The Cloud Security Foundation class provides students a comprehensive two-day review of cloud security fundamentals. The course begins with a discussion of a basic risk assessment framework and then reviews each of the security domains put forth by the Cloud Security Alliance (CSA) and recommendations from the European Network and Information Security Agency (ENISA). Each domain area is discussed and reviewed followed by recommendations and requirements for each.
This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security including IT Managers and Business Managers tasked with deploying some or all of their IT services in the cloud. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
At course completion students should have a good understanding of the security issues and risks to consider when deploying IT services in the Cloud.
The Cloud Security Foundation class provides students a comprehensive two-day review of cloud security fundamentals. The course begins with a discussion of a basic risk assessment framework and then reviews each of the security domains put forth by the Cloud Security Alliance (CSA) and recommendations from the European Network and Information Security Agency (ENISA). Each domain area is discussed and reviewed followed by recommendations and requirements for each.
Audience Profile
This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security including IT Managers and Business Managers tasked with deploying some or all of their IT services in the cloud. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
At course completion
Students should have a good understanding of the security issues and risks to consider when deploying IT services in the Cloud.
Course Outline
PART 1: CLOUD ARCHITECTURE
Cloud Computing Architectural Framework
What is Cloud Computing
What comprises Cloud Computing
The Characteristics of Cloud Computing
Multi-Tenancy
Cloud Reference Model
Cloud Deployment Models
Recommendations
Requirements
PART 2: GOVERNING IN THE CLOUD
Governance and Enterprise Risk Management
Corporate Governance
Enterprise Risk Management
Permissions
Recommendations
Requirements
Legal Issues: Contracts and Electronic Discovery
Legal Issues
Contract Considerations
Special Issues Raised by E-Discovery
Compliance and Audit Management
Compliance
Audit
Recommendations
Requirements
Information Management and Data Security
Cloud Information Architectures
Data (Information) Dispersion
Information Management
The Data Security Lifecycle
Information Governance
Data Security
Recommendations
Requirements
Interoperability and Portability
An Introduction to Interoperability
An Introduction to Portability
Recommendations
PART 3: OPERATING IN THE CLOUD
Traditional Security, Business Continuity, and Disaster Recovery
Establishing a Traditional Security Functions
Human Resources Physical Security
Assessing CSP Security
Business Continuity
Disaster Recovery
Permissions
Recommendations
Requirements
Data Center Operations
Data Center Operations
Permissions
Recommendations
Requirements
Incident Response
Cloud Computing Characteristics that Impact Incident Response
The Cloud Architecture Security Model as a Reference
Incident Response Lifecycle Examined
Recommendations
Requirements
Application Security
Secure SDLC (Software Development Life Cycle)
Authentication, Authorization, and Compliance – Application Security Architecture in the Cloud
Identity, Entitlement, and Access Management for Cloud Application Security
Application Penetration Testing for the Cloud
Monitoring Applications in the Cloud
Recommendations
Encryption and Key Management
Introduction to Encryption
Alternative Approached to Encryption
Cryptography in Cloud Deployments
Key Management
Recommendations
Requirements
Identity, Entitlement, and Access Management
Terminology Used in this Document
Introduction to Identity in a Cloud Environment
Identity Architecture for the Cloud
Identity Federation
Provisioning and Governance of Identity and Attributes
The Entitlement Process
Authorization and Access Management
Architectures for Interfacing to Identity and Attribute Providers
Level of Trust with Identity and Attributes
Provisioning of Accounts on Cloud Systems
Identity-as-a-Service
Compliance and Audit
Application Design for Identity
Identity and Data Protection
Consumerization and the Identity Challenge
Identity Service Providers
Recommendations
Requirements
Virtualization
Hypervisor Architecture Concerns
Recommendations
Requirements
Security as a Service
Ubiquity of Security as a Service
Concerns When Implementing Security as a Service
Advantages When Implementing Security as a Service
Diversity of Existing Security as a Service Offerings
Permissions
Recommendations
Requirements
Prerequisites
Students should have an IT background and foundational knowledge of security based on ISO/IEC 27002 and/or NIST 800-53 and CSA CCM3. Prerequisite knowledge is also covered in Day 1 of the course Security Essentials.
Cloud Security Foundations (CSF)
$1,195.00$775.00The Cloud Security Foundation class provides students a comprehensive two-day review of cloud security fundamentals. The course begins with a discussion of a basic risk assessment framework and then reviews each of the security domains put forth by the Cloud Security Alliance (CSA) and recommendations from the European Network and Information Security Agency (ENISA). Each domain area is discussed and reviewed followed by recommendations and requirements for each.
This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security including IT Managers and Business Managers tasked with deploying some or all of their IT services in the cloud. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
At course completion students should have a good understanding of the security issues and risks to consider when deploying IT services in the Cloud.
Description
Course: CSF – Cloud Security Foundations
Overview
The Cloud Security Foundation class provides students a comprehensive two-day review of cloud security fundamentals. The course begins with a discussion of a basic risk assessment framework and then reviews each of the security domains put forth by the Cloud Security Alliance (CSA) and recommendations from the European Network and Information Security Agency (ENISA). Each domain area is discussed and reviewed followed by recommendations and requirements for each.
Audience Profile
This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security including IT Managers and Business Managers tasked with deploying some or all of their IT services in the cloud. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
At course completion
Students should have a good understanding of the security issues and risks to consider when deploying IT services in the Cloud.
Course Outline
PART 1: CLOUD ARCHITECTURE
Cloud Computing Architectural Framework
PART 2: GOVERNING IN THE CLOUD
Governance and Enterprise Risk Management
Legal Issues: Contracts and Electronic Discovery
Compliance and Audit Management
Information Management and Data Security
Interoperability and Portability
PART 3: OPERATING IN THE CLOUD
Traditional Security, Business Continuity, and Disaster Recovery
Data Center Operations
Incident Response
Application Security
Encryption and Key Management
Identity, Entitlement, and Access Management
Virtualization
Security as a Service
Prerequisites
Students should have an IT background and foundational knowledge of security based on ISO/IEC 27002 and/or NIST 800-53 and CSA CCM3. Prerequisite knowledge is also covered in Day 1 of the course Security Essentials.
Additional Reading
Additional information
2 Days
100
Live Instructor-Led
Related products
Microsoft Identity Manager – Foundation (A620)
$2,545.00 Select optionsCertified EU General Data Protection Regulation Foundations (GDPR-F)
$450.00 – $595.00 Select optionsCertified Ethical Hacker v9
$1,845.00 – $2,795.00 Select optionsMicrosoft Identity Manager – Advanced (A621)
$2,875.00 Select options