MODULE 8 — Cloud Security & Virtualisation
Learning Objectives
Learners will:
- Understand cloud service models (IaaS, PaaS, SaaS).
- Analyse shared responsibility models.
- Identify cloud misconfigurations.
- Apply controls for secure cloud operation.
Module Overview
Cloud computing introduces new security paradigms. This module addresses risks and best practices in cloud-native environments.
1. Cloud Architecture Threats
- Misconfigured storage buckets
- Excessive IAM permissions
- Unsecured access keys
- VM escape attacks
- Insecure APIs
2. Shared Responsibility Models
Cloud providers secure infrastructure; customers secure data, configuration, access, and workload logic.
3. Identity & Access Management (IAM) Risks
- Over-privileged roles
- Lack of MFA
- Orphaned accounts
4. Virtualisation Security
- Hypervisor attacks
- Side-channel vulnerabilities
- VM isolation
5. Cloud Monitoring & Logging
- CloudTrail
- Security Command Center
- SIEM integration
Summary
Cloud security requires strict configuration, continuous monitoring, and least-privilege access design.