Topic outline

  • Cloud Audit

  • Cloud Compliance

      

    In this cloud certification video podcast, we explore the following concepts:

    - Compliance Definition
    - Compliance Timelines
    - Audit Definition
    - Impact of Regulation
    - Audit Tools
    - Stakeholder Participation
    - Provider Assessment
    - Day 1 Compliance
    - Location Contraints

    • Cloud Data Considerations

        

      In this cloud certification video podcast, we explore the following concepts:

      - Regulation
      - Data Controller
      - Thirdparty Audits
      - Contracting
      - Jurisdiction
      - Service Level Agreement
      - Data Preservation

      • Cloud Encryption Vulnerabilities

          

        In this cloud certification video podcast, we explore the following concepts:

        - Data at Rest
        - Data in Motion
        - Multi-tenancy
        - Hardening

        • Cloud Risk Management Characteristics

            

          In this cloud certification video podcast, we explore the following concepts:

          - Enterprise Risk Management Plan

          • Cloud Risk Management Considerations

              

            In this cloud certification video podcast, we explore the following concepts:

            - Transparency
            - Communication
            - Reviews

            • Cloud Risk Management Guidelines

                

              In this cloud certification video podcast, we explore the following concepts:

              - Risk Framework
              - Corporate Governance
              - Treatment Plans
              - Acceptance Level
              - Jurisdictions
              - Scenario

              • Cloud Risk Management Outcomes

                  

                In this cloud certification video podcast, we explore the following concepts:

                - Possible Outcomes

                • Cloud Provider Viability Assessment

                    

                  In this cloud certification video podcast, we explore the following concepts:

                  - Time in Business
                  - Portfolio Evolution
                  - Backup and Recovery Strategy
                  - Provider Engagement
                  - Acquisition
                  - Supply Chain
                  - Client References
                  - Technical Capabilities
                  - Security Policies
                  - Tools, Processes and Policies
                  - Open Standards
                  - Regulatory Compliance

                  • Cloud Governance

                      

                    In this cloud certification video podcast, we explore the following concepts:

                    - Governance Definition
                    - Information Security Governance
                    - Monitoring Mechanisms
                    - Governance Process
                    - Supply Chain Security
                    - Security Processes
                    - Provider Restrictions
                    - Service Level Agreement
                    - Data Preservation
                    -

                    • Cloud Identity and Access Vulnerabilities

                        

                      In this cloud certification video podcast, we explore the following concepts:

                      - Remote Management Interfaces
                      - Anomaly Detection
                      - Malicious Insider
                      - Privileged Escalation
                      - Two Factor Authentication
                      - Roles and Responsibilities

                      • Cloud Interoperability and Portability

                          

                        In this cloud certification video podcast, we explore the following concepts:

                        - Interoperability Definition
                        - Portability Definition
                        - SaaS Portability
                        - PaaS Portability
                        - IaaS Portability
                        - On-premise Portability
                        - Portability and Interoperability Controls
                        - Data Portability Verification
                        - Secure Data Migration
                        - Migration Testing
                        - Abstraction Layers
                        - Infrastructure Migration
                        - Platform Dependencies
                        - Architecture Documentation
                        - Encryption Key Management
                        - Hybrid Infrastructure
                        - Identity and Authentication
                        - Virtualization
                        - Database Portability
                        - Resiliency
                        - Data Transfer
                        - Log Files
                        - Exit Strategy

                        • Cloud Legal Contracts and Enforcement

                            

                          In this cloud certification video podcast, we explore the following concepts:

                          - Negotiation
                          - Intellectual Property
                          - Compliance
                          - Enforcement

                          • Cloud Legal Contract Vulnerabilities

                              

                            In this cloud certification video podcast, we explore the following concepts:

                            - Jurisdictions
                            - Subpoena
                            - Licensing
                            - Roles and Responsibilities
                            - Contracts

                            • Cloud Lock-in Vulnerabilities

                                

                              In this cloud certification video podcast, we explore the following concepts:

                              - SaaS
                              - PaaS
                              - Dependencies
                              - Migration

                              • Cloud Network Vulnerabilities

                                  

                                In this cloud certification video podcast, we explore the following concepts:

                                - Performance
                                - Security
                                - Resiliency
                                - Diagnostics

                                • Cloud Physical Asset Vulnerabilities

                                    

                                  In this cloud certification video podcast, we explore the following concepts:

                                  - Access
                                  - Perimeter Controls
                                  - Theft
                                  - Asset Classification
                                  - Capacity Planning
                                  - Natural Disasters

                                  • Cloud Provider Selection and Contracting

                                      

                                    In this cloud certification video podcast, we explore the following concepts:

                                    - Legal and Regulatory Requirements
                                    - Contract Negotiation
                                    - Vendor Lock-in

                                    • Cloud Regulatory Landscape

                                        

                                      In this cloud certification video podcast, we explore the following concepts:

                                      - Data Protection Legislation
                                      - Industry Legislation
                                      - European Union Directives

                                      • Cloud Storage Vulnerabilities

                                          

                                        In this cloud certification video podcast, we explore the following concepts:

                                        - Backups
                                        - Log files
                                        - Sensitive data
                                        - Confidential store

                                        • Cloud Testing and Troubleshooting

                                            

                                          In this cloud certification video podcast, we explore the following concepts:

                                          - Role Separation
                                          - Network
                                          - Availability
                                          - Performance
                                          - Replication
                                          - Storage
                                          - Vulnerability
                                          - Blackbox
                                          - Whitebox
                                          - Sandbox
                                          - Compliance
                                          - Configuration
                                          - Data Access
                                          - Migration
                                          - Documentation

                                          • Cloud Vendor Risks

                                              

                                            In this cloud certification video podcast, we explore the following concepts:

                                            - Risk Reward Analysis
                                            - Risk Assessment
                                            - Risk Metrics
                                            - Supply Chain

                                            • Cloud Organizational Risk

                                                

                                              In this cloud certification video podcast, we explore the following concepts:

                                              - Data
                                              - Tolerance
                                              - Scenario Assessment
                                              - Risk vs Reward
                                              - Stakeholder Support

                                              • Cloud Infrastructure Vulnerabilities

                                                  

                                                In this cloud certification video podcast, we explore the following concepts:

                                                - Hypervisor
                                                - VM Hopping
                                                - Entropy