics such as patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will also be covered, with recommendations for both internal policies and contract provisions. This will lead us to a discussion of compliance and legal concerns.
None
None
ITIS 160 – Introduction to Information Systems Security (3)
ITIS 170 – Virtualization and Cloud Essentials (3)
- Introduction to Cloud Computing
- Delivery models: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS)
- Cloud types (public, private, hybrid)
- Explaining the Jericho Cloud Cube Model
- Security Challenges in the Cloud
- Introduction to the topic: Why is this hard?
- Virtualization and multi-tenancy
- Risk assessment for cloud migration
- Unique SaaS challenges and Cloud Access Security Brokers (CASBs)
- Infrastructure Security in the Cloud
- Patch and configuration management
- Change management
- Network and virtualization security
- Application security for SaaS, PaaS, and IaaS
- Policy and Governance for Cloud Computing
- Internal policy needs
- Contract requirements for security
- Service-level agreements
- Governance models for the cloud
- Compliance and Legal Considerations
- Compliance challenges for the cloud
- Legal and geographic jurisdiction
- Privacy concerns
- Disaster Recovery and Business Continuity Planning in the Cloud
- Identity and Access Management (IAM)
- IAM architecture and relevance to the cloud
- Authentication and authorization standards
- Account management and provisioning
- Federation
- Data Security in the Cloud
- Encryption types and availability
- Key management and encryption architectures
- Data/information lifecycle
- Retention
- Disposal
- Classification
- Intrusion Detection and Incident Response
- Incident detection for different cloud models
- Managing Intrusion Detection System/Intrusion Prevention System (IDS/IPS) and alerting
- The event management feedback loop
- Risk, Audit, and Assessment for the Cloud
- Risk management
- Auditing the cloud
- Remote
- Onsite
- CloudAudit A6
- Assessments for the cloud
- Penetration testing the cloud
- Internal assessments
At the conclusion of this course, the student should be able to:
- Build a risk-based assessment program of cloud providers' controls
- Understand the key areas to focus on in cloud contracts
- Evaluate the various layers of cloud infrastructure
- Adapt a disaster recovery and business continuity plan for cloud environments
- Perform vulnerability assessments in a cloud environment
- Integrate encryption and identity management services in a cloud environment
- Improve your incident response and monitoring capabilities in the cloud
Evaluation will include hands-on projects and a combination of examinations, presentations, discussions, or problem-solving assignments.
- Winkler, V. (J.R.), Securing the Cloud: Cloud Computing Security Techniques and Tactics, by Syngress/Elsevier
- Carter, D., CCSP Certified Cloud Security Professional All-in-One Exam Guide
-
No
-
Not Identified
-
Not Identified
-
Not Identified
-
Not Identified
-
Not Identified
Delete Descriptor?
Are you sure you want to delete this descriptor?
Deleted descriptors cannot be restored.