Cloud Security Fundamentals

Course

January 14th, 2019

Intro Video

Photo of Justin Mitchell

Justin Mitchell

Security Training Architect II in Content

Length

02:12:05

Difficulty

Beginner

Course Details

The cloud has brought about tons of innovation and features. One thing often forgotten about during implementation is security. This course is designed around introducing the prospective student to many of the cloud concepts and how to secure those through use of tools available to them.

Syllabus

Cloud Security

Introduction

About the Course

00:01:17

Lesson Description:

Welcome to our Cloud Security Fundamentals course. This course is designed to help students get a basic understanding of key security functions and how to successfully navigate a cloud environment. I am excited to have you here! When you're ready, mark this video complete and let's get started!

About the Author

00:00:28

Lesson Description:

Welcome to our Cloud Security Fundamentals course! Your instructor for this course is Justin Mitchell. In this video, he'll introduce himself and talk a little about his credentials in the Cybersecurity field.

Agreement Concepts

Cloud Service Agreements

00:09:06

Lesson Description:

This video lesson is designed to introduce the students to the two components of the Cloud Service Agreement: The Acceptable Use policy (AUP) and the Service Level Agreement (SLA). These will both be important concepts to understand as we work through the remainder of the course.

Roles and Responsibilities

00:06:46

Lesson Description:

This video lesson is designed to demonstrate the different roles and responsibilities that a Cloud Service Provider and a cloud customer within the different service offerings available to them.

The Role of Formal Configuration Management and Inventory Systems

00:10:07

Lesson Description:

Configuration and Inventory Management take on interesting differences in a cloud environment vs in an on-premise solution. This video lesson takes aim at understanding the role that these two processes play in securing our environments.

Securing Innovative Technologies

Container Security

00:07:07

Lesson Description:

Many cloud solutions allow us the ability to be much more innovative in the technology suites that we employ. One of these innovative technologies is containers. This video lesson is designed to show how containers help increase the security of an application or system.

Machine Learning and Analytics

00:11:08

Lesson Description:

Machine learning and analytics allow our organizations to adequately predict future iterations in an effort to make strategic business decisions. These can also be useful tools for cybersecurity professionals to employ to make strategic security decisions. This lesson is focused on how this technology can be used to do so.

Security Functions in a Cloud Environment

Identity and Access Management

00:12:32

Lesson Description:

Identity and Access Management (IAM) plays a huge role in securing our systems and applications. In this video lesson, we look at some of the key differences between IAM in an on-premise solution vs in a cloud environment.

Quarantining and Containing Cloud Servers

00:08:13

Lesson Description:

Quarantining and Containing incidents in a cloud environment is a much different process than in a traditional, on-premise environment. In this lesson, we cover some of the concepts associated with quarantining and containment.

Understanding Cloud Disaster Recovery Procedures

00:13:05

Lesson Description:

There are several techniques that can be used for Disaster Recovery in the cloud. This video lesson was designed to indroduce the student to some of the DR concepts, as well as to discuss some of the advantages and disadvantages of these cloud solutions.

Practical Security Application Locations

00:10:37

Lesson Description:

One question that we see asked quite often is "where should security appliances be located in a cloud solution?" This video lesson addresses that very issue!

Maintaining GRC in Cloud Environments

Maintaining a Risk-Based Approach in a Cloud Environment

00:12:07

Lesson Description:

One of the keys to successfully manage security plans and programs is through the successful implementation of GRC (Governance, Risk Management, and Compliance), and in order to successfully manage GRC, we must maintain a risk-based approach for our programs. This video lesson is dedicated to introducing the student to the six steps of the Risk Management Framework provided by NIST and how to maintain those steps in a cloud environment. See link for NIST Special Publication 800-53: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-53r4.pdf

Maintaining Regulatory Compliance

00:17:38

Lesson Description:

This video lesson is designed around helping the student understand how to maintain regulatory compliance (a must for certain industries) in a cloud environment. Note: regulations vary by country

Today's Relations Between Security and Compliance

00:11:49

Lesson Description:

A major point of contention today is the "We're compliant, so we must be secure" argument. This video lesson discusses the relationship between compliance and security in today's technologically-advanced environments.