VLAN Hopping Prevention Tips VLAN hopping is a security vulnerability that allows an attacker to gain unauthorized access to network resources by exploiting weaknesses in the implementation of Virtual Local…
Complete Cloud Cyber Security Course : Demos on Azure Cloud
Cloud Cyber Security Course demos on Azure cloud
Why Cloud Security?
Breaches can or do happen in cloud, in fact breaches are happening in cloud. In Marriott Starwood Hotels data breach some 327 million guest records were compromised that contained information such as name, mailing address, phone number, email address, passport number, Starwood Preferred Guest accounting information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.
Note sure if you have heard about the below attacks
Capital One Data Breach wherein New York Times reported the damage at over 80,000 account numbers, 140,000 Social Security numbers, 1 million Canadian Social Insurance Numbers.
Who did it ?
A former Amazon software engineer from Seattle (CSP –Cloud Service Provider Employee )who had been operating online under the handle “Erratic” was arrested after hacking Capital One using a Server-Side Request Forgery attack (SSRF). Former Amazon Employee used the technique to obtain credentials for a role that had access to sensitive information stored in S3.
In cloud Security, we will learn certain best practices in regards to securing data; organizations stand a much better chance of ensuring their data is safe.
Another Breach in Hotel management systems
Autoclerk, a hotel reservations management system, had an unsecured Elasticsearch database hosted in AWS that exposed hundreds of thousands of booking reservations.
The system was heavily utilized by military personnel, and the exposed data revealed sensitive information about travel by military, including high ranking officers and troops being deployed.
Current Scenario
More and more companies are migrating their applications and infrastructure to the cloud, shifting operational aspects to service providers such as Microsoft and Amazon. However, Cloud Cyber Security is a shared responsibility, especially when it comes to keeping your data, users, and systems safe.
-
In this course, you will major forms of cloud technology, its benefits and risks, and the Cloud Cyber Security standards and body of knowledge required to mitigate those risks. Learn concepts such as software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Different deployment models available in Cloud
What is Cloud Security?
Cloud Cyber Security, also known as cloud computing security, consists of a set of policies, controls, procedures and technologies that work together to protect cloud-based systems, data and infrastructure.
You will learn Core Cloud Computing Concepts which essential to understand before digging to Cloud Security.
This course has divided in below 8 Major Sections.
1. Cloud Computing Fundamentals
2. Contracts and Agreements in Cloud
3. Vulnerability management and Secure Configuration in Cloud
4. Handling Security Incidents with Cloud Service Provider
5. Key Risks in cloud and their Mitigation
6. Securing Azure Storage
7. Logging and Monitoring in Azure
8. Compliance In Cloud
This is not a complete list; one can check for recommendations by NIST, CSA STAR and implement security in organization as per organization requirements.
What you will learn
1. Cloud Computing Fundamentals
What is Cloud ComputingDetails about all 5 Cloud Characteristics in DetailOn Demand Self ServiceBroad Network AccessResource PoolingRapid ElasticityMeasured ServiceCloud Deployment Models ( IAAS, PAAS and SAAS)Cloud Service Models ( Public, Private and Hybrid Cloud)
2. Understand Cloud Agreements/Contracts
In this section, you will learn importance of Contracts. How you can negotiate with Cloud Service providers for items to cover in contract to avoid future penalties. You will learn major artifacts for CSA (Cloud Service Agreement). You will learn important concepts like SLA in CLOUD, Acceptable use policy in Cloud.
3. Cloud Assets and Secure Configuration Management
In this section, you will learn assets discovery issues in cloud, how to have complete asset discovery in cloud for effective security and compliance. You will learn Challenges in Cloud Asset Discovery, SecDevops and secure configuration. You will vulnerability and patch management in cloud.
4. Handling Security Incidents with Cloud Service Provider
In this Section, you will learn what to check in CSP incident response and Security Notification process, Incident response process in a cloud. You will also learn what kind log data / Support can be obtain from CSP during forensics investigations.
5. Key Risks in cloud and their Mitigation
In this Section, you will learn various issues you can consider to protect un-authorized access of data in cloud. You will learn various concerns like Cloud Deployment Model and Security Concerns, Location of data, what kind of Data Sensitivity and Legal Obligations would be there in cloud. How to do Media Sanitization in Cloud. Key management in cloud and many more.You will learn about IAAS, PAAS and SAAS Security issues.
6. Securing Azure Storage
In this section you will learn about the below topics
Azure Storage account overviewMethods for Securing storage accountsConcept of Management and data PlaneAzure storage Data plane Security.Limitation of using storage account KeysSecurity using SAS Keys
7. Logging and Monitoring in Azure
In this section you will learn about below topics
Azure Security Center OverviewWhat is Azure MonitorYou will be well versed with all the features of Azure Security center.Detailed overview of Azure Security center OptionsRecommendations and AlertsMaintain Regulatory compliance using Azure Security center
8. Compliance In Cloud
In this Section, you will learn Information Management Legal Responsibilities, what are different types of legal issues in cloud. E-discovery issues in Cloud, What Regulations to follow in Cloud and Jurisdictional and Location issues in cloud environment.
Agile project management Artificial Intelligence aws blockchain cloud computing coding interview coding interviews Collaboration Coursera css cybersecurity cyber threats data analysis data breaches data science data visualization devops django docker excel flask Grafana html It Certification java javascript ketan kk Kubernetes machine learning machine learning engineer Network & Security nodejs online courses online learning Operating Systems Other It & Software pen testing Project Management python Software Engineering Terraform Udemy courses VLAN web development