CIS 420 - Cloud Security 5 Credits
Students must be admitted into Cybersecurity and Forensics BAS program to take this class. This course focuses on how to secure cloud servers and data in the cloud. Students will examine the various contracts available from cloud service providers; explore what it entailed in creating your own private cloud and what is involved in securing both. Students will have to design a secure network that includes a cloud component. They will then test against standard attacks including new ones that may come in the news during class. This class focuses on the cloud aspects of security and monitoring
Pre-requisite(s) CIS 320
Program Admission Required Yes Admitted Program BAS - CIS
Designed to Serve For students admitted to the BAS program in CyberSecurity and Forensics.
Active Date 2015-05-28
Grading System Decimal Grade
Class Limit 24
Contact Hours: Lecture 44 Lab 22 Worksite 0 Clinical 0 Other 0
Total Contact Hours 66
Introduction to Cloud Computing and Security
Evolution of Cloud Computing, Understand different deployment and service models of cloud computing (CC), NIST definition of Cloud Computing, SaaS, PaaS, PaaS, private, public, community and hybrid
Identify different security threats in data communication and Cloud Computing
Data in Motion, Data in Process, Data at Stay, Access Control, Data Separation
Common threats in Cloud Computing (according to Cloud Security Alliance)
Abuse and Nefarious Use of Cloud Computing, Insecure Interfaces and APIs, Malicious Insiders, Shared Technology Issues, Data Loss or Leakage, Account or Service Hijacking, Unknown Risk Profile
Cloud Computing Security Strategy
System hardening, patch and configuration management, internal policy, application security for IaaS, PaaS, and PaaS, auditing, threat analysis, risk management, account control, physical access
Installation, Maintenance and Optimization of Cloud Computing
Build and configure cloud system by using various cloud computing tools, load balance, backup
Penetration testing in Cloud Computing
Perform penetration testing by using various tools to discover threats in: IaaS, PaaS, IaaS Hypervisor and WebApps and Internal Iaas/PaaS network and hosts, Pentesting tools may include: Nmap, Nessus, Metasploit Framework, Nikto, Wireshark, KisMAC and Kismet, Ethics and legal issues
Intrusion detection and Response
Identify security threats and vulnerabilities to cloud computing system
Countermeasures used to defend against attacks and weaknesses.
Use evidence gathering procedures and tools to investigate intrusion and create incident response report
Disaster Recovery Plan (DRP) in Cloud Computing
Examine the effect of threats and vulnerabilities on Cloud Computing systems
Perform risk and impact analysis to determine the probable cost of risk exposure in CC.
Perform a risk assessment and examine common risk management strategies in CC
Develop a proactive disaster recovery plan for an IS. The following terminologies must be covered in this section:
DRP, Recovery Time Objective (RTO), Recovery Point Objective (RPO), Identify key events triggers disaster and assess the impact, Cost constraints in terms initial cost, data transfer and data storage. Evaluate risk, types of disaster such as natural and man-made disaster, sabotage and cyber-warfare, Business Impact Analysis (BIA)
Student Learning Outcomes
Prepare reports on various Cloud Computing deployment methods and service models. Use charts, graphs and statistics to compare and point out the advantage and disadvantage of each type.
Prepare reports on common data communication security threats.
Prepare reports on different threat types of Cloud Computing. Select various types of security threats to be used on lab environment.
Perform system hardening in lab and prepare report on the best cloud computing security practice.
Perform cloud system optimization, monitoring load balance in lab.
Perform penetration testing on cloud by using various types of penetration testing tools and document the process.
Perform intrusion detection by using various network management tools and report the intrusion and prepare network incident reports .
[Add to Portfolio]