Course Outline

Day 1

1. Cloud Computing Concepts and Architecture

a) Definitions of Cloud Computing

  • Service Models
  • Deployment Models
  • Reference and Architecture Models
  • Logical Mode

b) Cloud Security Scope, Responsibilities, and Models

c) Areas of Critical Focus in Cloud Security

2. Governance and Enterprise Risk Management

a) Tools of Cloud Governance

b) Enterprise Risk Management in the Cloud

c) Effects of various Service and Deployment Models

d) Cloud Risk Trade-offs and Tools

3. Legal Issues, Contracts and Electronic Discovery

a) Legal Frameworks Governing Data Protection and Privacy

  • Cross-Border Data Transfer
  • Regional Considerations

b) Contracts and Provider Selection

  • Contracts
  • Due Diligence
  • Third-Party Audits and Attestations

c) Electronic Discovery

  • Data Custody
  • Data Preservation
  • Data Collection
  • Response to a Subpoena or Search Warrant

4. Compliance and Audit Management

a) Compliance in the Cloud

  • Compliance impact on cloud contracts
  • Compliance scope
  • Compliance analysis requirements

b) Audit Management in the Cloud

  • Right to audit
  • Audit scope
  • Auditor requirements

Day 2

 5. Information Governance

a) Governance Domains

b) Six phases of the Data Security Lifecycle and their key elements

c) Data Security Functions, Actors and Controls

6. Management Plane and Business Continuity

a) Business Continuity and Disaster Recovery in the Cloud

b) Architect for Failure

c) Management Plane Security

7. Infrastructure Security

a) Cloud Network Virtualization

b) Security Changes with Cloud Networking

c) Challenges of Virtual Appliances

d) SDN Security Benefits

e) Micro-segmentation and the Software Defined Perimeter

f) Hybrid Cloud Considerations

g) Cloud Compute and Workload Security

8. Virtualization and Containers

a) Major Virtualizations Categories

b) Network

c) Storage

d) Containers

Day 3

9. Incident Response

a) Incident Response Lifecycle

b) How the Cloud Impacts IR

10. Application Security

a) Opportunities and Challenges

b) Secure Software Development Lifecycle

c) How Cloud Impacts Application Design and Architectures

d) The Rise and Role of DevOps

11. Data Security and Encryption

a) Data Security Controls

b) Cloud Data Storage Types

c) Managing Data Migrations to the Cloud

d) Securing Data in the Cloud

12. Identity, Entitlement, and Access Management

a) IAM Standards for Cloud Computing

b) Managing Users and Identities

c) Authentication and Credentials

d) Entitlement and Access Management

13. Security as a Service

a) Potential Benefits and Concerns of SecaaS

b) Major Categories of Security as a Service Offerings

14. Related Technologies

a) Big Data

b) Internet of Things

c) Mobile

d) Serverless Computing

Requirements

 

  21 Hours
 

Testimonials (2)

Related Courses

CISM - Certified Information Security Manager

  28 Hours

Related Categories