Sponsors

Follow Us

Upcoming events

Menu
Log in
Forgot password
Search
Log in

TECHNICAL COURSES
NCC 237: CLOUD SECURITY ARCHITECTURE AND OPERATIONS

COURSE NUMBER

NCC 237

CREDIT / UNIT HOURS

3

PRE-REQUISITES

NCC 236: Cloud Computing Fundamentals

RECOMMENDED TEXT BOOK

TBD

ISBN

TBD

COURSE LAB

TBD


DESCRIPTION

4 credit/unit hours – Four hours of lecture weekly; one term

This course introduces the learner to the fundamental concepts of cloud security: Cloud policy and governance for security professionals; technical security principles and controls for cloud delivery types (e.g., SaaS, PaaS, and IaaS); cloud architecture and security design; vulnerability management; penetration testing; incident handling, forensics, event management; application security; SecDevOps; and automation.

Updated: May 20, 2024

LEARNING OBJECTIVES

Upon completion of this course the learner will be able to:

    • Describe the fundamentals of cloud security;
    • Explain and implement various core security controls for cloud computing;
    • Discuss and design secure cloud architectures;
    • Describe threats to cloud computing environments; and
    • Discuss security as it relates to cloud computing (e.g., Vulnerability Management, Penetration Testing, Intrusion Detection, Incident Response, Event Management, Forensics, automation, orchestration).

        MAIN TOPICS

        1.0 Cloud Security Foundations

          • Introduction to the Cloud and Cloud Security Basics
          • Cloud Security Alliance Guidance
          • Cloud Policy and Planning
          • Software-as-a-Service (SaaS) Security
          • Cloud Access Security Brokers (CASBs)
          • Intro to Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (Iaas) Security Controls

        2.0 Core Security Controls for Cloud Computing

          • Cloud Security: In-House vs. Cloud
          • Virtualization Security Primer
          • Cloud Network Security
          • Instance and Image Security
          • Identity and Access Management (IAM)
          • Data Security for the Cloud
          • Application Security for the Cloud
          • Provider Security: Cloud Risk Assessment

        3.0  Cloud Security Architecture and Design

          • Cloud Security Architecture Overview
          • Cloud Architecture and Security Principles
          • Infrastructure and Core Component Security
          • Access Controls and Compartmentalization
          • Confidentiality and Data ProtectionAvailability

        4.0  Cloud Security

          • Threats to Cloud Computing
          • Vulnerability Management in the Cloud
          • Cloud Penetration Testing
          • Intrusion Detection in the Cloud
          • Cloud Incident Response and Event Management
          • Cloud Forensics

        5.0  Cloud Security Automation and Orchestration

          • Scripting and Automation in the Cloud
          • SecDevOps Principles
          • Creating Secure Cloud Workflows
          • Building Automated Event Management
          • Building Automated Defensive Strategies
          • Tools and Tactics




        © 2025 Cyber Ready Professional Consortium  PRIVACY POLICY / TERMS OF USE

        Powered by Wild Apricot Membership Software