EncartaLabs

Cloud Security

( Duration: 2 Days )

Cloud Security training course explores some of the key risk areas when it comes to security and cloud computing. Although some of the fears in regards to security in the cloud are exaggerated, there are specific areas to be aware and cautious about. The key is knowing your IT infrastructure and needs, as well as carefully assessing the cloud provider’s offering and security measures. The course introduces control assessment frameworks and models that can be used in assessing your risk in going to the cloud and evaluating the cloud provider’s security offering. Along with the top identified security risks, it outlines basic guidelines that should be followed to ensure an adequate level of security in an xaaS environment. In particular, key areas of the IT infrastructure and issues relating to data transfer and storage are covered.

By attending Cloud Security workshop, Participants will learn to:

  • Identify methods of providing security for data moving to the cloud or residing in the cloud
  • Match the means by which CSPs provide security assurances to their descriptions
  • Identify the key risk areas in cloud computing
  • Describe the basic security practices that should be implemented in a SaaS environment
  • Describe the security considerations involved in connecting your network infrastructure to the cloud
  • Distinguish between the security responsibilities of client and CSP for different cloud deployments at the host level
  • Match the cloud service delivery model to who is responsible for it’s application security
  • Describe the key challenges related to securing data in the cloud
  • Identify the questions a potential user of cloud data storage needs to ask when conducting a risk assessment
  • Determine if a CSP can provide the required security assurances in a given scenario
  • Define the cloud data security challenges for a given scenario

In Cloud Security class, Participants will be able to find answers for the following:

  • What are the characteristics of cloud computing?
  • Know some techniques for securing public cloud instances
  • Which third party risk management practices should you apply to cloud provider engagements?
  • How is cloud computing different from outsourcing?
  • What should you be looking for in a SAS 70 Type II or SSAE 16 audit statement?
  • What are the six phases of the data security lifecycle?
  • Which practices help in porting platform as a service (PaaS) solutions?
  • How can cloud providers minimize risks of insider abuse?
  • How can a cloud customer predict whether the cloud providers availability and performance will meet service level agreement commitments?
  • What capabilities can a cloud provider deliver to support offline analysis of potential incidents?
  • What are key success factors to support application security in Infrastructure as a Service (IaaS) environments?
  • How can key management be used to prevent cloud providers from inappropriately accessing customer data?
  • Which prominent standards should be considered to federate customer identity management systems with cloud providers?
  • Why do communications between multiple virtual machines in a private cloud often evade tradition security monitoring systems?

The program is restricted to those who have basic understanding of security fundamentals, firewalls, secure development, encryption, and identity management.

This workshop will significantly benefit professionals responsible for security in a cloud computing environment.

  • CEO / CFO / CIO / CTO / CISO
  • IS / IT Specialist / Analyst / Manager
  • IS / IT Auditor / Consultant
  • IS / IT Head / Director
  • IT Operations Manager / Head / Director
  • IT Compliance Manager / Head / Director
  • Security Head / Director
  • Security Specialist / Analyst / Manager / Architect
  • Security Consultant / Professional / Officer
  • Security Engineer / Administrator / Auditor
  • Network Specialist / Analyst / Manager
  • Network Consultant / Professional / Architect / Administrator
  • Senior Systems Engineer
  • Systems Analyst / Administrator

COURSE AGENDA

1

Cloud Architecture

2

Governance and Enterprise Risk

3

Legal and Electronic Discovery

4

Compliance and Audit

5

Information Lifecycle Management

6

Portability and Interoperability

7

Traditional Security, BCM, D/R

8

Data Center Operations

9

Incident Response

10

Application Security

11

Encryption and Key Management

12

Identity and Access Management

13

Virtualization

14

ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security

  • Security benefits of cloud
  • Risks and underlying vulnerabilities
  • Information assurance framework
  • Division of liabilities
  • Key legal issues
  • Applied Knowledge
  • Classify popular cloud providers into S-P-I model
  • Redundancy
  • Securing popular cloud services
  • Vulnerability assessment considerations
  • Practical encryption use cases

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 4,000 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting http://encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top