Length: 2 DAYS

OVERVIEW

Virtualization refers to technologies designed to provide a layer of abstraction between computer hardware systems and the software running on them. By providing a logical rather than a physical view of computing resources, virtualization makes possible many functions, currently the most popular of which is to run multiple operating systems and/or applications on a single physical machine. Virtualization also has many additional benefits, yet vulnerabilities abound in virtual environments. Additionally, virtualization and cloud computing go hand-in-hand. The term “cloud computing” means supplying dynamically scalable and frequently virtualized resources as Internet services. Cloud computing offers a great deal of simplicity, cost savings, improved computing and network performance, and other advantages. At the same time, cloud computing exacerbates security-related risks that exist in conventional networking environments, making control selection and implementation even more difficult.

This two-day course covers fundamental concepts related to virtualization and cloud computing, including risks that are inherent in both and possible controls for mitigating these risks.

ATTENDEES WILL LEARN:

* The nature and benefits of cloud computing, including the types of cloud services that are available

* Security risks in cloud services and available control measures (where they exist)

* Likely future developments in cloud computing and their probable impact upon security

* How to develop an effective strategy for mitigating cloud-related security risk

* What virtualization is and how virtualization works

* Major types of virtualization

* Benefits and downsides (especially from a security perspective) of virtualization

* Controls that counter virtualization-related security risk

* How virtualization technology is likely to evolve over time and the probable impact upon information security

* How to develop an effective strategy for mitigating virtualization-related security risk

WHO SHOULD ATTEND
This course is appropriate for IT security and audit staff and system and network administrators. The subject matter consists of a mixture of technical and non-technical content.

PRE-REQUISITES
A fundamental knowledge of networking and particularly network security is helpful, but is not necessary.