Practices and technologies designed to protect cloud-based systems, data, and infrastructure from threats.

Different types of cloud services: IaaS, PaaS, and SaaS, each with unique security considerations.

Cloud service model providing virtualized computing resources over the internet, requiring strong security measures.

Cloud service model that offers hardware and software tools over the internet, focusing on application security.

Cloud service model delivering software applications over the internet, emphasizing user data protection.

Process of identifying potential threats to a system and determining mitigation strategies.

Evaluation of potential risks that could harm an organization’s assets or operations.

Framework for managing user identities and access rights to secure cloud resources.

Access control method based on user roles within an organization, enhancing security management.

Regulatory guidelines (e.g., GDPR, HIPAA) that organizations must follow to ensure data protection.

EU regulation on data protection and privacy, affecting how organizations handle personal data.

US law that mandates data privacy and security provisions for safeguarding medical information.

Preparation and procedures for responding to security incidents to minimize damage.

Design and structure of security controls and processes to protect an organization’s assets.

A weakness in a system that can be exploited by threats to gain unauthorized access.

Actions taken to reduce the impact or likelihood of potential security threats.

The path or method used by an attacker to gain access to a system or network.

Measures implemented to protect information systems from security threats.

The process of converting data into a coded format to prevent unauthorized access.

An event that indicates a potential breach of security policies or practices.

A vulnerability or weakness in the security posture of an organization.

Visual representation of the components and relationships within a cloud security architecture.

Written records that detail the design, decisions, and processes of a cloud security architecture.

A reflective process where students evaluate their understanding and application of course concepts.