Security in the Cloud

---

Goals

• Identify the cloud data life cycle.
• Evaluate cloud data storage architectures.
• Analyze data security strategies.
• Evaluate data discovery and classification technologies.
• Evaluate relevant jurisdictional data protections for personally identifiable information (PII).
• Evaluate data rights management.
• Analyze data retention, deletion, and archiving policies.
• Analyze auditability, traceability, and accountability of data events.
• Analyze risks associated with cloud infrastructure.
• Critique security controls.
• Critique disaster recovery and business continuity management plans.
• Manage the physical infrastructure for the cloud environment.
• Propose the planning process for the data center design.
• Manage the logical infrastructure for the cloud environment.
• Apply risk assessment to the logical and physical infrastructure.
• Analyze the collection, acquisition, and preservation of digital evidence.

Key Concepts

• Shared Cloud Platform Risks and Responsibilities
• Cloud Computing Risks by Deployment Model
• Cloud Computing Risks by Service Model
• Virtualization Risks in the Cloud
• Threats to Cloud Computing
• BC-DR in the Cloud
• Cloud Design Patterns