Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Udacity

Cloud Security Foundations

via Udacity

Overview

Cloud Security Foundations provides a comprehensive overview of essential security principles tailored for cloud environments. The course covers the CIA triad and core security principles, the Zero Trust architecture, and the importance of defense in depth. Learners will explore identity and access management (IAM), emphasizing least privilege access and diagramming cloud architectures. Key topics include data security fundamentals, network security, encryption, and the automation of security measures through Infrastructure as Code. Additionally, students will learn about compliance frameworks, monitoring cloud workloads, and leveraging AI for threat detection. By the end of the course, participants will have a solid foundation to secure cloud infrastructures effectively.

Syllabus

  • Security Foundations: CIA Triad and Core Principles
    • Introduces the CIA Triad (Confidentiality, Integrity, Availability) as the core of security. It explains attack vectors, security controls, and Defense in Depth — layering protections at every level.
  • Security Lifecycle and Zero Trust Architecture
    • Security Lifecycle includes Least Privilege - four elements (Protection, Detection, Verification, Reaction), and Zero Trust — never trust, always verify, even on internal networks.
  • Applying Defense in Depth
    • Key principles include using named accounts only, encrypting all communications, auditing everything, and limiting network access with layered controls to support CIA and Zero Trust.
  • IAM Fundamentals and Identity Types
    • Learn IAM fundamentals for the cloud, identity types (users, groups, roles), and policy-based access, enabling secure, scalable management of permissions and resources.
  • Enforcing Least Privilege in Access Design
    • Master enforcing least privilege by avoiding excess permissions, rotating tokens, and implementing access policies using real-world cloud examples and hands-on exercises.
  • Diagramming Cloud Architecture
    • Learn to diagram cloud architecture by modeling AWS environments in Lucid Chart, identifying core components, security groups, and IAM elements for secure cloud design.
  • Policy Logic and Access Models (RBAC & ABAC)
    • Explore RBAC and ABAC access models, key policy logic, evaluation, and management types to ensure secure, dynamic, and manageable permissions in cloud environments.
  • Building and Testing IAM Configurations
    • Learn to design effective IAM strategies, create users, groups, and policies, and test permissions for secure, manageable cloud access control.
  • Managing the 4 A’s of IAM
    • Explore the 4 A’s of IAM—Administration, Authentication, Authorization, and Auditing—through theory, a demo, and a hands-on audit simulation in AWS CloudTrail.
  • Data Security Fundamentals
    • Learn core data security principles for cloud systems: encryption (at rest and in transit), key management, data masking, and compliance frameworks to protect and control sensitive information.
  • Network and Perimeter Security in the Cloud
    • Explore cloud network and perimeter security through firewalls, DDoS mitigation, load balancing, network segmentation, and access controls to protect cloud resources.
  • Encrypting and Protecting Data in the Cloud
    • Learn to secure cloud data using encryption, manage keys and secrets, automate SSL/TLS, and implement encryption for cloud storage and databases with hands-on AWS demos.
  • Monitoring and Securing Cloud Workloads
    • Learn to monitor, secure, and ensure compliance of cloud workloads using AWS tools like CloudTrail, CloudWatch, GuardDuty, and Config with hands-on setup and incident detection exercises.
  • Security Automation and Infrastructure as Code
    • Explore how security automation and Infrastructure as Code (IaC) ensure consistent, scalable, and proactive cloud security through automated policies and code-based infrastructure management.
  • Cloud Compliance and Governance Frameworks
    • Explore cloud governance: shared responsibility, compliance frameworks, and continuous audit automation to ensure secure and compliant cloud operations.
  • Automating Security and Compliance Checks
    • Learn how to automate security and compliance checks in the cloud using CI/CD pipelines, secure secrets management, and Infrastructure as Code for continuous enforcement.
  • AI and Threat Detection in the Cloud
    • Explore how AI enhances cloud threat detection with behavioral analytics, automated alerts, and hands-on AWS GuardDuty threat response simulation.
  • Securing Cloud Workloads
    • AWS security project covering IAM least-privilege policies, encrypted EBS volumes, SSH-restricted security groups, CloudTrail auditing, and GuardDuty automated threat alerting via SNS.

Taught by

Travis Scotto

Reviews

Start your review of Cloud Security Foundations

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.