Certified Practitioner Certificate in Cloud Security
Future Connect Group provides training in " Certified Practitioner Certificate in Cloud Security " on various locations in London, Dubai, Abu Dhabi, Riyadh, Dammam, Jeddah, Bahrain, Qatar, Kuwait, Oman, Rome, and Islamabad.
Course Description:
DAY ONE
Introduction
- Introductions
- Objectives of course
- Agenda
Cloud Concepts
- What is Cloud Computing?
- Why is everyone moving to the Cloud?
- Cloud computing model
- Infrastructure, Platform, and Software as a Service
- Boundaries and responsibilities
- Cloud Service Providers – Gartner Magic Quadrant(s)
- Cloud reference architectures
Virtualization
- Overview of different virtualization technologies and types covering storage, networks, and systems.
Cloud Security Frameworks, Principles, Patterns and Certifications
- Security Principles
- Separation and layers as security controls
- Cloud Security Alliance (CSA) Cloud Control Matrix
- GOV.UK Cabinet Office and NCSC Cloud Security Principles
- Security Architecture Frameworks
- Security Architecture Patterns
- Cloud Security Architecture Patterns
- Trusted Cloud Initiative Reference Architecture
- Cloud Security Certifications
AWS Security Technologies
- EC2 (Elastic Compute Cloud) and VPC (Virtual Private Cloud) fundamentals
- Availability zones and regions
- Internet Gateway, Elastic IPs, NAT Gateway, DirectConnect
- Security Implications of Elastic Load Balancing (ELB) and auto-scaling
- Security Groups, Flow Logs, S3, ACLs and subnet routing
- AWS Config, CloudTrail, CloudWatch, Trusted Advisor
- IPSec VPN options: AWS VPNs, third party solutions
- AWS CloudFront, Web Application Firewall and Certificate Manager
- Vulnerability management using AWS Inspector
- AWS Key Management Service (KMS) and CloudHSM
- AWS Identity and Access Management (IAM)
- Labs providing practical experience of implementing and using AWS security technologies
Quiz
- End of day knowledge check – exam-style questions
DAY TWO
Microsoft Azure and Office 365
- Azure platform security architecture
- Azure Virtual Networks
- Azure network security best practices
- Azure data security and encryption best practices
- Azure Active Directory
- Federated identity and Single Sign-On
- Azure Multi-factor authentication
- Azure Key Vault
- Azure Virtual Machine encryption
- Microsoft Antimalware for Azure Cloud Services and Virtual Machines
- Azure Security Center
- Office 365 Service Architectures
- Office 365 security across physical, logical and data layers
- Office 365 email encryption options
- Exchange Online Protection
- GOV.UK Microsoft Office Security Guidance
- Labs providing practical experience of implementing and using Microsoft Azure security technologies
Google Apps for Work
- Google Apps for Work applications and architectures
- Integration with corporate directories
- Single sign-on to enforce the use of corporate devices and threat prevention
- GOV.UK Google Apps for Work Security Guidance
- Google Admin Console
- Google Authenticator
- Organizational Units
- Administrative roles
- Data privacy opt-in
Assurance
- Centre for Internet Security (CIS) Foundation Benchmarks
- Penetration tests of cloud environments
- External audit and configuration review
Data Protection and Compliance
- Personally Identifiable Information (PII) and Personal Data
- UK Data Protection Act and Information Commissioner’s Office (ICO)
- European Union (EU) Data Protection Directive
- EU General Data Protection Regulation (GDPR)
- Cyber Essentials Plus
- Cloud Security Alliance STAR
- PCI DSS
- AICPA SOC3 (formerly SAS70)
- ISO 27001
Quiz
- End of day knowledge check – exam-style questions
DAY THREE
Containers
- Concept of containers
- Docker
- Why development teams are moving to containers
- Security issues of containers
- Container security good practice
- CIS Benchmark for Docker and Docker Bench tool
- Orchestration – Kubernetes
- Security features of Kubernetes
- Orchestration – Docker Swarm
- Cloud Service Provider container platforms (AWS, Azure, Google)
- Container security solutions (e.g. Twistlock, NeuVector, AquaSecurity)
- Labs providing hands-on experience of Docker containers and potential security issues
Web Application Security
- OWASP Top 10
- Threat Modelling
- Secure Software Development Lifecycle
Cloud Identity Services
- SAML
- oAuth, oAuth 2.0 and OpenID Connect
- Cloud Identity Providers
Quiz
- End of day knowledge check – exam-style questions
DAY FOUR
Serverless
- Concept of ‘serverless’
- Pros and Cons
- AWS Lambda
- Step functions
- Dynamo DB
- SQS, SWS, S3
- Serverless application architecture
- Security implications
- Environment Variable encryption
- Azure Cloud Functions
- Google Cloud Functions
- Labs providing hands-on experience of Serverless architectures
Cloud Security as a Service
- Cloud Security Services
- Cloud analytics, e.g. Splunk Cloud
- Cloud security operations management, e.g. AlertLogic
Quiz
- End of day knowledge check – exam-style questions
Cloud Security Workshop
- Scenario requirement
- Develop security architecture in groups
- Present back to wider group, review and discuss
DAY FIVE
Automation
- Cloud service provider automation tools
- Terraform by Hashicorp
- Hardened build images
- Vault by Hashicorp
- Patching and update strategies
- DevSecOps
Continuous Integration Pipeline
- Continuous Integration Pipeline
- Automated environment testing
- Jenkins
- Security issues
Future Connect Training Institute is a part of Future Connect Group. We provide intensive practical training in various subjects and jobs specific areas. The training courses are held around the year at various locations like London, Dubai, Abu Dhabi, Riyadh, Dammam, Jeddah, Bahrain, Qatar, Kuwait, Oman, Rome, and Islamabad.