Service Models (OBJ 1.6) Service models. In this lesson, we’re going to dig into the different type of cloud service models. When I’m talking about cloud service models, I’m talking about classifying the provision of cloud services and the limit of the cloud service provider’s responsibility as either software, platform, infrastructure, or some other thing. Essentially, when we talk about something as a service, this is what we’re talking about. What type of cloud service model are you using? Usually when we talk about cloud services, we talk about them…

Cloud Models (OBJ 1.6) Cloud models. These days, cloud computing is such a buzzword and everybody wants to migrate into the cloud. If you’re working as a cybersecurity analyst though, you have to understand the vulnerabilities associated with moving into the cloud. And that’s what we’re going to be focused on here. Now, while there is great savings to be had by moving to the cloud, we have to make sure we understand those security risks. But before we can dive into all those security risks, we really have to…

Machine Learning (OBJ 3.4) Machine learning. In this lesson we’re going to talk about machine learning and a couple of related concepts. These are known as artificial intelligence or AI. Machine learning or ML and deep learning. First, let’s talk about artificial intelligence. Now, artificial intelligence is the science of creating machines with the ability to develop problem solving and analysis strategies without significant human direction or intervention. Essentially, we want to have a machine that can think for itself. Now there are a lot of great things that we…

CI/CD (OBJ 3.4) CICD. In this lesson, we’re going to talk about three concepts. This is known as continuous integration, continuous delivery, and continuous deployment. Before we do that though, we really have to take a look back to the way the code is made and deployed in most of our environments. Now, in the old days, the way we would do things is very linearly. We would start out with development and we would start taking the code and putting it together and figure out what it’s going to…

OWASP ZAP (OBJ 1.4) OWASP Zap. In this lesson we’re going to talk about the Owas Foundations Zap program. Now, Zap is the Zach proxy, also known as Zap. It’s an open source interception proxy and web application assessment tool that’s written in Java. Now because it’s written in Java. It works on Windows systems, Linux systems and Mac systems. Just like Burp suite does. Now, this is an open source program, which means you, you can actually take that code and modify it to your heart’s content and they…

Dynamic Analysis (OBJ 1.4) Dynamic analysis. So up to this point we’ve talked about static analysis and going through the code line by line using our decompiler. In this lesson, we’re going to talk about why you might want to do dynamic analysis instead. Now when you do static analysis, we’re going to be looking through the disassembled code. But that’s far from perfect because a lot of times it’s been changed and modified so we can’t see what’s going on. So when a malware writes, takes their code and…

Software Assessments (OBJ 2.2) Software assessments. In this lesson, we’re going to talk about the different types of software assessments because it’s really important for you to have a comprehensive testing program that validates the effectiveness of your protection of confidentiality, integrity and availability within your software. If you’re doing any kind of web application development or software development, it is really crucial that you have a comprehensive testing program in place. Now, the things we’re going to talk talk about in this lesson include things like static code analysis,…

Important Pointers – Domain 4 Hey everyone and welcome back. In today’s video we will be discussing about some of the important pointers. For exam for the domain. For now the first and the very important part that you need to remember is the identity and access management. You should expect that there will be a lot of questions related to troubleshooting the im policies. So be very familiar about writing I am policies. You should be familiar with that. Also be aware about the IAM policy evaluation logic. So…

Important Pointers – Domain 1 Hey everyone and welcome back. In today’s video we’ll be discussing about some of the important pointers with respect to exam for the domain bun of incident response. Now, the first thing that you need to remember before you go ahead and sit for exams is how you can go ahead and deal with exposed access and secret keys. So Exam might have a question which will look into your ability ability on whether you know, on how will you handle if someone has leaked…

Glacier Vault and Vault Lock Hey everyone and welcome back. In today’s video, we will be discussing about the Glacier vault. Now, if you remember, AWS Glacier is basically an extremely low cost storage service, which allows us to store data securely as well as in a durable fashion. Now, Glacier is similar to S Three, but in terms of retrieval time, s Three is much more faster or any in terms of, let’s say you want to host a website, s Three really provides great solutions there. However, Glacier…