harness the power of cloud enterprise it program
TRANSCRIPT
1
Visit Online Revision Platform www.cloudclinique.com
Concepts, Characteristics
and Roles
Service and Deployment Models
Systems and
Mechanisms
Platform and Infrastructure Architecture
Service Management and Service Delivery
Datacenter Operations
Business Continuity &
Disaster Recovery
Change Management and Incident Response
Governance and Enterprise
Risk Management
Legal, Compliance and Audit Management
Interoperability and Portability
Testing and Troubleshooting
Identity, Entitlement and Access Management
Data Encryption, Audit and Compliance
Secure Platform Management
Secure IT Operations
Enterprise Information Technology
Foundation Technology and Components
Virtualization and
Multitenancy
Storage Systems and Storage Networks
Network Infrastructure
and Management
2
Foundation Technology and Components 1
Foundation Technology and Components
Foundation Technology
Entry Level
Enterprise
Objectives
Understand the basic technologies, capabilities and tools used to deliver enterprise IT services.
Topics
! Understand Internet components, network and service delivery technologies.
! Understand the characteristics and differences between Internet, Intranet and Extranet.
! Key service delivery capabilities and how they should be delivered.
! Understand web services technology, service orchestration and implementation.
! Explore common administration tools . ! Understand networking tools and technologies.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for CompTIA Cloud+
! Certification concepts for CompTIA Cloud Essentials
! Certification concepts for Cloud School Certified Cloud Professional
Web Site
! www.cloudclinique.com
3
Virtualization and Multitenancy 1
Virtualization and Multitenancy
Foundation Technology
Advanced Level
Enterprise
Objectives
Understand how to create a path to a flexible IT infrastructure with virtualization and multitenancy.
Topics ! Understand the benefits and challenges of virtualization ! Understand how to implement and provision virtual resources ! Consider implications of storage, network and compute
virtualization ! Migration considerations from bare metal to virtualized platform ! Implementing security in a virtualized environment
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for CompTIA Cloud+
! Certification concepts for Cloud School Certified Cloud Professional
Web Site
! www.cloudclinique.com
4
Storage Systems and Storage Networks 1
Storage Systems and Storage Networks
Foundation Technology
Advanced Level
Enterprise
Objectives
Understand how to implement storage systems and storage networking best practices
Topics
! Understand the benefits and challenges of storage systems and networks
! Understand how to select the right storage type and tiering capabilities
! Explore NAS and SAN storage options ! Adopt storage design best practice patterns
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for CompTIA Cloud+
Web Site
! www.cloudclinique.com
5
Network Infrastructure and Management 1
Network Infrastructure and Management
Foundation Technology
Advanced Level
Enterprise
Objectives
Understand how to select the right network infrastructure based on best practices
Topics
! Explore network devices and protocols ! Understand how to select network deployment topologies and
configuration ! Explore network management options and capabilities ! Understand how to leverage network virtualization best
practices ! Understand how to configure networks for performance ! Explore network security best practices.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for CompTIA Cloud+
Web Site
! www.cloudclinique.com
6
Delivery and Deployment Models 1
Delivery and Deployment Models
Platform Architecture
Intermediate Level
Enterprise
Objectives
Understand key IT service delivery and deployment models, use cases, roles and responsibilities.
Topics ! Define public, private, community, hybrid, virtual private and
inter-cloud deployment models, and off-premise and on-premise hosting.
! Understand the various deployment model implementation approaches, roles and responsibilities, and use case.
! Define Infrastructure as a Service, Platform as a Service, Software as a Service, Database as a Service, Communication as a Service, Security as a Service, Anything as a Service models.
! Discuss best practices for service delivery models, roles and responsibilities.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for CompTIA Cloud+
! Certification concepts for CompTIA Cloud Essentials
! Certification concepts for Cloud School Certified Cloud Architect
! Certification concepts for Cloud School Certified Cloud Professional
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
7
Systems and Mechanisms 1
Systems and Mechanisms
Platform Architecture
Advanced Level
Enterprise
Objectives
Enable the implementation of technology systems capabilities that deliver an efficient IT infrastructure and platform.
