Tag Archives: Cloud

CCSK Domain 11: Incident Response & Resilience

11.1 Incident Response 11.2 Preparation 11.3 Detection & Analysis 11.4 Containment, Eradication & Recovery 11.5 Post-Incident Analysis Flashcards: https://quizlet.com/in/1125762755/ccsk-domain-11-incident-response-resilience-flash-cards/?i=4jehw4&x=1jqt

CCSK Domain 10: Application Security

10.1 Secure Development Lifecycle (SSDLC) 10.2 Architecture’s Role in Secure Cloud Applications 10.3 Identity & Access Management (IAM) and Application Security 10.4 DevOps & DevSecOps 10.4.2 Web Application Firewalls (WAF) & API Gateways Flashcards: https://quizlet.com/in/1125761456/ccsk-domain-10-application-security-flash-cards/?i=4jehw4&x=1qqt

CCSK Domain 9: Data Security

9.1 Primer on Cloud Storage 9.2 Data Security Tools and Techniques 9.3 Cloud Data Encryption at Rest 9.3.2 Cloud Data Key Management Strategies 9.3.3 Data Encryption Recommendations 9.4 Data Security Posture Management (DSPM) 9.5 Object Storage Security 9.6 Data Security for Artificial Intelligence Flashcards: https://quizlet.com/in/1125655369/ccsk-domain-9-data-security-flash-cards/?i=4jehw4&x=1jqt

CCSK Domain 8: Cloud Workload Security

8.1 Introduction to Cloud Workload Security 8.2 Securing Virtual Machines (VMs) 8.3 Securing Containers 8.4 Securing Serverless & FaaS 8.5 Securing AI Workloads Flashcards: https://quizlet.com/in/1125654258/ccsk-domain-8-cloud-workload-security-flash-cards/?i=4jehw4&x=1jqt

AWS Security – Part 1- Securing Root Account with MFA

Task: Create AWS account and set up for below tasks What is the need to perform this: Securing an AWS root account is crucial because it has unrestricted access to all resources and services within your AWS environment. If compromised, an attacker could delete resources, steal data, or even lock you out of your ownContinue reading “AWS Security – Part 1- Securing Root Account with MFA”

DevSecOps – Secure Software Development

TryHackMe’s DevSecOps Learning Path focuses on securing pipelines and introducing Infrastructure as Code (IaC) and Containerisation security techniques. You’ll learn the tools and practices to ensure robust development processes and secure software deployment workflows. From fortifying pipelines to automating infrastructure management, you will gain practical insights into modern DevSecOps methodologies. Secure Software Development Lab: IntroductionContinue reading “DevSecOps – Secure Software Development”

Domain 1 – Cloud Computing Concepts & Architectures

Definition of Cloud Computing NIST (SP 800-145) Defines Cloud Computing : Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Abstraction &Continue reading “Domain 1 – Cloud Computing Concepts & Architectures”

Information Security Clauses for business contracts and agreements

In line with ISO 27001 and NIST. General Clauses Confidentiality and Data Protection: a. The Vendor shall treat all data and information provided by [Company Name], including but not limited to personal data, intellectual property, and confidential business information, as strictly confidential and shall not disclose, share, or use such data and information for anyContinue reading “Information Security Clauses for business contracts and agreements”

Lab 2:  Network Security Groups and Application Security Groups

Objective You have been asked to implement your organization’s virtual networking infrastructure and test to ensure it is working correctly. In particular: Exercise 1: Create the virtual networking infrastructure Step 1: Type Virtual networks and press the Enter key and click + Create. Step 2: Fill in the details On the IP addresses tab ofContinue reading “Lab 2:  Network Security Groups and Application Security Groups”