Course Outline
DAY 1
Introduction and Cloud Architecture
- Definition of cloud computing
- Components of the cloud computing stack
- Cloud reference model and security
Infrastructure Security for Cloud Computing
- Understanding the components of cloud infrastructure
- Evaluating security implications of deployment models
- Advantages and disadvantages of virtualization
- Cloud management plane
- Security basics for different service models
Managing Cloud Computing Security and Risk
- Risk and governance
- Legal and compliance
- Auditing
- Portability and interoperability
- Incident response
Data Security for Cloud
- Different cloud storage models
- Security issues concerning data in the cloud
- Addressing cloud security and governance
- Applying lifecycle management to use cases
- Discussion on data encryption
Securing Applications and Users
- Application architecture design and operations lifecycle
- Impact on SDLC
- Examination of application security tools
- Role of compliance in the Cloud
Cloud Risk Assessment
- Adopting cloud computing
- Migrating existing apps and systems
Create and Secure a Public Cloud
- Understanding public IaaS architectures
- Review of EC2 components
- Launching and connecting to your first instance
- Securing your instance
DAY 2
Encrypting an EBS Volume
- Reasons for encryption
- Selection of encryption methods
- Creation and attachment of Amazon EBS
- Encryption and formatting
- Understanding key management options
- Effects of rebooting
- Attaching encrypted volumes to other instances
Identity and Access Management
- Securing EC2 with AWS IAM
- Understanding federated identity architectures
- Implementing federated identity for applications using OpenID
- Applying these principles in an enterprise production environment
Deploy and Secure a Private Cloud
- Understanding private cloud architecture
- Review of OpenStack components
- Creation and connection of a compute node
- Management of OpenStack tenants and IAM
- Securing the OpenStack management plane
- Investigation of hypervisor security
- Understanding security automation
Selecting Cloud Services
- Enabling security strategy
- Selecting a cloud provider
- Security as a service
- Summary and review
Testimonials (7)
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
The presenter knowledge, way of speaking, sense of humour.
Rafal Kosz - EY
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Open discussions
Krzysztof Pytko - EY
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Trainer was calm, we had enough time to go through the subjects.
Andrzej Tarczynski - EY
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
I enjoyed the trainer methods to attract our attention.
Antonio Osuna Sanchez - Blue Indico Investments, S.L.U.
Course - CCSK - Certificate of Cloud Security Knowledge - Plus
Ahmed was always trying to keep attention of us.
Alberto Brezmes - Blue Indico Investments, S.L.U.
Course - CCSK - Certificate of Cloud Security Knowledge - Plus
The trainer was very nice and available. I appreciated his knowledge, skills and preparation about the subject. Furthermore, he provided us extra content about IoT, very interesting.