Topics ! Isolating IT resources from non-authorized users. ! Fixed-increment storage capacity allocation. ! Addressing data security, integrity and confidentiality concerns. ! Addressing legal and regulatory requirements. ! Controlling bandwidth and network impact. ! Remote development and deployment of services and
applications. ! Usage, service level agreement, audit, pay-per-use monitors. ! Increasing reliability and availability of mission critical IT
resources. ! Improving IT resource allocation and computing capacity. ! Increasing system performance and data availability. ! Enabling access to services via a range of devices.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for CompTIA Cloud+
! Certification concepts for CompTIA Cloud Essentials
! Certification concepts for Cloud School Certified Cloud Architect
! Certification concepts for Cloud School Certified Cloud Professional
Web Site
! www.cloudclinique.com
8
Infrastructure Architecture 1
Infrastructure Architecture
Platform Architecture
Advanced Level
Enterprise
Objectives
Implement proven best practice based architectures for delivering an elastic and resilient system infrastructure.
Topics ! Improving I/O performance in a virtualized environment. ! Minimizing redundant copies of data. ! Dynamically avoiding network bottlenecks. ! Vertically scaling requests between storage devices. ! Optimizing the availability of different disk types. ! Avoiding slow data transfers and data loss. ! Accessing IT resources, even when the path is lost. ! Enabling resource connectivity to be highly available. ! Minimizing maintenance downtime.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Programs
! Certification concepts for Cloud School Certified Cloud Professional
! Certification concepts for Cloud School Certified Cloud Architect
Web Site
! www.cloudclinique.com
9
Platform Architecture 1
Platform Architecture
Platform Architecture
Advanced Level
Enterprise
Objectives
Implement best practices architectures for delivering an elastic and resilient application platform.
Topics ! IT resource pools for increased redundancy and scalability. ! Scaling conditions for dynamic resource allocation. ! Load balancing algorithms to optimize resource utilization. ! Flexible scaling architecture to meet high usage demands. ! Billing service consumers for actual resource usage. ! Remote management for bare-metal servers. ! Avoiding manual provisioning in deployments. ! Mitigate network connectivity issues, controller or hardware failures ! Mitigate security breaches. ! Mitigating the failure of a hypervisor on virtual servers. ! Avoiding service unavailability due to maintenance. ! Eliminating physical server single point of failure.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Summary Notes
! Discussion Forum
Certification Resources
! Certification concepts for CompTIA Cloud+
! Certification concepts for Cloud School Certified Cloud Architect
Web Site
! www.cloudclinique.com
10
Service Management and Service Delivery 1
Service Management and Service Delivery
Service Management
Advanced Level
Enterprise
Objectives
Understand best practices for assessing provider viability, defining quality of services and managing service level agreements.
Topics
! Define key service delivery and management concepts. ! Compute resources needed for the delivery of virtual machines. ! Assessing IT service provider viability. ! Components and structure of a service contract. ! Information classification and information management policy. ! Monitoring in an on-premise or off-premise IT environment. ! Planning for future resource utilization. ! Sunk, upfront, on-going, capital, integration and locked-in costs. ! Discuss cost metrics and management considerations. ! Usage and pricing metrics (template formulation and alignment). ! Understand the characteristics of a billing system. ! Critical components and considerations for SLA management.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for CompTIA Cloud Essentials
! Certification concepts for CompTIA Cloud+
! Certification concepts for Cloud School Certified Cloud Professional
Web Site
! www.cloudclinique.com
11
Datacenter Operations 1
Datacenter Operations
Service Management
Advanced Level
Enterprise
Objectives
Implement key datacenter operations, maintenance and secure datacenter design best practices.
Topics ! Datacenter selection considerations. ! Multiple location datacenter considerations. ! Datacenter compliance requirements. ! Datacenter management processes, practices and management. ! Considerations for applications with regulated information. ! Virtual datacenter considerations. ! Key datacenter facility, equipment and power requirements. ! Datacenter equipment maintenance and support systems. ! Datacenter resiliency requirements and implementation. ! Best practices for datacenter virtual, physical and human security.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud School Certified Cloud Professional
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
12
Business Continuity and Disaster Recovery 1
Business Continuity and Disaster Recovery
Service Management
Advanced Level
Enterprise
Objectives
Enables participants to understand key system, business processes and capabilities needed to ensure continuous business operations, along with the ability to recover from a disaster with minimal impact on the business.
