CSAP - Why Boot Camp ?
Can you point out the wrong statement?
- You can use proxy and brokerage services to separate clients from direct access to shared cloud storage
- Any distributed application has a much greater attack surface than an application that is closely held on a Local Area Network
- Cloud computing doesn’t have vulnerabilities associated with Internet applicationsg
- All of the mentioned
You Will Learn
Models of Cloud Computing –Iaas, Paas
Cloud Computing deployment Model – Private, Public
Characteristics of cloud computing
Challenges of Cloud Computing
Identity and Access Management (IAM)
Risk, Audit, and Assessment for the Cloud:
Building blocks on cloud – Security Groups, VPC’s, KMS
Common Risks, Threats and Vulnerabilities of Cloud-based Services and Cloud-hosted Solutions
Disaster Recovery and Business Continuity Planning in the Cloud Data Security in the Cloud
How to adapt security architecture, tools, and processes for use in cloud environments
No Events on The List at This Time
Course Syllabus
CLOUD COMPUTING CONCEPTS
- Brief history of cloud computing
- Essential Characteristics
- Service models
- Deployment model
- Cloud Security and Compliance Scope and Responsibilities
CLOUD COMPUTING ARCHITECTURE & DESIGN REQUIREMENTS
- Reference and Architecture Models
- Simplified architectural of Iaas platform
- Simplified architectural of Paas platform
- Simplified architectural of SaaS platform
- Generalized architecture
- Domain specific reference models
GOVERANCE AND ENTERPRISE RISK MANAGEMENT
- Risk and Governance Hierarchy
- Governing in the Cloud
- Tools of Cloud Governance
- Cloud Information Governance Domains
CHALLENGES OF CLOUD COMPUTING
- Security
- Data privacy
- Performance
- Governance
PLATFORM AND INFRASTRUCURE SECURITY
- A Simple Cloud Security Process Model
- Management Plane Security
- Cloud Network Virtualization
DATA SECURITY AND ENCRYPTION
- Data Security Controls
- Cloud Data StorageTypes
- Managing Data Migrations to the Cloud
- Securing Cloud Data Transfers
- Storage (At-Rest) Encryption and Tokenization xxxx -Key managentprocedures ( generic topic)
- Data Security Architectures
- Data Loss Prevention
- Enterprise Rights Management
- Enforcing Lifecycle Management Security
IDENTITY , ENTITLEMENT AND ACCESS MANAGEMENT
- How IAM is Different in the Cloud
- Terms related to IAM
- IAM Standards for Cloud Computing
- Authentication and Credentials
- Entitlement and Access Management
- Privileged User Management
APPLICATION SECURITY
- Opportunities and challenges
- Secure Software Development Lifecycle
- Design and Architecture
- DevOps and Continuous Integration/Continuous Deployment (CI/CD)
BUSINESS CONTINUNITY
- Business Continuity and Disaster Recovery in the Cloud
VIRTUALIZATION AND CONTAINERIZATION
- Brief into ofVirtualization ( general topic)
- Brief into ofContainerization ( general topic)
- Major Virtualization Categories Relevant to Cloud Computing
CLOUD OPERATIONS
- Operating in the Cloud
- Secure Operations
INCIDENT MANAGEMENT
- Incident Response Lifecycle, as laid out in NIST 800-61 rev2
- Cloud impact on IR
LEGAL AND COMPLAINCE
- Legal Frameworks Governing Data Protection and Privacy
- Cross-border Data Transfers
- GDRP
- Compliance - Audit scope
- Audit Management
DEVOPS
- Brief introduction to DevOps
- Security during DevOps