Course Syllabus
1: Architecture
- NIST Definitions
- Essential Characteristics
- Service Models
- Deployment Models
- Multi-Tenancy
- CSA Cloud Reference Model
- Jericho Cloud Cube Model
- Cloud Security Reference Model
- Cloud Service Brokers
- Service Level Agreements
2: Governance and Enterprise Risk Management
- Contractual Security Requirements
- Enterprise and Information Risk Management
- Third Party Management Recommendations
- Supply chain examination
- Use of Cost Savings for Cloud
3: Legal Issues: Contracts and Electronic Discovery
- Consideration of cloud-related issues in three dimensions
- E-Discovery considerations
- Jurisdictions and data locations
- Liability for activities of subcontractors
- Due diligence responsibility
- Federal Rules of Civil Procedure and electronically stored information
- Metadata
- Litigation hold
4: Compliance and Audit Management
- Definition of Compliance
- Right to audit
- Compliance impact on cloud contracts
- Audit scope and compliance scope
- Compliance analysis requirements
- Auditor requirements
5: Information Management and Data Security
- Six phases of the Data Security Lifecycle and their key elements
- Volume storage
- Object storage
- Logical vs physical locations of data
- Three valid options for protecting data
- Data Loss Prevention
- Detection Data Migration to the Cloud
- Encryption in IaaS, PaaS & SaaS
- Database Activity Monitoring and File Activity Monitoring
- Data Backup
- Data Dispersion
- Data Fragmentation
6: Interoperability and Portability
- Definitions of Portability and Interoperability
- Virtualization impacts on Portability and Interoperability
- SAML and WS-Security
- Size of Data Sets
- Lock-In considerations by IaaS, PaaS & SaaS delivery models
- Mitigating hardware compatibility issues
7: Traditional Security, Business Continuity, and Disaster Recovery
- Four D's of perimeter security
- Cloud backup and disaster recovery services
- Customer due diligence related to BCM/DR
- Business Continuity Management/Disaster Recovery due diligence
- Restoration Plan
- Physical location of cloud provider
8: Data Center Operations
- Relation to Cloud Controls Matrix
- Queries run by data center operators
- Technical aspects of a Provider's data center operations for customers
- Logging and report generation in multi-site clouds
9: Incident Response
- Factor allowing for more efficient and effective containment and recovery in a cloud
- Main data source for detection and analysis of an incident
- Investigating and containing an incident in an Infrastructure as a Service environment
- Reducing the occurrence of application level incidents
- How often should incident response testing occur
- Offline analysis of potential incidents
10: Application Security
- Identity, entitlement, and access management (IdEA)
- SDLC impact and implications
- Differences in S-P-I models
- Consideration when performing a remote vulnerability test of a cloud-based application
- Categories of security monitoring for applications
- Entitlement matrix
11: Encryption and Key Management
- Adequate encryption protection of data in the cloud
- Key management best practices, location of keys, keys per user
- Relationship to tokenization, masking, anonymization and cloud database controls
12: Identity, Entitlement, and Access Management
- Relationship between identities and attributes
- Identity Federation
- Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
- SAML and WS-Federation
- Provisioning and authoritative sources
13: Virtualization
- Security concerns for hypervisor architecture
- VM guest hardening, blind spots, VM Sprawl, data Commingling, instant-on gaps
- In-Motion VM characteristics that can create a serious complexity for audits
- How can virtual machine communications bypass network security controls
- VM attack surfaces
- Compartmentalization of VMs
14: Security as a Service
- 10 categories
- Barriers to developing full confidence in security as a service (SECaaS)
- Deployment of Security as a Service in a regulated industry prior SLA
- Logging and reporting implications
- How can web security as a service be deployed
- What measures do Security as a Service providers take to earn the trust of their customers
- ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
- Isolation failure
- Economic Denial of Service
- Licensing Risks
- VM hopping
- Five key legal issues common across all scenarios
- Top security risks in ENISA research
- OVF
- Underlying vulnerability in Loss of Governance
- User provisioning vulnerability
- Risk concerns of a cloud provider being acquired
- Security benefits of cloud
- Risks
- Data controller vs data processor definitions in Infrastructure as a Service (IaaS), who is responsible for guest systems monitoring
£295.00Original price was: £295.00.£99.00Current price is: £99.00.