Cloud Security Architecture

2 Day Course
Hands On
Code QACYCSA

Book Now - 2 Delivery Methods Available:

Scheduled Virtual Onsite

Overview

This two day course provides an introduction to Cloud Security Architecture.

The course spans cloud security principles, patterns and architectural frameworks, data protection and compliance for cloud based applications, data and infrastructure, and the design, development and implementation of cloud security architectures.

We will review the wide range of technical security controls available using Cloud Service Provider and partner technologies, automation and DevSecOps, assurance, audit and security testing of cloud based services. The course is delivered through presentations, discussions, and practical demonstrations.

You will gain practical hands-on experience of implementing and using technical security controls in labs based on services from leading cloud service providers, and consolidate learning in a group workshop to develop a cloud security architecture, based on a realistic scenario.

Objectives

  • Cloud Security Frameworks, Principles, Patterns and Certifications
  • AWS Security Technologies
  • AWS Security Labs
  • Microsoft Azure and Office 365 Security Architecture
  • Microsoft Azure Security Lab
  • Google Apps for Work
  • Automation in the Cloud
  • Assurance in the Cloud
  • Data Protection and Compliance in the Cloud
  • Cloud Security Architectures

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Cloud Concepts (6 topics)

  • What is Cloud Computing?
  • Why is everyone moving to the Cloud?
  • Cloud computing model
  • Infrastructure, Platform and Software as a Service
  • Boundaries and responsibilities
  • Cloud reference architecture

Cloud Security Frameworks, Principles, Patterns and Certifications (9 topics)

  • Security Principles
  • Separation and layers as security controls
  • Cloud Security Alliance (CSA) Cloud Control Matrix
  • GOV.UK Cabinet Office and NCSC Cloud Security Principles
  • Security Architecture Frameworks
  • Security Architecture Patterns
  • Cloud Security Architecture Patterns
  • Trusted Cloud Initiative Reference Architecture
  • Cloud Security Certifications

AWS Security Technologies (11 topics)

  • EC2 (Elastic Compute Cloud) and VPC (Virtual Private Cloud) fundamentals
  • Availability zones and regions
  • Internet Gateway, Elastic IPs, NAT Gateway, DirectConnect
  • Security Implications of Elastic Load Balancing (ELB) and auto-scaling
  • Security Groups, Flow Logs, S3, ACLs and subnet routing
  • AWS Config, CloudTrail, CloudWatch, Trusted Advisor
  • IPSec VPN options: AWS VPNs, third party solutions
  • AWS CloudFront, Web Application Firewall and Certificate Manager
  • Vulnerability management using AWS Inspector
  • AWS Key Management Service (KMS) and CloudHSM
  • AWS Identity and Access Management (IAM)

AWS Security Lab (1 topic)

  • Hands on lab providing practical experience of implementing and using AWS security technologies

Microsoft Azure and Office 365 (16 topics)

  • Azure platform security architecture
  • Azure Virtual Networks
  • Azure network security best practices
  • Azure data security and encryption best practices
  • Azure Active Directory
  • Federated identity and Single Sign On
  • Azure Multi-factor authentication
  • Azure Key Vault
  • Azure Virtual Machine encryption
  • Microsoft Antimalware for Azure Cloud Services and Virtual Machines
  • Azure Security Center
  • Office 365 Service Architectures
  • Office 365 security across physical, logical and data layers
  • Office 365 email encryption options
  • Exchange Online Protection
  • GOV.UK Microsoft Office Security Guidance

Microsoft Azure Security Lab (2 topics)

  • Hands on lab providing practical experience of implementing and using
  • Microsoft Azure security technologies

Google Apps for Work (9 topics)

  • Google Apps for Work applications and architectures
  • Integration with corporate directories
  • Single sign-on to enforce use of corporate devices and threat prevention
  • GOV.UK Google Apps for Work Security Guidance
  • Google Admin Console
  • Google Authenticator
  • Organisational Units
  • Administrative roles
  • Data privacy opt-in

Automation (10 topics)

  • Cloud service provider automation tools
  • Terraform by Hashicorp
  • Hardened build images
  • Vault by Hashicorp
  • Patching and update strategies
  • DevSecOp
  • Assurance
  • Centre for Internet Security (CIS) Foundation Benchmarks
  • Penetration tests of cloud environments
  • External audit and configuration review

Data Protection and Compliance (9 topics)

  • Personally Identifiable Information (PII) and Personal Data
  • UK Data Protection Act and Information Commissioner's Office (ICO)
  • European Union (EU) Data Protection Directive
  • EU General Data Protection Regulation (GDPR)
  • Cyber Essentials Plus
  • Cloud Security Alliance STAR
  • PCI DSS
  • AICPA SOC3 (formerly SAS70)
  • ISO 27001

Cloud Security Architectures (4 topics)

  • Cloud security architecture patterns and templates
  • Scenario requirement
  • Develop security architecture in groups
  • Present back to wider group, review and discuss

Prerequisites

This course is aimed at Security Architects working in sectors such as Government and Finance where data protection and cyber-security are particular concerns, who are looking to develop secure architectures for the implementation of applications and systems in commodity cloud environments. For those delegates looking for a more complete Cloud Security course, take a look at the Practitioner Certificate in Cloud Security course.

An understanding of security architecture, risk management and a basic technical knowledge of computers and networks is assumed. Experience of using cloud services is helpful but not essentials.

Scheduled Dates

Please select from the dates below to make an enquiry or booking.

Pricing

Different pricing structures are available including special offers. These include early bird, late availability, multi-place, corporate volume and self-funding rates. Please arrange a discussion with a training advisor to discover your most cost effective option.

Code Location Duration Price Nov Dec Jan Feb Mar Apr
QACYCSA
Attend From Anywhere
2 Days $1,421
QACYCSA 2 Days $1,421
QACYCSA 2 Days $1,421

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections