Ground School for Cloud Security
The purpose of SEC388 is to learn the fundamentals of cloud computing and security. We do this by introducing, and eventually immersing, you in both AWS and Azure; by doing so, we are able to expose you to important concepts, services, and the intricacies of each vendor's platform. This course provides you with the knowledge you need to confidently speak to modern cybersecurity security issues brought on by the cloud, and become well versed with applicable terminology. You won't just learn about cloud security, you will learn the "how" and the "what" behind the critical cloud security topics impacting businesses today.
This course will help your organization:
- Develop professionals - technical or managerial - that know how to use AWS and Azure services
- Anticipate what cloud security threats are applicable to your business
- Learn how to mitigate threats
- Create a culture where security empowers the business to succeed
- Make sense of different cloud-based services
- Understand and analyze risk in the cloud
- Interact with Azure and AWS environments using a browser and command line tools
- Change behavior and build a security-aware culture
- Deploy and integrate cloud services in AWS and Azure
- Get up to speed quickly on cloud security issues and terminology
- Detect and effectively respond to a simulated cloud breach
- Speak the same language as technical security professionals
- Learn how to automate common tasks using cloud shells
- Defend cloud services from attacks
- Track, audit and manage budgeting in your cloud environments
All labs in SEC388 are focused on Azure and AWS and involve directly interacting with each cloud service provider. Students will use a browser to access each cloud environment to gain familiarity with cloud computing concepts. During labs, students will implement cloud services, deploy a cloud-based website, and perform essential security tasks in order to become accustomed to cloud computing and cloud security. The total time committed to labs is about 37% of the course.
Section 1: Cloud Account Creation/Finalization, Cloud Interfaces, Introduction to the Command Line, Billing and Cost Calculation
Section 2: VM Deployment, Secure Storage Implementation, Website Integration, Alert Generation
Section 3: Cloud Incident Response, Vulnerability Identification & Remediation, Cloud Security Tools, Attacking the Cloud
Section 1: Introducing cloud terminology, computing and security topics
Section 2: Deploying and implementing common cloud services
Section 3: Identifying cloud threats and implementing applicable solutions
ADDITIONAL FREE RESOURCES:
WHAT YOU WILL RECEIVE:
- Electronic courseware containing the entire course content
- Printed course books
- Access to repeatable interactive hands-on labs
- MP3 audio files of the complete course lecture
- Access to Slack Cloud Security Alumni channel
WHAT COMES NEXT:
Technical Cloud Practitioners:
Cloud Security Managers and Leaders:
Important! Bring your own system configured according to these instructions!
A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.
Students Need to Have:
- A laptop with the Google Chrome web browser. The laptop should have unrestricted access to the Internet and full administrative access.
- An OpenSSH client installed on their laptop
- Adobe Acrobat Reader or other PDF reader application
- A brand new free tier Amazon Web Services (AWS) account or an existing AWS account with root access and no restrictions (estimated cost is $5)
- A brand new free trial Azure account or an existing Azure account with owner access and no restrictions
- The Secure Shell App installed Chrome
- NOTE: Consider purchasing a mouse, if you do not already have one.
It is critical that you back-up your system before class. It is also strongly advised that you do not bring a system storing any sensitive data.
System Hardware Requirements
- Hard Drive Free Space: No course VM is used in this course: Labs are performed the web browser and a locally-installed OpenSSH client.
- Operating System: Windows or macOS operating systems are supported.
Additional Hardware Requirements
The requirements below are in addition to the baseline requirements provided above.
Laptop Requirements for SEC388: Network, Wireless Connection: A wireless 802.11 network adapter is required. This can be the internal wireless adapter in your system or and external USB wireless adapter.
SANS has begun providing printed materials in PDF form. Additionally, certain classes are using an electronic workbook in addition to the PDFs. The number of classes using eWorkbooks will increase quickly. In this new environment, we have found that a second monitor and/or a tablet device can be useful for keeping the class materials visible while the instructor is presenting or while you are working on lab exercises.
If you have additional questions about the laptop specifications, please contact firstname.lastname@example.org.
"Cloud computing is not new and the adoption of the cloud by organizations continues to grow at an astounding rate. Due to this, many people are finding themselves in the position where it clearly makes sense to learn more about cloud computing. Interestingly, this rise in cloud computing has brought forth a rise in cloud-related breaches - and it makes perfect sense why. As we see with any new frontier in computer science, what's old is new again, and many of the mistakes of the past, are being revived in today's modern world of cloud computing. It is critically important to develop the skills and knowledge needed to positively influence cloud security in every capacity we can influence. Regardless of your background, SEC388's entry-level approach and focus on cloud computing and security will help you prepare for a rewarding career, just as it will help level-up your skills as an accomplished professional, ultimately preparing you for success in a world of cloud computing."
- Serge Borso
"Serge is the best instructor I've ever had! He's so knowledgeable and has a great teaching style. Very relatable and helps when people have questions." - Seth J., SEC542 student