Domain 5 Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Here we are. We've finished another domain.
00:00
In this lesson, we want to cover
00:00
the concepts that we went over in
00:00
domain five, Cloud security operations.
00:00
We want to talk about the importance
00:00
of what we've covered in domain five,
00:00
and then we also want to relate the information of
00:00
domain five to the other domains we've covered so far.
00:00
In domain five, we covered many of
00:00
the Cloud security
00:00
operational concerns around patch management,
00:00
updates and change and configuration management.
00:00
We talked about it made the best practices for making
00:00
changes to Cloud environments in a safe manner.
00:00
Then we talked about security operations.
00:00
We talked about the SOC,
00:00
>> the challenges of Blogger view,
00:00
>> and how monitoring within
00:00
>> the Cloud environment is done.
00:00
>> Then once something is detected,
00:00
in the security operations process,
00:00
how incident response kicks in to isolate
00:00
and minimize the amount of damage
00:00
or impact of a security incident
00:00
>> in a Cloud environment.
00:00
>> Then lastly, we've finished with
00:00
talking about the treacherous 12,
00:00
all the major Cloud risks that can
00:00
happen and how you can protect
00:00
your organization through effective controls to reduce
00:00
the risks of these threats
00:00
impacting your Cloud environment.
00:00
We're at the end of a domain,
00:00
so let's reflect for a moment.
00:00
How are change and configuration management
00:00
handled at your organization?
00:00
We talked about how having really effective
00:00
configuration management sets a security
00:00
and operational baseline for your organization.
00:00
Then we also reviewed the change management process for
00:00
how we are defining what constitutes a change,
00:00
as well as how changes are authorized as well
00:00
as tested before they're
00:00
implemented in the Cloud environment.
00:00
Our second question, which of the treacherous
00:00
12 did you find most interesting?
00:00
For me, I find the existence of advanced,
00:00
persistent threats to be very surprising.
00:00
I'm glad that attacking
00:00
my organization is not someone's nine to five job.
00:00
I don't envy people who work in the government or
00:00
in highly important industries
00:00
that are critical to the nation's protection,
00:00
because there are people,
00:00
very smart people trying to figure out how to
00:00
compromise and disrupt those systems every single day.
00:00
Lastly, how can incident
00:00
response to be approved at your organization?
00:00
Are you effectively using tabletop exercises?
00:00
Do have run-books and procedures to handle
00:00
most major Cloud related incidents?
00:00
These are all considerations when evaluating
00:00
your current incident response process.
00:00
Ultimately in summary, for
00:00
the security operations domain,
00:00
we talked about some of the concepts not covered in
00:00
other domains when it came
00:00
to protecting the Cloud environment,
00:00
ensuring everything is changed in a secure manner,
00:00
as well as how monitoring is
00:00
done over a Cloud environments.
00:00
It's really builds on what we've
00:00
talked about so far because we've covered
00:00
so many different facets of
00:00
Cloud: service models deployments,
00:00
how data is secured,
00:00
and you can see how all these things fit
00:00
together with the controls that we implemented in
00:00
the Cloud to protect against
00:00
these major threats to these
00:00
treacherous 12 that we discussed.
00:00
I hope you see how the concept we've discussed here
00:00
are so important that by
00:00
>> understanding your environment,
00:00
>> make sure you have effective monitoring and
00:00
really ensuring that you
00:00
>> have effective defense in depth.
00:00
>> You can really reduce and address the risks
00:00
associated with many of these major Cloud threats.
00:00
I hope you enjoyed domain five,
00:00
Cloud Security Operations, and I
00:00
will see you in the next lesson.
Up Next