Inspiring Growth Driving Impact

CURRICULUM OF CLOUD SECURITY

# Topics Subtopics Details
1 Overview of • Definition and key • Comprehensive
Cloud concepts introduction to cloud
Computing • Types of cloud computing
services (IaaS, PaaS, • Its key concepts,
SaaS) different service and
• Cloud deployment deployment models,
models (Public, and their implications
Private, Hybrid, on cloud security.
community)
2 Importance of • Benefits and risks of • Importance of
Cloud security cloud computing securing cloud
• Regulatory and environments,
compliance understanding
requirements regulatory compliance,
• Industry standards • Adopting industry best
and best practices practices for robust
(ISO, NIST, CIS) cloud security.
3 Security • Shared responsibility • Designing a secure
Architecture for model cloud architecture
Cloud • Identity and access • Understanding the
management (IAM) shared responsibility
• Network security in model
cloud environments • Implementing IAM,
and securing cloud
networks.
4 Data security • Data encryption (in • Strategies for
and Privacy transit, at rest) protecting data in
• Data loss prevention cloud environments
(DLP) • Encryption techniques
• Privacy • Data loss prevention
considerations and methods,
regulations (GDPR, and adhering to
CCPA) privacy regulations.
5 Common Cloud • Data breaches • Identifying and
Security • Misconfiguration and mitigating common
Threats inadequate change cloud security threats
control • Best practices for
• Account hijacking configuration
Insider threats management,
and protecting against
account hijacking and
insider threats.
6 Vulnerability • Tools and techniques • Hands on practice to
Assessment for vulnerability demonstrate
scanning

Private & confidential

 Inspiring Growth Driving Impact

• Cloud-specific techniques to assess

vulnerabilities vulnerability
• Penetration testing in
cloud environments
7 Identity and • IAM Fundamentals • Verifying the identity of
Access • RBAC users or systems
Management • MFA attempting to access
(IAM) • SSO resources
• IAM in • Providing users with
(AWS/Azure/GCP) the minimum level of
• Best practices and access necessary to
real world examples perform their job
functions.
• Protocol for accessing
and maintaining
directory services.
8 Network • Virtual private clouds • Hands on practice to
security • Firewalls and security demonstrate the
groups, IDPS concept of VPC
• Security configuration • Firewalls and security
of cloud services groups
9 Cloud security • Monitoring and • Explanation of the
operations logging concept of Monitoring
cloud-native and logging
monitoring tools • Continuous monitoring
• Incident detection of cloud infrastructure,
and response best applications, and data
practices and real for security incidents
world examples and anomalies
• Collects and analyses
log data from cloud
environments to
identify and respond
to security events.
10 Compliance • Understanding • Requirements for
and legal compliance securing credit card
considerations frameworks (PCI- transactions and
DSS, HIPPA, SOX) protecting cardholder
• Auditing and data.
reporting • Regulations ensuring
security and privacy of
health information.
• Regulations
addressing financial
reporting and
corporate governance.

Private & confidential

 Inspiring Growth Driving Impact

11 Designing for • Secure cloud Implementing security

security architecture design measures at multiple layers
security by designing (network, application, data)
principles to defend against different
types of attacks
Encrypting data at rest and in
transit using strong
encryption algorithms to
protect sensitive information
Implementing strict access
controls
12 Cloud security • Overview of CCSP • Overview of in
certification and AWS Certified demand certification
career • Security Specialty • Important resources
opportunities Azure Security and study material
Engineer
• Important resources
and tips
13 Project Work • Designing a secure • Capstone project
cloud infrastructure
for a hypothetical
company
• Implementing and
demonstrating key
security controls
Presenting findings
and
recommendations

Private & confidential