Scribd
Upload
309 views

Cloud Security

This document outlines a 45-day cloud security training program covering 6 key topics: 1) fundamentals of cloud computing, 2) security design and architecture, 3) secure isolation of physical and logical infrastructure, 4) data protection, 5) enforcing access control, and 6) monitoring, auditing and management. The training will explore cloud deployment models, roles, risks, secure design principles, common threats, isolation strategies, data lifecycles, access control methods, and tools for monitoring, auditing, and securely managing cloud infrastructure and services.

Uploaded by

Prince Kumar Bhatia
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
309 views

Cloud Security

This document outlines a 45-day cloud security training program covering 6 key topics: 1) fundamentals of cloud computing, 2) security design and architecture, 3) secure isolation of physical and logical infrastructure, 4) data protection, 5) enforcing access control, and 6) monitoring, auditing and management. The training will explore cloud deployment models, roles, risks, secure design principles, common threats, isolation strategies, data lifecycles, access control methods, and tools for monitoring, auditing, and securely managing cloud infrastructure and services.

Uploaded by

Prince Kumar Bhatia
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Cloud Security

45 Days
1. Fundamentals of Cloud Computing and Architectural
Characteristics

• Understand what is Cloud computing


• Architectural and Technological Influences of Cloud Computing
• Understand the Cloud deployment models a. Public, Private, Community
and Hybrid models
• Scope of Control
a. Software as a Service (SaaS)
b. Platform as a Service (PaaS)
c. Infrastructure as a Service (IaaS)
• Cloud Computing Roles
• Risks and Security Concerns

2. Security Design and Architecture for Cloud Computing

• Guiding Security design principles for Cloud Computing


• Secure Isolation o Comprehensive data protection
• End-to-end access control
• Monitoring and auditing
• Quick look at CSA, NIST and ENISA guidelines for Cloud Security
• Common attack vectors and threats

3. Secure Isolation of Physical & Logical Infrastructure

• Isolation
 Compute, Network and Storage
• Common attack vectors and threats
• Secure Isolation Strategies
a. Multitenancy, Virtualization strategies
b. Inter-tenant network segmentation strategies
c. Storage isolation strategies

4. Data Protection for Cloud Infrastructure and Services

• Understand the Cloud based Information Life Cycle


• Data protection for Confidentiality and Integrity
• Common attack vectors and threats
• Encryption, Data Redaction, Tokenization, Obfuscation, PKI and Key
Management, Assuring data deletion
• Data retention, deletion and archiving procedures for tenant data
• Data Protection Strategies
5. Enforcing Access Control for Cloud Infrastructure based
Services

• Understand the access control requirements for Cloud infrastructure


• Common attack vectors and threats
• Enforcing Access Control Strategies
 Compute, Network and Storage
1. Authentication and Authorization
2. Roles-based Access Control, Multi-factor authentication
3. Host, storage and network access control options
4. OS Hardening and minimization, securing remote access, Verified
and measured boot
5. Firewalls, IDS, IPS and honeypots

6. Monitoring, Auditing and Management

• Proactive activity monitoring, Incident Response


• Monitoring for unauthorized access, malicious traffic, abuse of system
privileges, intrusion detection, events and alerts
• Auditing – Record generation, Reporting and Management
• Tamper-proofing audit logs
• Quality of Services
• Secure Management
 User management
 Identity management
 Security Information and Event Management

You might also like