How to secure virtualization layerThreats to the hypervisor
What hardening meansTop ten recommendations for securing virtual serversVulnerabilities resulting from web programming frameworksPreventing attacks on web applicationsThe relationship between DOS attacks and your cloud invoiceGood browser hygiene and cloud securityCompartmentalization and isolation in virtual multi-tenantenvironmentsSecurity standards in PaaS API designFIPSData Protection techniques under the The Data Accountability and Trust ActComparing block symmetric algorthms with streaming symmetric algorthms
Message authentication codes and hash functions.Externalizing authentication: Trust Boundaries and IAMSustaining IAM with rapid turnover and job changesIAM Compliance ManagementIdentity Federation ManagementOAUTHITILISO 27001/27002Vulnerability and Risk assessmentIncident responseWhat can we learn from CCID (Cloud Computing Incidents DatabaseCloud Health monitoring (internal and 3rd party)Reading a Cloud Security Provider agreementDiscussing the data life cycle in the context of cloud
computingFacebook’s new privacy initiativeCloud Security and the Federal Rules of Civil ProcedureWith different types of cloud service delivery, what are the different licensing requirements that an owner must beaware of when moving to the cloud.Discuss Shared technology vulnerabilities in the cloud, How does a customer know what software versions cloud providers are using? Without that knowledge how can theydo a proper risk assessment? What policies should be in place for users to help reduce cloud based threats.How can a consumer evaluate the physical security of their cloud provider? What standards should apply. What external and internal barriers should be in place? What access controls? What sort of surveillance should be provided, power redundancy, and fire suppression? Is a service contract sufficient? Should physical inspection be available? What about physical location? Are their volcanoes, tornadoes, earthquakes or other natural disasters common? Is the site near political unrest? Access to
water? Outside temperature? Is there a physical buffer? Should the walls be made of ballistic material to withstand explosions? StaffingDiscuss the four tiers of Uptime Institutes functional recommendations for physical security for data centers. What is a hypervisor? Differentiate between type I and type II. What are the security vulnerabilities of each?
- Spring '14