Understand cloud security.
Characteristics of passwords: changed regularly, more than eight characters long, unique for each service, not using personal data, combination of alphanumeric characters, cases and symbols.
Configuration and management of passwords: multi-factor authentication, automated password reset, password policy and enforcement.
Management of users and groups: create security groups, configure security groups, cloud connectivity, invite/edit/remove users, manage application access, check login statistics.
Management of cloud identities: identity provisioning (on-boarding and off-boarding), identity management (across multiple organisations, services, devices).
security threats: insider threats (malicious and accidental), denial-of-service (DoS) attacks, SYN flood, HTTP flood,distributed denial-of-service (DDoS) attack, insecure application programming interfaces (APIs), malware, (spyware, worms, Trojans, viruses, adware, ransomware).
Minimise risk: computer usage policies, staff training, access rights/permissions, regular password resetting, malware software/malware checking, certification of APIs, collaboration of user knowledge/experience, using white/grey hat hackers, SYN cookies, collection of reverse proxies.
Assessment Criteria
-
2.1
Describe the characteristics of passwords and how they are configured and managed in cloud services.
-
2.2
Explain how users, groups and identities are managed in cloud services.
-
2.3
Discuss the security threats to cloud services and the methods available to minimise risk.