Introduction to Cloud Computing

  1. Cloud Security and Compliance
    1. Cloud Security Fundamentals
      1. The Shared Responsibility Model
        1. Provider Security Responsibilities
          1. Customer Security Responsibilities
            1. Responsibility Boundaries by Service Model
            2. Cloud Security Challenges
              1. Data Location and Sovereignty
                1. Multi-Tenancy Risks
                  1. API Security
                  2. Security in Different Deployment Models
                  3. Identity and Access Management
                    1. Identity Management Concepts
                      1. Users and Service Accounts
                        1. Groups and Roles
                          1. Identity Providers
                          2. Authentication Mechanisms
                            1. Username and Password
                              1. Multi-Factor Authentication
                                1. Biometric Authentication
                                  1. Certificate-Based Authentication
                                  2. Authorization Models
                                    1. Role-Based Access Control
                                      1. Attribute-Based Access Control
                                        1. Policy-Based Access Control
                                        2. Single Sign-On
                                          1. SAML
                                            1. OAuth and OpenID Connect
                                              1. Federation
                                              2. Privileged Access Management
                                                1. Administrative Access Control
                                                  1. Just-In-Time Access
                                                    1. Access Reviews and Auditing
                                                  2. Network Security
                                                    1. Network Segmentation
                                                      1. Virtual Private Clouds
                                                        1. Subnets and Security Zones
                                                        2. Firewall and Security Groups
                                                          1. Stateful vs Stateless Firewalls
                                                            1. Rule Configuration
                                                              1. Network Access Control Lists
                                                              2. Secure Connectivity
                                                                1. Virtual Private Networks
                                                                  1. Direct Connect and ExpressRoute
                                                                    1. Site-to-Site Connectivity
                                                                    2. Intrusion Detection and Prevention
                                                                      1. Network-Based IDS/IPS
                                                                        1. Host-Based IDS/IPS
                                                                          1. Security Information and Event Management
                                                                          2. DDoS Protection
                                                                            1. DDoS Attack Types
                                                                              1. Mitigation Strategies
                                                                                1. Cloud-Based DDoS Protection
                                                                              2. Data Protection and Privacy
                                                                                1. Data Classification
                                                                                  1. Sensitivity Levels
                                                                                    1. Data Handling Requirements
                                                                                    2. Encryption
                                                                                      1. Encryption in Transit
                                                                                        1. TLS/SSL
                                                                                          1. VPN Encryption
                                                                                          2. Encryption at Rest
                                                                                            1. Database Encryption
                                                                                              1. File System Encryption
                                                                                                1. Storage Encryption
                                                                                                2. Key Management
                                                                                                  1. Key Generation and Storage
                                                                                                    1. Key Rotation
                                                                                                      1. Hardware Security Modules
                                                                                                    2. Data Loss Prevention
                                                                                                      1. Data Discovery and Classification
                                                                                                        1. Policy Enforcement
                                                                                                          1. Monitoring and Reporting
                                                                                                          2. Backup and Recovery
                                                                                                            1. Backup Strategies
                                                                                                              1. Recovery Testing
                                                                                                                1. Business Continuity Planning
                                                                                                                2. Data Residency and Sovereignty
                                                                                                                  1. Geographic Data Requirements
                                                                                                                    1. Cross-Border Data Transfer
                                                                                                                  2. Compliance and Governance
                                                                                                                    1. Regulatory Frameworks
                                                                                                                      1. General Data Protection Regulation
                                                                                                                        1. Health Insurance Portability and Accountability Act
                                                                                                                          1. Payment Card Industry Data Security Standard
                                                                                                                            1. Sarbanes-Oxley Act
                                                                                                                              1. Service Organization Control 2
                                                                                                                                1. ISO 27001
                                                                                                                                2. Compliance Management
                                                                                                                                  1. Compliance Assessment
                                                                                                                                    1. Audit Preparation
                                                                                                                                      1. Documentation and Evidence
                                                                                                                                      2. Cloud Governance
                                                                                                                                        1. Policy as Code
                                                                                                                                          1. Resource Tagging and Management
                                                                                                                                            1. Cost Governance
                                                                                                                                            2. Risk Management
                                                                                                                                              1. Risk Assessment
                                                                                                                                                1. Risk Mitigation Strategies
                                                                                                                                                  1. Third-Party Risk Management
                                                                                                                                                2. Security Best Practices
                                                                                                                                                  1. Security by Design
                                                                                                                                                    1. Secure Architecture Principles
                                                                                                                                                      1. Threat Modeling
                                                                                                                                                      2. Principle of Least Privilege
                                                                                                                                                        1. Minimal Access Rights
                                                                                                                                                          1. Regular Access Reviews
                                                                                                                                                          2. Defense in Depth
                                                                                                                                                            1. Layered Security Controls
                                                                                                                                                              1. Redundant Security Measures
                                                                                                                                                              2. Security Automation
                                                                                                                                                                1. Automated Security Testing
                                                                                                                                                                  1. Incident Response Automation
                                                                                                                                                                  2. Regular Security Assessments
                                                                                                                                                                    1. Vulnerability Scanning
                                                                                                                                                                      1. Penetration Testing
                                                                                                                                                                        1. Security Audits
                                                                                                                                                                        2. Patch Management
                                                                                                                                                                          1. Vulnerability Management
                                                                                                                                                                            1. Update Scheduling
                                                                                                                                                                              1. Testing and Deployment
                                                                                                                                                                              2. Incident Response
                                                                                                                                                                                1. Incident Response Planning
                                                                                                                                                                                  1. Detection and Analysis
                                                                                                                                                                                    1. Containment and Recovery
                                                                                                                                                                                      1. Post-Incident Activities
                                                                                                                                                                                    2. Common Cloud Security Threats
                                                                                                                                                                                      1. Data Breaches
                                                                                                                                                                                        1. Causes and Impact
                                                                                                                                                                                          1. Prevention Strategies
                                                                                                                                                                                          2. Account Hijacking
                                                                                                                                                                                            1. Attack Vectors
                                                                                                                                                                                              1. Protection Measures
                                                                                                                                                                                              2. Insecure APIs
                                                                                                                                                                                                1. API Security Risks
                                                                                                                                                                                                  1. API Security Best Practices
                                                                                                                                                                                                  2. Malicious Insiders
                                                                                                                                                                                                    1. Insider Threat Detection
                                                                                                                                                                                                      1. Access Controls and Monitoring
                                                                                                                                                                                                      2. Advanced Persistent Threats
                                                                                                                                                                                                        1. APT Characteristics
                                                                                                                                                                                                          1. Detection and Response

                                                                                                                                                                                                      Previous

                                                                                                                                                                                                      4. Cloud Architecture and Enabling Technologies

                                                                                                                                                                                                      Go to top

                                                                                                                                                                                                      Next

                                                                                                                                                                                                      6. Cloud Economics and Management