SECTION 1: Identity and Access Management

TOPICS: Course Overview; Cloud Accounts; Policies and Permissions; Groups and Roles; Temporary Credentials; Secrets Management; Customer Account Management and External Access; More IAM Best Practices

SECTION 2: Compute and Configuration Management

TOPICS: Securely deploy a compute instance/virtual machine in CSP environments; Maintain the running instance throughout its lifecycle; Create hardened images for re-use in the organization; Understand the various threats that could affect cloud-based applications; Lock down cloud storage to prevent spillage of sensitive information

SECTION 3: Data Protection and Automation

TOPICS: Data Classification; Data at Rest Encryption; Availability; Data in Transit Encryption; Lifecycle Management; Infrastructure as Code; Productivity Services; Cloud Access Security Brokers (CASB)

SECTION 4: Networking and Logging

TOPICS: Private Cloud Networking; Public Cloud Networking; Network Segmentation; Network Protection Services; Cloud Logging Services; Log Collection and Analysis; Network Visibility; Cloud Detection Services

SECTION 5: Compliance, Incident Response, and Penetration Testing

TOPICS: Security Assurance; Cloud Auditing; Privacy; Government Clouds; Risk Management; Penetration Testing; Legal and Contractual Requirements; Incident Response and Forensics

SECTION 6: CloudWars

This final section consists of an all-day, CloudWars competition to reinforce the topics covered in Sections 1–5. Through this friendly competition, students will answer several challenges made up of multiple choice, fill-in-the-blank, as well as hands-on and validated exercises performed in two CSP environments. They will be given a brand-new environment to deploy in two different cloud vendors and will be tasked to take this very broken environment and make the appropriate changes to increase its overall security posture.