Cloud System Security - Platform and Infrastructure


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description
The security of the cloud services platform and infrastructure is a fundamental driver in the uptake of cloud services and the transition away from Enterprise structures. This course describes issues relating to the security of the supporting components of the cloud infrastructure – both physical and virtual components. The course promotes/outlines a risk management approach in developing and employing security measures to protect cloud components; describes key risk management focus areas – identification, measurement, and control; and covers known threats and the key areas of cloud component vulnerability. In this course, you will learn about security management/measures and auditing, including authentication, authorization, Business Continuity (BC), Disaster Recovery (DR), and failover. The learner will be expected to display knowledge of Cloud Service Business Continuity and Disaster Recovery planning, to identify areas requiring specific security protection, and how to recover lost or damaged data and components hosted on a cloud platform. The course covers the essential topics for the ICS2's Certified Cloud Security Professional examination – Domain 3 requirements.

Target Audience
This course is intended for IT professionals including managers, engineers, and technical staff intending to take the CCSP examination.

Prerequisites
None

Expected Duration (hours)
2.0

Lesson Objectives

Cloud System Security - Platform and Infrastructure

  • start the course
  • recognize the physical and virtual components within a cloud platform
  • define the networking and communication architecture of a cloud platform
  • define the compute service as it applies to the cloud platform
  • define the available virtualization options within a cloud platform
  • define storage and Storage as a Service (STaaS) within a cloud platform
  • describe and define risk as it applies to cloud services and underlying infrastructure, and adopt a risk analysis and management posture regarding cloud computing
  • describe and define known threats and attack vectors associated with cloud services and infrastructure
  • define virtualization-specific areas of focus with reference to security such as Hypervisor, VM files, and VM deletion
  • define and describe threat mitigation and attack handling techniques including ACL, designing in security, and adopting security measures
  • design and deploy physical and environmental security mechanisms
  • design and deploy security mechanisms to mitigate failure and threats, and avoid attack to the systems and communication hardware within a cloud platform
  • describe and manage identification, system, and data access in addition to authentication and authority within the cloud service
  • define auditing techniques and responsibilities within key areas of focus, including asset access, asset status, deletions, archiving, and reporting
  • describe and deploy DR and BC with respect to the cloud environment
  • describe and deploy DR and BC with respect to operations and business requirements
  • define and describe relevant DR and BC strategies
  • deploy DR and BC mechanisms
  • describe cloud device platforms and associated risks; discuss vulnerabilities within the virtualized infrastructure and attack vectors in general; and finally, discuss available disaster recovery architectures
  • Course Number:
    cl_csip_a03_it_enus

    Expertise Level
    Intermediate