Rating 3.0 out of 5 (1 ratings in Udemy)
What you'll learn- Security Analyst
- Cloud Risk and compliance resource
- Cloud Auditors
- Who ever is interested to learn about cloud challenges, Security, controls & how to make it secure?
DescriptionCloud Computing : Essential Characteristics
Broad Network Access
Rapid Elasticity
Measured Service
On-Demand Self Service
Resource Pooling
Cloud Computing : Service Models
SaaS(Software as a Service)
PaaS(Platform as a Service)
IaaS(Infrastructure as a Service) …
Rating 3.0 out of 5 (1 ratings in Udemy)
What you'll learn- Security Analyst
- Cloud Risk and compliance resource
- Cloud Auditors
- Who ever is interested to learn about cloud challenges, Security, controls & how to make it secure?
DescriptionCloud Computing : Essential Characteristics
Broad Network Access
Rapid Elasticity
Measured Service
On-Demand Self Service
Resource Pooling
Cloud Computing : Service Models
SaaS(Software as a Service)
PaaS(Platform as a Service)
IaaS(Infrastructure as a Service)
Cloud : Deployment Model
Public
Private
Community
Hybrid
Cloud Security challenges
Compromises to the confidentiality and integrity of data in transit to and from a cloud provider and at rest.
Attacks which take advantage of the homogeneity and power of cloud computing systems to rapidly scale and increase the magnitude of the attack.
A consumer’s unauthorized access (through improper authentication or authorization, or exploit of vulnerabilities introduced maliciously or unintentionally) to software, data, and resources provisioned to, and owned by another authorized cloud consumer.
Increased levels of network-based attacks that exploit software not designed for an Internet-based model and vulnerabilities existing in resources formerly accessed through private networks.
Limited ability to encrypt data at rest in a multi-tenancy environment.
Portability constraints resulting from the lack of standardization of cloud services application programming interfaces (APIs) that preclude cloud consumers to easily migrate to a new cloud service provider when availability requirements are not met.
Attacks that exploit the physical abstraction of cloud resources and exploit a lack of transparency in audit procedures or records.
Attacks that take advantage of known, older vulnerabilities in virtual machines that have not been properly updated and patched.
Attacks that exploit inconsistencies in global privacy policies and regulations.
Attacks that exploit cloud computing supply chain vulnerabilities to include those that occur while cloud computing components are in transit from the supplier to the cloud service provider.
How to look into cloud compliance?