Topics
! The need for business continuity planning. ! Organizational structure, roles and responsibilities. ! Recommended recover process and documentation best
practices. ! Provider assessment guidelines for ensuring business continuity. ! Business continuity requirements for mission critical systems. ! Common methods for ensuring sufficient system redundancy. ! Disaster Recovery Plan key considerations. ! Disaster Recovery Metrics useful in developing a DRP. ! Image capture and backup for disaster recovery. ! Disaster recovery tooling requirements.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for CompTIA Cloud+
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
13
Change Management and Incident Response 1
Change Management and Incident Response
Service Management
Advanced Level
Enterprise
Objectives
Understand design and implement guidelines for incident response, lifecycle, change, capacity and configuration management.
Topics
! Lifecycle, capacity, configuration, change management and change management best practices.
! Developing a strategy, plan, and defining stages and goals. ! Best practices for effective incident management and response. ! Unique considerations for cloud deployment. ! Roles and responsibilities. ! Monitoring, logging, reporting and data analysis requirements. ! Testing requirements. ! Impact of virtualization and resource pooling. ! Provider assessment, SLA definition and contracting
requirements. ! The need for documentation at every step of the life cycle. ! Maintenance window best practices. ! Benefits of standardization.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for CompTIA Cloud+
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
14
Enterprise Risk Management 1
Enterprise Risk Management
Enterprise Risk Management
Advanced Level
Enterprise
Objectives
Understand risks, identify compromise risks and vulnerabilities, and implement best practices for risk management.
Topics ! Facets of organizational risk, how to identify exposure, define
scenarios and risk tolerance. ! Best practices for securing organizational commitment, define risk
management process and focus on outcomes. ! Defining the provider risk metrics and methods of assessing third-
party vendor risk and other critical risks. ! Identifying and quantifying risks associated with physical asset. ! Risks associated with identity, access management and
encryption. ! Networking, physical and virtual compute infrastructure risks. ! Denial of Service related risks. ! Governance, compliance, legal, and contractual related risks. ! Third-party provider and vendor lock-in related risks. ! Risks introduced by emerging business models such as cloud. ! Compliance and information security governance requirements. ! Governance roles and best practices for implementing a
governance process. ! Enterprise Risk Management framework characteristics,
responses and outcomes.
Evaluation Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
15
Legal, Compliance and Audit Management 1
Legal, Compliance and Audit Management
Enterprise Risk Management
Advanced Level
Enterprise
Objectives
Understand compliance, audit, regulation, data management and provider contracting best practices.
Topics
! The need for regulation, and how to ensure protect against unregulated areas.
! Security and assurance services to ensure compliance. ! Compliance in emerging business models such as cloud. ! Audit and compliance data considerations. ! Typical sources of information for data protection requirements. ! Data roles and responsibilities. ! Recommended practices for ensuring data access. ! Addressing data jurisdiction challenges. ! Merits of ensuring appropriate data discovery capabilities ! Typical data preservation and compliance requirements ! Legal considerations for service delivery and data compliance. ! Third-party provider selection recommended practices. ! Ensuring compliance with third-party service providers. ! Negotiating and enforcing service provider contracts. ! Service provisioning contract structure for ensuring compliance. ! Knowing when to change providers. ! Recommended auditing practices.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Online Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
16
Interoperability and Portability 1
Interoperability and Portability
Enterprise Risk Management
Advanced Level
Enterprise
Objectives
Understand the need for interoperability and portability, and best practices for avoiding vendor lock-in.
Topics ! The need for interoperability and portability. ! Recommended practices for ensuring interoperability and portability for
application, platform and infrastructure services. ! Security challenges and requirements. ! Benefit of Open APIs. ! Migration considerations.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Online Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
17
Testing and Troubleshooting 1
Testing and Troubleshooting
Enterprise Risk Management
Advanced Level
Enterprise
Objectives
Understand testing and troubleshooting best practices.
Topics
! The impact of emerging business models on testing. ! Data access requirements for conducting testing. ! Testing documentation best practices. ! Network testing recommended practices. ! Availability testing recommended process. ! System and application performance testing. ! Security testing recommended practices. ! Compliance testing recommended practices. ! Configuration testing recommended practices.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Online Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for CompTIA Cloud+
Web Site
! www.cloudclinique.com
18
Identity, Entitlement and Access Management 1
Identity, Entitlement and Access Management
Security
Advanced Level
Enterprise
Objectives
Understand and implement best practices for identity, entitlement and access management in an on-premise and cloud environment.
