(ISC)²

UOP-CYB510: Cloud Security

(UOP-CYB510.AE1)
Lessons
Lab
Lab (Add-on)
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Architectural Concepts

  • Cloud Characteristics
  • Business Requirements
  • Cloud Evolution, Vernacular, and Models
  • Cloud Computing Roles and Responsibilities
  • Cloud Computing Definitions
  • Foundational Concepts of Cloud Computing
  • Related and Emerging Technologies
2

Design Requirements and Data Classification

  • Business Requirements Analysis
  • Security Considerations for Different Cloud Categories
  • Design Principles for Protecting Sensitive Data
  • Data Inventory and Discovery
  • Jurisdictional Requirements
  • Information Rights Management (IRM)
  • Data Control
3

Cloud Security

  • Cloud Data Lifecycle
  • Cloud Storage Architectures
  • Cloud Data Security Foundational Strategies
  • Shared Cloud Platform Risks and Responsibilities
  • Cloud Computing Risks by Deployment Model
  • Cloud Computing Risks by Service Model
  • Virtualization
  • Disaster Recovery (DR) and Business Continuity (BC)
4

Responsibilities in the Cloud and Cloud Application Security

  • Foundations of Managed Services
  • Business Requirements
  • Shared Responsibilities by Service Type
  • Shared Administration of OS, Middleware, or Applications
  • Shared Responsibilities: Data Access
  • Lack of Physical Access
  • Training and Awareness
  • Cloud-Secure Software Development Lifecycle (SDLC)
  • ISO/IEC 27034-1 Standards for Secure Application Development
  • Identity and Access Management (IAM)
  • Cloud Application Architecture
  • Cloud Application Assurance and Validation
5

Operations Elements and Management

  • Physical/Logical Operations
  • Security Operations Center
  • Monitoring, Capacity, and Maintenance
  • Change and Configuration Management (CM)
  • IT Service Management and Continual Service Improvement
  • Business Continuity and Disaster Recovery (BC/DR)
6

Legal and Compliance

  • Legal Requirements and Unique Risks in the Cloud Environment
  • Potential Personal and Data Privacy Issues in the Cloud Environment
  • Audit Processes, Methodologies, and Cloud Adaptations
  • The Impact of Diverse Geographical Locations and Legal Jurisdictions
  • Business Requirements
  • Cloud Contract Design and Management for Outsourcing
  • Identifying Appropriate Supply Chain and Vendor Management Processes
7

About

1

Architectural Concepts

  • Capturing Network Traffic
  • Creating a Virtual Machine and Installing Ubuntu Using Hyper-V Manager
  • Using an Asymmetric Algorithm
  • Installing Ubuntu Using Hyper-V Manager
  • Using a Symmetric Algorithm
2

Design Requirements and Data Classification

  • Using Windows Defender
  • Creating a Demilitarized Zone
  • Configuring a VPN
  • Displaying Metadata Information
  • Creating a Standard ACL
  • Enabling an Access Control List
3

Cloud Security

  • Building IPSec VPN
  • Configuring RAID 5
  • Generating a Symmetric Key
  • Generating an Asymmetric Key
  • Observing an MD5-Generated Hash Value
  • Observing an SHA-Generated Hash Value
  • Performing a DoS Attack with SYN Flood
  • Performing a MITM Attack
  • Using Social Engineering Techniques to Plan an Attack
  • Installing Web Application Proxy
  • Performing a Credential-Based Brute-Force Attack
  • Taking a Full Backup
  • Taking an Incremental Backup
4

Responsibilities in the Cloud and Cloud Application Security

  • Setting Up a Honeypot on Kali Linux
  • Configuring a Firewall for Inbound Rules
  • Removing Unnecessary Services
  • Using the Event Viewer
  • Authorizing a User
  • Examining File Permissions
  • Conducting Cross-Site Request Forgery with Low Complexity
  • Attacking a Website Using Cross-Site Scripting (XSS) Injection
  • Conducting IP Spoofing
5

Operations Elements and Management

  • Verifying RAM Usage
  • Checking Disk Capacity
  • Using MBSA
6

Legal and Compliance

  • Completing the Chain of Custody