ICT UNIVERSITY

COURSE SYLLABUS

FACULTY MEMBER: Dr. Rene Ekoteson TERM: Fall 2023

COURSE TITLE: Cloud Computing Security

COURSE NUMBER: CS4177/ISN 6106

OFFICE HOURS/METHOD OF CONTACT: [email protected] Cell. +1302-229-1045

Office Hours, Email anytime. We can set up a convenient time if you want to speak on the
phone.
COURSE DESCRIPTION: This course offers a survey of security and privacy issues in Cloud
Computing systems, along with an overview of current best practices and available technologies.
The course examines the Cloud Computing model, the threat model, and security issues related
to data and computation outsourcing, and explores practical applications of secure Cloud
Computing.

COURSE GOALS: Upon successful completion of this course, students will:

 be familiar with the technology that enables and supports the effective use of Cloud
Computing infrastructures;
 be familiar with an array of security and privacy issues in Cloud Computing systems,
current best practices, and open problems;
 be familiar with legal and regulatory issues pertaining to Cloud Computing;
 have experience in discussing and writing about Cloud Computing and security related
issues.

COURSE OUTLINE:

Below is an outline of the weekly modules. During Week 1, students are expected to familiarize
with the course, the syllabus, and the tools available to them.

Week 1 Introduction to Cloud Computing Security

- Overview of cloud computing and its benefits
- Cloud deployment models (public, private,
hybrid)
 - Introduction to cloud service models (IaaS,
PaaS, SaaS)
- Security challenges specific to the cloud

Week 2 Cloud Architecture and Infrastructure

Security
- Understanding cloud architecture and
components
- Virtualization technologies and their impact
on security
- Securing cloud networks and data centers
- Security considerations for cloud service
providers

Week 3 Identity and Access Management in the

Cloud
- Overview of identity and access management
(IAM) principles
- Implementing IAM controls in cloud
environments
- Role-based access control (RBAC) and
permissions
- User authentication and authorization in the
cloud

Week 4 Data Protection and Encryption in the Cloud

- Data classification and protection strategies
- Encryption techniques for data at rest and in
transit
- Key management and encryption key rotation
- Cloud storage security best practices

Week 5 Network Security in Cloud Environments

- Cloud network architecture and security
considerations
- Secure network connectivity (VPN, VPC,
Direct Connect)
- Network segmentation and isolation
techniques
- Intrusion detection and prevention systems
(IDS/IPS) in the cloud
Week 6 Cloud Application Security
- Securing cloud-based applications (web,
mobile, API)
- Common vulnerabilities and countermeasures
- Secure coding practices for cloud applications

Week 7 Cloud Incident Response and Forensics

- Developing an incident response plan for
cloud environments
- Incident detection, analysis, and containment
in the cloud
- Digital forensics in the cloud
- Legal and regulatory considerations in cloud
incident response

Week 8 Cloud Compliance and Governance

- Regulatory compliance requirements (e.g.,
GDPR, HIPAA)
- Industry standards and frameworks for cloud
security
- Cloud audit and compliance monitoring
- Establishing a cloud governance framework

Week 9 Cloud Security Monitoring and Threat

Intelligence
- Cloud security monitoring tools and
techniques
- Cloud-specific threat intelligence sources
- Security event correlation and log
management
- Real-time threat detection and incident
response in the cloud

Week 10 Cloud Security Best Practices and Emerging

Trends
- Continuous security improvement in the cloud
- Cloud security automation and orchestration
- DevSecOps and security in the cloud-native
era
- Emerging trends and future directions in cloud
security
Final letter grades are assigned as follows:

Point % range Letter grade

97% - 100% A+
93% - 96.9% A
90% - 92.9% A-
87% - 89.9% B+
83% - 86.9% B
80% - 82.9% B-
70% - 79.9% C
0% - 69.9% F