Explore cloud migration, portability, and enablement, and master cloud storage, compute, and APIs while learning about vendor lock-in, service level agreements, and enterprise risk management.

Explore cloud roles from providers, brokers, resellers, and administrators to architects and data custodians, and compare MSPs with CSPs, including proactive management and predictable subscription-based billing.

Learn how a cloud service provider delivers software-defined resources, enabling agility, resilience, and cost savings through pay-as-you-go pricing, scalable provisioning, and security visibility, while controlling data and the operating system.

Assess how cloud providers' reputation for confidentiality, integrity, and resilience shapes decisions to secure customer data. Leverage elasticity, virtualization, scalability, mobility, and collaboration, while emphasizing simplicity, risk reduction, and cost.

Define cloud computing’s pay-per-use model and data custodian privacy responsibility; review broad network access, rapid elasticity, measured service, on-demand, self-service, resource pooling, and the service models SaaS, PaaS, IaaS.

Explore how measured service charges only for resources used, and how on-demand self-service and resource pooling enable automatic provisioning on shared infrastructure. Involve security early to avoid bottlenecks.

Explore the six essential cloud characteristics per iso 17,788, focusing on multi-tenancy as a core concept. Understand how segmentation, isolation, and virtualization enable scalable services and secure hypervisor management.

Secure the cloud by hardening the hypervisor, disconnecting unused hardware, and disabling unnecessary guest-host communications, while monitoring the virtual network, hypervisor integrity, and updates with backups.

Identify VM sprawl risks and enforce governance to control provisioning. Implement network based security, encryption, data categorization, and virtualization aware controls to ensure VM isolation and prevent co-mingling.

Explore cloud deployment models—public, private, hybrid, and community—with layered security using third-party tools, encryption of virtual machine images when not in use, and governance to protect privacy, availability, and integrity.

Explore community and hybrid cloud models, including on-premises ownership, cloud bursting, and IaaS where you provision resources and enable data and application portability.

Explore infrastructure as a service and platform as a service, featuring metered usage, cost tracing to the business unit, scalable resources, and open standards to reduce vendor lock-in.

Deliver globally accessible, standardized applications as software as a service, with provider-managed patching and hosted or on-demand access. Align cloud assets with business strategy to optimize value.

Learn how enterprise architecture guides cloud migration by inventorying assets, validating data and applications for move, and weighing reputation, customer confidence, and morale to ensure a trusted transition.

Establish trusted, efficient access and administration with identity, authentication, authorization, and auditability, ensuring proper permissions, audit trails, and reliable availability in multi-tenant cloud environments while meeting regulatory requirements.

Explore cloud security concerns, risk vulnerabilities, and SLAs while examining the triad threat model, treacherous 12 cloud threats, the 2017 OWASP top ten, and the risk management lifecycle.

Identify threats, vulnerabilities, and consequences within organizational risk framework via risk assessment. Develop and monitor risk responses—accept, avoid, mitigate, share, or transfer—ensuring compliance with federal legislation, directives, regulations, and standards.

Explore cloud security concerns in governance, risk and compliance, including data protection, data lifecycle management, and encryption, while highlighting visibility gaps and vendor lock-in risks.

Explore data portability, cross-provider standards, and secure management channels for cloud migrations; enforce complete data deletion and insider-threat mitigations with clear roles and separation of duties.

Identify isolation failures in cloud environments, including separation of storage, memory, and routing to prevent data miscommunication between tenants. Outsource or train to improve provisioning and deprovisioning.

Explore cloud security vulnerabilities from vendor lock-in to encryption in transit. Understand contract clarity, source escrow, and service level agreements to protect assets.

Cloud security fundamentals cover asset ownership clarity, SLA essentials, and how providers address information security, privacy, breach reporting, availability, disaster recovery, and change management.

Assess how SLA clauses conflict with stakeholder promises and introduce cloud risk. Ensure proper vetting, need-to-know access, and intellectual property protection, aligning uptime, security, and privacy with providers.

Enforce locked-down roles, restrict privileges, uphold need-to-know and separation of duties in cloud environments while aligning data storage with GDPR, HIPAA, GLBA, and Australian Privacy Act through SLAs and audits.

GDPR applies to cloud processing by controllers and processors, with penalties up to 4% of turnover or 23.3 million USD, and requires consent, data subject rights, and breach notices.

Explore GDPR data subject rights, including the right to be forgotten and data portability, and how privacy by design and data minimization influence cloud security.

Analyze the stride threat model to classify cloud threats by exploit and attacker motivation, emphasizing identity spoofing and data tampering, and relate it to the OWASP top ten.

Explore the stride threat model, covering repudiation and non-repudiation with audit trails, information disclosure controls, denial of service defenses, and elevation of privilege secured by authentication, authorization, and encryption.

explore the treacherous 12 cloud threats, led by data breaches, and learn how multifactor authentication, encryption, and security controls protect data in shared cloud environments.

Explains how insufficient identity and access management drives data breaches, highlighting weak passwords, missing multi-factor authentication, and risks of centralizing keys or passwords.

Insufficient identity credential and access management enables malicious actors to masquerade as legitimate users, potentially reading, modifying, deleting, or exfiltrating data, and compromising control planes or data in transit.

Protect your api as the first line of defense by implementing controls, detection, and secure interfaces to prevent unauthorized access across a multi-tenant cloud.

Explores patch management, threat intelligence, and zero-day mitigation in cloud environments, with STRIDE threat modeling and best practices to prevent account hijacking through two-factor authentication and audit trails.

Analyze account hijacking top threats, including spoofing, data tampering, information disclosure, and privilege elevation, and apply controls like credential lifecycle to protect cloud IT services.

Explore the treacherous twelve controls for malicious insiders, from data labeling and encryption to identity and access management, segmentation, and third-party audits, plus advanced persistent threats and proactive user education.

Implement advanced security controls, incident response, and staff training to counter APTs, weigh budget against potential damage, and apply triad threat analysis for data loss and encryption challenges.

Develop thorough cloud due diligence to understand risks before cloud adoption, covering data governance, risk assessments, retention policy, resiliency, security monitoring, encryption, and Stride threats.

Explains abuse and use of cloud services, including denial of service, spam, phishing, and hosting malicious content. Highlights need for abuse reporting and an incident response framework with cloud providers.

Explore how denial of service attacks threaten availability, how attackers may drive up costs through metered cloud usage, and how shared technology vulnerabilities affect cloud security.

Examine how shared technology vulnerabilities in cloud services raise business risk across infrastructure, platform, and software as a service, and apply defense depth with multi-factor authentication, segmentation, and patching.

Explore the 2017 OWASP top ten evolution from 2013, highlighting risks like injection, broken authentication and session management, sensitive data exposure, XML external entity, broken access controls, and insecure deserialization.

Learn to prevent xml external entity attacks with developer training and updated xml processors. Use secure gateways and web application firewall; address broken access control, misconfiguration, and insecure deserialization.

Prevent using components with known vulnerabilities by removing unused dependencies, sourcing official signed packages, and applying software composition analysis, while enforcing logging, monitoring, and incident response.

Explore how corporate data in the cloud, including email, customer data, marketing data, and intellectual property, shifted from 2015 to 2017, and examine benefits like flexibility, availability, and security concerns.

Organizations remain concerned about cloud security, with unauthorized access and account hijack as top threats. Focus on visibility, compliance, and data protection through encryption, access controls, and threat reporting.

Explore 2017 data protection and effective security controls across cloud environments, emphasizing encryption, access controls, monitoring, and intrusion detection and prevention. Cloud confidence hinges on policies and VM isolation.