Topics
! Identity and Enterprise Access Management (IdEA) concepts. ! Multi-system IdEA integration and federation consideration. ! IdEA implementation requirements and key considerations. ! Identity and attribute governance. ! Application design requirements for IdEA. ! Identity consumerization. ! Effective identity and access management administration. ! IdEA in a cloud business model. ! Best practices for identity migration. ! The merits and key capabilities needed from Identity as a Service. ! Identity entitlement process, best practices and automation
thereof. ! Best practices for building trust with identity and attributes.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Online Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
Web Site
! www.cloudclinique.com
19
Encryption and Key Management 1
Encryption and Key Management
Security
Advanced Level
Enterprise
Objectives
Understand data protection risks, compliance requirements and guidelines for encryption and key management.
Topics ! Key encryption concepts, capabilities and operational practices
for securing data with encryption. ! Encryption and cryptography within the context of emerging
business models such as cloud. ! Alternatives to encryption, and where they might be useful. ! Best practices for encrypting data in databases. ! Recommended practices for encryption key management and
storage from a provider and consumer perspective. ! The motivation and considerations for hardware encryption. ! Scaling Certificate Authorities and key revocation. ! Key characteristics of Encryption as a Service. ! Recommended practices for secure and effective data deletion. ! Data leak risks and mitigating actions. ! Considerations for data protection in large scale systems. ! Practices for dispute resolution. ! Storage and management of personal data. ! Data Loss Prevention services. ! Data Dispersion to enhance data availability and assurance. ! Auditing and demonstrating compliance. ! Common threats and mitigating actions. ! Infrastructure and application compliance building blocks. ! Best practices for intrusion detection and prevention.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Online Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
! Certification concepts for Cloud School, Cloud Architect Certification
Web Site
! www.cloudclinique.com
20
Secure Platform Management 1
Secure Platform Management
Security
Advanced Level
Enterprise
Objectives
Securing IT infrastructure, platform and applications.
Topics
• Authentication options within the enterprise. • Federated authentication, two-factor authentication and single-
sign-on considerations. • Implementing and managing authorization, and enforcing
entitlement based on policies. • Interfacing with the Policy Decision Point and Policy Enforcement
Point for authorization. • Access control, access policy management, and attribute based
authorization. • Common infrastructure vulnerabilities and best practices for
hardening infrastructure components. • Security services implementation in large scale, multi-user, multi-
provider environment. • Implementing automated resource provisioning capabilities. • Infrastructure provider selection considerations. • Application platform security roles and responsibilities. • Restricting customer data to enterprise users and applications. • Web security capabilities and secure application design
principles. • Secure software development lifecycle and code review practices. • Recommended practices for software assurance. • Identity and attribute provisioning lifecycle management. • Web application penetration testing. • Interoperability testing and implementation best practices.
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Online Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge
21
Secure IT Operations 1
Secure IT Operations
Security
Advanced Level
Enterprise
Objectives
Understand key roles, responsibilities and liabilities in an IT environment, including best practices for building trust.
Topics ! Assigning security responsibilities and liability implications. ! Implementation best practices for IT service delivery models. ! Identifying and on-boarding personnel. ! Considerations for storing and managing sensitive data. ! Security training recommendations. ! Security access management review. ! Contract and SLA negotiation. ! Disclosure risks. ! Change control procedure and policy risks. ! Remote and physical access control policies. ! Documentation requirements. ! Reducing risk with staging environment. ! Host, network and application controls. ! Policies and procedures for backup and storage. ! Use of security certification. ! Return on security investments (ROSI) ! Effects of different forms of reporting breaches on security ! Increasing transparency while maintaining appropriate levels of
security ! Environmental controls, power and maintenance considerations ! Inventory management. ! Networking security and storage media destruction. ! Security audit and compliance. ! Security as a Service (SecaaS) benefits, challenges and adoption
practices. ! Security as Service intrusion detection requirements ! Security Information and Event Management (SIEM) systems
SecaaS requirements
Evaluation
Online assessment on cloudclinique.com. 50 questions for 30 minutes.
Online Resources
! Presentation Slides
! Revision Quizzes
! Discussion Forum
Certification Resources
! Certification concepts for Cloud Security Alliance, Certificate for Cloud Security Knowledge