This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Unit 5 of Cloud
Operational security in cloud: monitoring and auditing strategies, policy management, compliance and risk management frameworks, introduction to major cloud service providers (OpenStack, Docker, Amazon Web Services), and cloud governance models.
Learning outcomes
The seven cloud log source categories, centralised logging architecture, log protection, and high-priority alerts.
Internal vs external audit, continuous auditing, CERT-In 2022, SEBI CSCRF 2024, DPDP Act 2023, and RBI IT Framework.
Container isolation, image scanning with Trivy, runtime security with Falco, 4Cs framework, and Kubernetes audit with kube-bench.
The five mandatory AWS security services, identity and detection services, network protection, data protection, and cross-provider equivalents.
20 multiple-choice questions on monitoring, auditing and compliance.
AWS Security Lake + OpenSearch as cloud-native SIEM, Sentinel and Splunk for hybrid environments, detection rule categories, SOAR automation with EventBridge + Step Functions, and SIEM effectiveness metrics.
OpenStack component security (Keystone, Nova, Neutron), Fernet tokens, VM isolation model, network isolation with VXLAN, CIS OpenStack Benchmark, and NIC MeghRaj context.
Lambda execution environment (Firecracker micro-VMs), warm vs cold start security implications, event injection vectors, over-privileged execution roles, and serverless best practices.
How cloud IR differs from traditional IR, the NIST SP 800-61 lifecycle applied to cloud, containment actions for compromised credentials and public S3 buckets, and CERT-In mandatory reporting.