Course Outline
Day 1
1. Cloud Computing Concepts and Architecture
a) Definitions of Cloud Computing
- Service Models
- Deployment Models
- Reference and Architecture Models
- Logical Models
b) Scope, Responsibilities, and Models of Cloud Security
c) Critical Focus Areas in Cloud Security
2. Governance and Enterprise Risk Management
a) Tools for Cloud Governance
b) Enterprise Risk Management in the Cloud
c) Impact of Various Service and Deployment Models
d) Cloud Risk Trade-offs and Mitigation Tools
3. Legal Issues, Contracts, and Electronic Discovery
a) Legal Frameworks Governing Data Protection and Privacy
- Cross-Border Data Transfer
- Regional Considerations
b) Contracts and Provider Selection
- Contracts
- Due Diligence
- Third-Party Audits and Attestations
c) Electronic Discovery
- Data Custody
- Data Preservation
- Data Collection
- Response to Subpoenas or Search Warrants
4. Compliance and Audit Management
a) Compliance in the Cloud
- Impact of compliance on cloud contracts
- Scope of compliance
- Requirements for compliance analysis
b) Audit Management in the Cloud
- Right to audit
- Audit scope
- Auditor requirements
Day 2
5. Information Governance
a) Governance Domains
b) Six Phases of the Data Security Lifecycle and Their Key Elements
c) Data Security Functions, Actors, and Controls
6. Management Plane and Business Continuity
a) Business Continuity and Disaster Recovery in the Cloud
b) Architecting for Failure
c) Management Plane Security
7. Infrastructure Security
a) Cloud Network Virtualization
b) Security Implications of Cloud Networking
c) Challenges of Virtual Appliances
d) Security Benefits of Software-Defined Networking (SDN)
e) Micro-segmentation and the Software Defined Perimeter
f) Considerations for Hybrid Cloud Environments
g) Cloud Compute and Workload Security
8. Virtualization and Containers
a) Major Virtualization Categories
b) Network Virtualization
c) Storage Virtualization
d) Containerization
Day 3
9. Incident Response
a) Incident Response Lifecycle
b) Impact of the Cloud on Incident Response
10. Application Security
a) Opportunities and Challenges
b) Secure Software Development Lifecycle
c) Impact of the Cloud on Application Design and Architectures
d) The Rise and Role of DevOps
11. Data Security and Encryption
a) Data Security Controls
b) Types of Cloud Data Storage
c) Managing Data Migrations to the Cloud
d) Securing Data in the Cloud
12. Identity, Entitlement, and Access Management
a) IAM Standards for Cloud Computing
b) Managing Users and Identities
c) Authentication and Credentials
d) Entitlement and Access Management
13. Security as a Service (SecaaS)
a) Potential Benefits and Concerns of SecaaS
b) Major Categories of Security as a Service Offerings
14. Related Technologies
a) Big Data
b) Internet of Things (IoT)
c) Mobile Security
d) Serverless Computing
Testimonials (1)
A wide range of knowledge of the lecturer.
