Course Details

Previous Page


Cloud Service – Operations Management


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Fundamental to cloud service security are the construction and design of secure datacenters and their hosted hardware and systems. This course covers the best practice management approach to designing, deploying, and administrating a cloud datacenter and service. In addition, the course will cover the techniques that can be deployed to configure and protect hardware assets – physical and virtualized, manage and protect configuration settings, and keep network data moving in and out of, and hosted within the domain of the datacenter. Topics include regulation compliance, protection techniques, and controlled access to the various components of a cloud data center infrastructure. In this course, you will learn about the deployment of auditing and monitoring techniques, event logging and reporting, and other aspects of management techniques associated with cloud-hosted services. The course covers the essential topics for the ICS2's Certified Cloud Security Professional examination – Domain 5 requirements.

Target Audience
This course is intended for IT professionals including managers, engineers, and technical staff intending to take the CCSP examination.

Prerequisites
None

Expected Duration (hours)
3.0

Lesson Objectives

Cloud Service – Operations Management

  • start the course
  • define the design and implementation of logical elements of a proposed cloud service, including tenant isolation, access control, etc.
  • define the design and implementation of physical aspects of a proposed cloud service, including build or rent, location, management
  • describe the deployment and configuration of secured hardware with reference to BIOS, TMP, storage controllers, network controllers, etc.
  • describe the deployment and configuration of secured hardware with reference to BIOS, TMP, storage controllers, network controllers, etc.
  • define local machine access controls, and deployment of secure KMV switches
  • define techniques to secure network configuration and network support tools, including VLAN, TLS, DHPC and Authorized DHCP, DNS and Secure, and IPSec
  • define techniques to secure the datacenter network and network access
  • define operating system hardening techniques with reference to OS: Windows, Linux, VMware, etc.
  • describe standalone and cluster host availability, backup, and failover, in addition to load balancing, dynamic optimization (DO), maintenance mode, and general high availability best practice adoption
  • describe the mechanisms for deploying Remote Access, including RDP, Secure Terminal Access
  • define the preservation of OS compliance with reference to monitoring and remediation
  • describe requirements and best practices with reference to fixes, patches, and updates
  • describe requirement to continuously monitor and report on host component performance
  • describe requirement to continuously monitor and report on host component performance
  • describe the implementation of back and restore policy with reference to cloud components, including data, configurations, etc.
  • define the deployment of network security-related controls, including firewalls, IDS, IPS, honeypot deployment, and vulnerability assessment/threat mitigation
  • define requirement for hardware event logging and reporting #1
  • define requirement for hardware event logging and reporting #2
  • describe host maintenance, scheduled preventive hardware maintenance, planned backups, hardware redundancy strategy, and notification/continuity
  • define the secure configuration of the virtual hardware, including network, storage and elastic expansion, memory, and external devices
  • describe the tolls associated with VM OS installation on the physical host
  • describe compliance and control principles and standards: Change and Continuity Management
  • describe compliance and control principles and standards: Information Security, Service Improvement, Incident, Problem, and Release Management
  • describe compliance and control principles and standards: Configuration, Service Level, Availability and Capacity Management
  • describe and implement risk management
  • describe best practice approach to the deployment of proactive and reactive forensic data collection methods
  • describe and deploy best practice systems that guarantee essential and open contact and communications with cloud system providers, vendors, cloud system consumers and users, partners, auditors, regulators, and any other key stakeholders
  • detail datacenter operational design factors and define network component security control, define four system management categories and the NIST Forensic Evidence process, describe Cloud Service Actor communications
  • Course Number:
    cl_csip_a05_it_enus