This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Cloud
A comprehensive course on cloud security covering cloud architecture, attack vectors, security controls, data protection, compliance, and forensics — aligned with CSA, NIST, and ENISA guidelines.
Course Instructor: Ashish Revar
Unit 1
Foundational concepts of cloud computing: characteristics, service models (IaaS, PaaS, SaaS), deployment models, security design principles, cloud architecture patterns, and an introduction to virtualisation with VMware.
Unit 2
Cloud-specific attack surfaces and threat landscape: service hijacking, session hijacking, DoS and DDoS attacks, man-in-the-cloud attacks, cloud-specific vulnerabilities, and privacy issues in cloud-based IT services.
Unit 3
Security control layers in cloud environments, industry frameworks and standards (CSA, NIST, ENISA), security control placement strategies, cloud security best practices, penetration testing methodologies for cloud, and cloud security tooling.
Unit 4
Data protection mechanisms for cloud services: encryption at rest and in transit, data redaction, tokenisation, obfuscation, PKI and key management in cloud environments, assuring data deletion, and enforcing access control for cloud infrastructure services.
Unit 5
Operational security in cloud: monitoring and auditing strategies, policy management, compliance and risk management frameworks, introduction to major cloud service providers (OpenStack, Docker, Amazon Web Services), and cloud governance models.
Unit 6
Digital forensics in cloud environments: introduction to cloud forensics, crimes associated with cloud services, forensic challenges in distributed and ephemeral environments, reviewing cloud trail logs, data collection and analysis techniques, and investigating cloud storage services (Dropbox, Google Drive).