Build a risk-based assessment program for cloud providers’ controls
Understand the key areas to focus on in cloud contracts
Evaluate the various layers of cloud infrastructure
Develop a cloud disaster recovery and business continuity plan
Perform vulnerability assessments in a cloud environment
Integrate encryption and identity management services in a cloud environment
Improve your incident response and monitoring capabilities in the cloud
►Target Audience
Security personnel who are currently tasked with assessing the technical risks of cloud computing
Network and systems administrators who currently manage private clouds or need to leverage hybrid and/or public cloud services
Technical auditors and consultants who need to gain a deeper understanding of cloud computing and security concerns
Security and IT managers who need to understand the risks of cloud computing and advise business management of the risks and various approaches involved
►Course Outline
Day 1 – Risk, Audit, and Assessment for the Cloud
Risk management
Auditing the cloud
Remote
Onsite
Day 2 – Data Security in the Cloud
Encryption types and availability
Key management and encryption architectures
Data/information lifecycle
Retention
Disposal
Classification
Day 3 – Identity and Access Management (IAM)
IAM architecture and relevance to the cloud
Authentication and authorization standards
Account management and provisioning
Federation
Day 4 – Intrusion Detection and Incident Response
Incident detection for different cloud models
Managing Intrusion Detection System/Intrusion Prevention System (IDS/IPS) and alerting