Cloud security Course

2 hours, 32 minutes

Syllabus

Security policies

Video - 00:06:00

Effective security for cloud computing begins with well-planned and documented security policies. This episode introduces security policies and the role they play in cloud computing.
Standards and compliance demo

Video - 00:05:00

This episode explains standards and compliance. Several regulatory and industry regulations and guidelines may impose requirements on different network types and this episode explains how to plan for them.
Data security and compliance controls

Video - 00:11:00

Data security in enterprise environments means making sure you're in compliance with laws and regulations.
Identity, authentication, and authorization

Video - 00:08:00

It is important to know who is accessing your cloud resources. This begins with identity management and authentication. This episode introduces identity, authentication and authorization.
Multi-factor authentication

Video - 00:05:00

Authorization is used to validate the rights of an acting entity on an object of that action. For example, it is used to validate that a user is allows to read or write to a given file.
Identity and access management solutions

Video - 00:09:00

Tom reviews the basics of Identity and Access Management (IAM) as well as how it works with directory services, Public Key Infrastructure (PKI), certificate management, Security Assertion Markup Language (SAML), Secret/Key elements for encryption/decryption, and One-Time Passwords (OTPs).
Authorization (Lab)

Video - 00:09:00

Authorization was explained in a preceding episode; however, this episode goes deeper into authorization to help you determine the objects that will require authorization and the methods used for access control.
Encryption

Video - 00:08:00

When storing data in the cloud, a lot of trust is placed on the cloud network administrators. To provide protection against internal threats, encryption can be used. This episode explains encryption at rest and at transit and some common ciphers available.
Encryption solutions

Video - 00:07:00

Encryption can be done at different levels, including application, operating system, storage, filesystem, and network. You can also use tunnels to encapsulate one protocol inside another, such as SSH, L2TP, PPTP, and GRE. Tom defines each of these in this episode.
Compute security (Demo)

Video - 00:07:00

Just as you must secure physical servers on your network, you must secure servers in the cloud. This episode is focused on hardening cloud compute instances and best practices for doing so.
Account management (Lab)

Video - 00:07:00

Cloud solution accounts are used to provide access to cloud resources. These accounts should be secured and this episode explains how.
Segmentation (Lab)

Video - 00:05:00

Segmentation is implemented in various ways in cloud computing. This episode explains three different segmentations methods often used in the cloud.
Security tools (Demo)

Video - 00:07:00

It is important to understand the security tools available in your chosen cloud service provider. It is also important to understand the scope of impact from any tools used. This episode introduces the various security tools available.
Security services

Video - 00:05:00

Traditional security tools that we have used on local networks and systems also apply to the cloud. This episode explains how these services should be used in the cloud.
Additional network security solutions

Video - 00:09:00

In this episode, Tom goes over additional network security solutions like DNS Security (DNSSEC), Network Time Protocol (NTP), firewalls, Network Access Control (NAC), and Network Flow Control.
Network hardening

Video - 00:08:00

Just like with any network, a cloud network must be hardened in order for it to be secure. Tom goes over the basics of network, OS, device, and component hardening, as well as the benefits of Virtual Local Area Networks (VLANs), micro-segmentation, and tiering.
Application and OS security

Video - 00:06:00

Application and OS security rely on user permissions, endpoint security, and policy-based management. In this episode, Tom review each and how they work in the cloud.
Security automation and orchestration

Video - 00:06:00

A significant benefit of cloud computing is the available automation and orchestration solutions. This episode describes such solutions and the fundamental difference between automation and orchestration.
Models and security

Video - 00:06:00

Handling blockchain data is different than with traditional databases. There are certain considerations you need to keep in mind. This episode discusses the two types of data, local and state variables, and the types of memory, stack, memory, and storage.
Risk and reward

Video - 00:08:00

Securing your cloud infrastructure can by done by scanning your environment, performing vulnerability assessments, prioritizing and implementing patches, and creating a risk register to manage the risks in your network.
Incident response

Video - 00:07:00

Incident response refers to preparing for, detecting, analyzing, containing, and recovering from security incidents. Tom discusses preparation, procedures, and what to do after an incident has occurred.
Creating user accounts in AWS (Lab)

Video - 00:04:00

In this lab, Tom shows you how to create and configure secure user accounts in AWS.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust