Complete Cloud Cyber Security Course : Demos On Azure Cloud

Complete Cloud Cyber Security course with Lot of Azure Labs for through understanding of Concepts

What you'll learn
Prevent Risk and Prevention
Cloud Security Concepts with Azure Lab/Demos
Contracts management in Cloud
Legal issues in Cloud
Incident management in Cloud
How to handle compliance in cloud
Vulnerability management in Cloud
Devsecops
Asset security in Cloud
Cloud Service agreements in Cloud
Data Sensitivity and Legal Obligations in cloud
Auditing of Cloud Service Provider Security Posture (AWS and Azure)
Key Management in Cloud
Requirements
Willing to learn, as everything is covered from basicsSecury
Description
Why Cloud Security?Breaches can or do happen in cloud, in fact breaches are happening in cloud. In Marriott Starwood Hotels data breach some 327 million guest records were compromised that contained information such as name, mailing address, phone number, email address, passport number, Starwood Preferred Guest accounting information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.Note sure if you have heard about the below attacksCapital One Data Breach wherein New York Times reported the damage at over 80,000 account numbers, 140,000 Social Security numbers, 1 million Canadian Social Insurance Numbers.Who did it ?A former Amazon software engineer from Seattle (CSP –Cloud Service Provider Employee )who had been operating online under the handle “Erratic” was arrested after hacking Capital One using a Server-Side Request Forgery attack (SSRF). Former Amazon Employee used the technique to obtain credentials for a role that had access to sensitive information stored in S3.In cloud Security, we will learn certain best practices in regards to securing data; organizations stand a much better chance of ensuring their data is safe.Another Breach in Hotel management systemsAutoclerk, a hotel reservations management system, had an unsecured Elasticsearch database hosted in AWS that exposed hundreds of thousands of booking reservations. The system was heavily utilized by military personnel, and the exposed data revealed sensitive information about travel by military, including high ranking officers and troops being deployed.Current ScenarioMore and more companies are migrating their applications and infrastructure to the cloud, shifting operational aspects to service providers such as Microsoft and Amazon. However, cloud computing is a shared responsibility, especially when it comes to keeping your data, users, and systems safe.In this course, you will major forms of cloud technology, its benefits and risks, and the cybersecurity standards and body of knowledge required to mitigate those risks.  Learn concepts such as software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Different deployment models available in CloudWhat is Cloud Security?Cloud security, also known as cloud computing security, consists of a set of policies, controls, procedures and technologies that work together to protect cloud-based systems, data and infrastructure.You will learn Core Cloud Computing Concepts which essential to understand before digging to Cloud Security.This course has divided in below 8 Major Sections.1. Cloud Computing Fundamentals2. Contracts and Agreements in Cloud3. Vulnerability management and Secure Configuration in Cloud4. Handling Security Incidents with Cloud Service Provider5. Key Risks in cloud and their Mitigation6. Securing Azure Storage7. Logging and Monitoring in Azure8. Compliance In CloudThis is not a complete list; one can check for recommendations by NIST, CSA STAR and implement security in organization as per organization requirements.What you will learn1. Cloud Computing FundamentalsWhat is Cloud ComputingDetails about all 5 Cloud Characteristics in DetailOn Demand Self ServiceBroad Network AccessResource PoolingRapid ElasticityMeasured ServiceCloud Deployment Models ( IAAS, PAAS and SAAS)Cloud Service Models ( Public, Private and Hybrid Cloud)2. Understand Cloud Agreements/ContractsIn this section, you will learn importance of Contracts. How you can negotiate with Cloud Service providers for items to cover in contract to avoid future penalties. You will learn major artifacts for CSA (Cloud Service Agreement). You will learn important concepts like SLA in CLOUD, Acceptable use policy in Cloud.3. Cloud Assets and Secure Configuration ManagementIn this section, you will learn assets discovery issues in cloud, how to have complete asset discovery in cloud for effective security and compliance. You will learn Challenges in Cloud Asset Discovery, SecDevops and secure configuration. You will vulnerability and patch management in cloud.4. Handling Security Incidents with Cloud Service ProviderIn this Section, you will learn what to check in CSP incident response and Security Notification process, Incident response process in a cloud. You will also learn what kind log data / Support can be obtain from CSP during forensics investigations.5. Key Risks in cloud and their MitigationIn this Section, you will learn various issues you can consider to protect un-authorized access of data in cloud. You will learn various concerns like Cloud Deployment Model and Security Concerns, Location of data, what kind of Data Sensitivity and Legal Obligations would be there in cloud. How to do Media Sanitization in Cloud. Key management in cloud and many more. You will learn about IAAS, PAAS and SAAS Security issues.6. Securing Azure StorageIn this section you will learn about the below topicsAzure Storage account overviewMethods for Securing storage accountsConcept of Management  and data PlaneAzure storage Data plane Security.Limitation of using storage account KeysSecurity using SAS Keys7.  Logging and Monitoring in AzureIn this section you will learn about below topicsAzure Security Center OverviewWhat is Azure MonitorYou will be well versed with all the features of Azure Security center.Detailed overview of Azure Security center OptionsRecommendations and AlertsMaintain Regulatory compliance using Azure Security center 8. Compliance In CloudIn this Section, you will learn Information Management Legal Responsibilities, what are different types of legal issues in cloud. E-discovery issues in Cloud, What Regulations to follow in Cloud and Jurisdictional and Location issues in cloud environment.

