Advanced Cloud Security And Hardening

 

Course Duration

 5 Days

 

Register For This Course

Introducing The Advanced Cloud Security

& Hardening Master Class

For security professionals to be able to secure any technology they need to first have a strong understanding of the technology. This class is based on the doctrine that “You cannot secure what you don’t understand.”

The Advanced Cloud Security Mastery class is designed to build on the knowledge of Cloud Computing. It will help you understand the risks associated with cloud computing, where those risks are, and learn how to mitigate them.

It provides in-depth knowledge and skills to implement, manage and secure cloud resources. The course covers various aspects of cloud security including identity and access management, data security, encryption, key management, auditing, and compliance.

Learning Objectives

DAY 1:   Cloud Security Governance and Compliance

  • Learn about cloud security governance and compliance
  • Learn about the roles and responsibilities within the cloud
  • Setup security controls to protect the cloud control panel
  • Understand the security risks associated with cloud security operations and how to mitigate them
  • Learn about the security controls that can be implemented to protect the cloud
  • Understand the importance of identity and access management (IAM) in a cloud environment and how it can help to secure your data.
  • Understand the security risks associated with IAM and how to mitigate those risks.
  • Learn about the different types of IAM concepts, such as OAuth 2.0, Open Connect, and federations

DAY 2: Cloud Architecture Security

  • Learn how to secure and restrict access to virtual machines
  • Understand how to implement security in containers
  • Understand the security risks associated with Kubernetes
  • Learn how to mitigate the security risks associated with Kubernetes
  • Understand how to secure your Kubernetes environment
  • Learn about the security controls that can be implemented to protect Kubernetes
  • Learn about the best practices for securing Kubernetes
  • Implement a least privilege policy for microservices
  • Use logging and monitoring to detect unusual activity in microservices.
  • Follow the principle of least privilege when configuring microservices
  • Restrict access to microservices to authorized users only
  • Use a vulnerability scanning tool to scan for vulnerabilities in microservices

DAY 3:  Web Application Security

  • Understand the security risks associated with web applications
  • Understand how to secure your web application.
  • Implementing application security in the cloud
  • Learn about the security controls that can be implemented to protect web applications.
  • Learn about the best practices for securing web applications.
  • The security risks associated with APIs
  • The security controls that can be implemented to protect APIs
  • The best practices for securing APIs

DAY 4: Securing data and cloud services through Cryptography

  • Understand the basics of digital certificates
  • Understand the different types of digital certificates
  • Understand the uses of digital certificates
  • Understand how to create a digital certificate
  • Understand how to verify a digital certificate
  • Understand the benefits of using digital certificates
  • Understand the security risks associated with digital certificates

DAY 5: Cloud Security Operations, Monitoring, and Audit

  • Understand the security risks associated with virtual machines and how to mitigate those risks.
  • Understand the security controls that can be implemented to protect virtual machines and the best practices for securing virtual machines.
  • Understand the security risks associated with containers and how to mitigate those risks.
  • Understand the security controls that can be implemented to protect containers and the best practices for securing containers.
  • Understand the security risks associated with cloud auditing and how to mitigate those risks.
  • Understand the security controls that can be implemented to protect cloud auditing and the best practices for securing cloud auditing.
Course Description

DAY 1:  Cloud Security Governance and Compliance

Cloud Security Management

In this section, you will learn about the security risks associated with cloud management and how to mitigate those risks. You will also learn about security controls and best practices in managing security in the cloud.

Control Panel Security

The control panel is a critical component of security in a cloud environment. understanding how to properly secure the control panel is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with the control panel and how to mitigate those risks.

IAM Security

Identity and access management (IAM) is a critical component of security in a cloud environment. IAM controls what users can access and what actions they can perform.

In this section, you will learn the following:

  • Security risks associated with Identity and access and how to mitigate those risks
  • Access control mechanism
  • OAuth 2.0, Open Connect, and federations.
  • The best practices for securing Identity and managing access in the Cloud.

Data Security

Data is one of the most important assets in a cloud environment. understanding how to properly secure data is essential to keeping your cloud environment safe. In this section you will learn the following:

  • The types of data
  • Understand the security risks associated with data
  • Learn about data classification
  • Understand how to mitigate those risks
  • Understand the security controls that can be implemented to protect data
  • Understand the best practices for securing data
  • Learn about encryption and hashing algorithms

Cloud Data Loss Prevention

Cloud data loss prevention (DLP) is a critical security control for protecting data in a cloud environment. In this section, you will learn about the security risks associated with cloud DLP and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect cloud DLP and the best practices for securing cloud DLP.

Cloud Access Security Broker (CASB)

A cloud access security broker (CASB) is a critical security control for protecting data in a cloud environment. In this section, you will learn about the security risks associated with CASBs and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect CASBs and the best practices for securing CASBs.

DAY 2: Cloud Architecture Security

 Securing Virtual Machine?

Virtual machines are a major component of cloud computing. understanding how to properly secure virtual machines is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with virtual machines and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect virtual machines and the best practices for securing virtual machines.

Container Security

Containers are a popular technology for packaging and deploying applications in a cloud environment. Due to their popularity, it is important to understand the security risks associated with containers and how to mitigate those risks. Docker is one of the most popular container systems.

In this section, you will learn about the security risks associated with Docker containers and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect Docker containers and the best practices for securing Docker containers.

Kubernetes Security

Kubernetes is a popular container orchestration system. understanding how to properly secure Kubernetes is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with Kubernetes and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect Kubernetes and the best practices for securing Kubernetes.

Micro-services Security

Micro-services are a critical component of cloud architectures. understanding how to properly secure micro-services is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with micro-services and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect micro-services and the best practices for securing micro-services.

Cloud Networking Security

Networks are a critical component of any cloud environment. understanding how to properly secure networks is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with networks and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect networks and practices for securing networks.

