Cloud Security covers cloud security principles, patterns and architectural frameworks, data protection and compliance for cloud-based applications, data and infrastructure, and the design, development, and implementation of cloud security architectures. Upon completing this 4-day course, participants will possess the knowledge and skills necessary to secure cloud environments, effectively manage cloud security challenges, and protect sensitive data and applications hosted in the cloud.
Who Should Attend?
All employees who are responsible for applying best practices to cloud security architecture, design, operations, and service orchestration, including those in the following positions:
- Systems Engineer
- Security Engineer
- Security Administrator
Course Syllabus
Introduction
What Is the Cloud?
Cloud Concepts
Virtualisation
Cloud deployment models (public, private, hybrid)
Cloud service models (IaaS, PaaS, SaaS)
Service delivery models
The Global Cloud Ecosystem
Cloud Security Frameworks (GDPR, HIPAA, CIS etc.), Principles, Patterns and Certifications
Defining roles and responsibilities
Identifying provider and customer obligations
Legal and compliance considerations in the cloud
Potential security and privacy benefits and issues
Identity and Access Management (IAM)
Virtual private clouds (VPCs)
Firewall and network access controls
Cloud-based intrusion detection and prevention
AWS Security Technologies
Microsoft Azure Security
Audit an AWS Infrastructure
Hardening Infrastructure
Logging Services
Application Security
- OWASP Top 10
- Threat Modelling
- Secure Software Development Lifecycle
Pre-requisites
This is an advanced course for participants with a basic understanding of technologies such as operating systems, networking, and security principles.
- Fundamental understanding of computer networks, OSI (TCP/IP), DNS, HTTPS, etc.
- Understanding of fundamental information security concepts
- Basic knowledge of Linux and Windows command line