Overview

Section 1: Cloud Computing Fundamentals

Lecture 1 What is Cloud Computing ?

Lecture 2 5 Important Cloud Characteristics

Lecture 3 On Demand Self Service

Lecture 4 Broad Network Access

Lecture 5 Resource Pooling

Lecture 6 Rapid Elasticity

Lecture 7 Measured Service

Lecture 8 IAAS

Lecture 9 PAAS

Lecture 10 SAAS

Lecture 11 Public Cloud

Lecture 12 Private Cloud

Lecture 13 Hybrid Cloud

Section 2: Contracts and Agrements in Cloud

Lecture 14 Cloud Security Shared Responsibility Model

Lecture 15 Cloud Service Agreements

Lecture 16 Why Do we need CSA (Cloud Service Agreement)

Lecture 17 Major Artifacts of CSA

Lecture 18 Artifact 1 - Customer Agreement

Lecture 19 Artifact 2 - Acceptable Use Policy

Lecture 20 Artifact 3 - Service Level Agreement

Lecture 21 Cloud SLA - What all needs to be Covered

Section 3: Vulnerability management and Secure Configuration in Cloud

Lecture 22 Challenges in Cloud Asset Discovery

Lecture 23 Complete Asset Discovery in Cloud

Lecture 24 Qualys Cloud Agent Overview

Lecture 25 Cloud Agent for Elastic Compute Environment

Lecture 26 Azure Documentation on the Qualys Cloud Agent scanner

Lecture 27 DevSecOps and Secure Configuration Management in Cloud

Section 4: Security Incident handling with CSP

Lecture 28 CSP incident response and Security Notification

Lecture 29 Incident response process in a cloud

Lecture 30 Access to logs and CSP Support

Section 5: Key Risks in cloud and thier Mitigation

Lecture 31 Cloud Deployment Model and Security Concerns

Lecture 32 Multi Tenancy issues and Solution

Lecture 33 Vendor Lock-In

Lecture 34 Location of Data in Cloud

Lecture 35 Data Sensitivity and Legal Obligations

Lecture 36 Key Management in Cloud

Lecture 37 Remote Key management Service

Lecture 38 Client-Side Key Management

Lecture 39 Key Management using Azure Key Vault (What is Azure Key Vault)

Lecture 40 Lab:Provision Azure Key Vault

Lecture 41 Lab : Create keys in KeyVault

Lecture 42 Media Sanitization in Cloud

Section 6: Securing Azure Storage

Lecture 43 Storage account Security Overview

Lecture 44 Lab - Create Azure Storage Account

Lecture 45 Methods for Securing Storage account

Lecture 46 Azure Storage - Security Layers

Lecture 47 Storage Account Data Plane Security

Lecture 48 Limitations of using Storage account Keys for Authorization

Lecture 49 Lab - Access Storage account via Access Keys

Lecture 50 Demo :Create Storage Account, Use of Access Key, RBAC

Lecture 51 Shared Access Signature Key Deep Dive

Lecture 52 Lab - Access Storage account using SAS keys

Section 7: Logging and Monitoring in Azure

Lecture 53 Cloud Monitoring Overview

Lecture 54 What is Azure Monitor

Lecture 55 Metrics and Logs in Azure Monitor

Lecture 56 Lab: Configure Metrics on a Storage Account

Lecture 57 Introduction to Azure Security center

Lecture 58 Lab: Deep Dive of Azure Security center Options

Lecture 59 Lab : Recommendations and Alerts

Section 8: Compliance In Cloud

Lecture 60 Auditing of Cloud Service Provider Security Posture.

Lecture 61 Verify Audit reports AWS and MS

Lecture 62 Information Management Legal Responsibilities

Lecture 63 Legal issues in Cloud and their Types

Lecture 64 Demo: Maintain Regulatory compliance using Azure Security center

Lecture 65 Legal Particulars - E discovery in Cloud

Security Analyst,Security Administrator