 

DAY 3:  Web Application Security

Web applications are a popular way to expose data and functionality in a cloud environment. understanding how to properly secure web applications is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with web applications and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect web applications and the best practices for securing web applications.

API Security

APIs are a popular way to expose data and functionality in a cloud environment. understanding how to properly secure APIs is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with APIs and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect APIs and the best practices for securing APIs.

CI/CD Security

Continuous integration (CI) and continuous delivery (CD) are important processes for managing the software development lifecycle in a cloud environment. understanding how to properly secure CI/CD is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with CI/CD and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect CI/CD and the best practices for securing CI/CD.

  • Building a secure DevOps pipeline in the cloud
  • Harden the build and deployment servers against attack
  • Use SSL/TLS to protect communications between components in the CI/CD pipeline
  • Restrict access to the CI/CD tools and data to authorized users only
  • Implement role-based access control for the CI/CD tools and encrypt all sensitive data in the CI/CD pipeline
  • Use a firewall to protect the network perimeter of the CI/CD infrastructure
  • How to perform regular security audits of the CI/CD infrastructure
  • Implement a system that logs all user activity in the CI/CD pipeline

 

DAY 4: Securing data and cloud services through Cryptography

Cryptography is a critical component of security in a cloud environment. Cryptography is the cornerstone of security in the cloud. Cryptography is used to provide security in various areas in the cloud and through many different methods.

In this section, you will learn about the security risks associated with cryptography and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect cryptography and the best practices for securing cryptography.

Encryption

is the process of transforming readable data into an unreadable format. Encryption can be used to protect data from unauthorized access and modification.

  • How encryption works
  • Types of encryptions
  • Uses for encryption
  • Encryption algorithms
  • Protecting your data with encryption

In this section, you will learn about the security risks associated with encryption and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect encryption, as well as the best practices

Cryptographic Key Management

Cryptographic keys are a critical component of security in a cloud environment. Key management is the process of creating, storing, and managing keys. Keys are used to encrypting and decrypt data. Key management is a critical component of security in a cloud environment.

Understanding how to properly manage cryptographic keys is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with cryptographic keys and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect cryptographic keys and the best practices for securing cryptographic keys.

  • Introduction to cryptographic key management
  • How key management works
  • Key management algorithms
  • Key management servers
  • Managing keys in the cloud

Digital Signatures

Digital signatures are used to verify the identity of the sender of a message and to ensure that the message has not been tampered with. Digital signatures are a critical component of security in a cloud environment.

In this section, you will learn about the security risks associated with digital signatures and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect digital signatures and the best practices for securing digital signatures.

  • How digital signatures work
  • Types of digital signatures
  • Uses for digital signatures
  • Creating a digital signature
  • Verifying a digital signature

Digital Certificate Management

Digital certificates are a critical component of security in a cloud environment. understanding how to properly manage digital certificates is essential to keeping your cloud environment safe. In this section, you will learn about the security risks associated with digital certificates and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect digital certificates and the best practices for securing digital certificates.

SSL/TLS Security

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are important protocols for securing communications in a cloud environment. understanding how to properly configure SSL/TLS is essential to keeping your cloud environment safe.

TLS often combines encryption, digital certificate, hashing, and cryptographic key management in a single implementation. To securely configure and use this cryptographic protocol one needs to understand how the various components work together at an advanced level.

 

DAY 5: Cloud Security Operations, Monitoring, and Audit

Security Operations

Cloud security operations refer to the activities that are necessary to secure cloud resources. These activities include monitoring and responding to security incidents, implementing security controls, and securing cloud resources.

Cloud security operations are critical for ensuring the security of applications and data in the cloud. In this section, you will learn about the best practices for securing cloud security operations.

In this section, you will learn about the security risks associated with cloud security operations and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect cloud security operations and the best practices for securing cloud security operations.

Cloud Security Monitoring

Monitoring is a critical security control for detecting and responding to security incidents in a cloud environment. In this section, you will learn about the security risks associated with cloud monitoring and how to mitigate those risks. You will also learn about the security controls that can be implemented to protect cloud monitoring and the best practices for securing cloud monitoring.

How can you be sure that the service provider you’ve chosen can deliver the security services for which they are responsible? The initial audit of a cloud service or a service provider’s subsequent audit may aid in this decision.

Auditing is a critical security control for assessing the effectiveness of security controls in a cloud environment. In this section, you will learn about the security risks associated with cloud auditing and how to mitigate those risks.

 

 

 

 

Other Information

Labs

Throughout the Advanced Cloud Security and Hardening course, you will have the opportunity to put what you’ve learned into practice through a series of hands-on labs.

Prerequisites

To get the optimal benefit from this training you are expected to have knowledge of cloud computing on the following level:

  • Cloud Essentials
  • Understanding Cloud Providers Services
  • Cloud Security Essentials
  • Cloud Architecture

However, don’t worry if you do not have the prerequisite because you will receive additional materials to browse up on your knowledge of Cloud technologies before the training date.

What You Will Receive:

  • Printed courseware
  • Additional book on related topics
  • Electronic reading materials
  • Access to the course lab exercises
  • Access to a Cloud Service Provider for the labs

System Requirements:

All labs will be performed in the Cloud, as such you need to be able to access the internet from your own system. Therefore, your system should meet the following requirements:

  • A laptop with full Admin access
  • Unrestricted Internet
  • An OpenSSH client installed
  • A PDF reader

Who Should Attend?

This course is ideal for security professionals who would like to learn about cloud security at a much more advanced level than the theory presented in certification training.

  • System Administrators
  • Security architects

Duration

This is a 5-day classroom training with additional material for 1 day of home study and labs.

Course Registration Form

Type in your details to register for this course below.