实施公共云端网络保安应用课程
许多机构在商业营运中常应用到云端运算技术,但他们往往忽视了当中的网络保安威胁和不确定性,从而导致不必要的商业损失。
这个为期 2 天的密集式课程,将会透过学习应用程序架构设计、身份和账户管理、控制板面安全管理、网络防火墙管理或安全审计测试等实用知识,让您认识到如何在常见的公共云端环境中(如AWS 和 Azure 环境)安全地架设网络应用程序,从而保障您的网络资产。
(课程内容介绍以英文为准)
Nowadays, many companies employ cloud computing technology in their business operations. However, there are risks associated with it, in addition to security threats and uncertainties.
This intensive 2-day course aims at equipping participants with practical knowledge to deploy web applications in typical public cloud environments (e.g. AWS and Azure environments) using application architecture design, identity and account management, management plane security, network firewall management or security audit testing.
Course Outline
During the workshop, the attendees will be able to have hands on experience to implement a typical web application in a public cloud with various security features that include but not limited to the following areas:
- Secure virtual network architecture design
- Cloud management plane security
- Identity and access management
- Data encryption
- Auto-scaling
- Load balancing
- Log management
- Database management
The workshop will be conducted in AWS (IaaS) and Azure (PaaS) environments. Some of the security features (e.g. WAF, CloudHSM) available on cloud platform will also be introduced.
Target Participants
Individuals who are interested in cloud deployment and familiar with network architecture and management.
- System Integrators
- System Administrators / Engineers / Analysts
- Technical Engineers / Managers
- Information Security Analysts / Managers
Medium of Instruction
Cantonese with English terminology
Training Fee
Early bird price on or before 23 April 2023
– Staff of Organiser or Member of Supporting Organisation: HK$6,400 per person
– Non-member: HK$6,600 per person
Regular Price
– Staff of Organiser or Member of Supporting Organisation: HK$6,600 per person
– Non-member: HK$6,800 per person
Trainers
Dr Ricci IEONG
Principal Consultant, eWalker Consulting (HK) Limited
CISSP, CISA, CCSK, CCSP, CCFP, CEH, F.ISFS, ISSMP, ISSAP, ISO 27001LA, STAR Auditor
Dr IEONG has over 15 years of industry experience in the Information Technology Industry as well as more than 15 years of experience in IT Security area specialised in Security Risk Assessment, IT Audit, Ethical Hacking & Penetration Test, Smart Card & Biometrics System deployment and Computer Forensics Investigation. He currently serves as Principal Consultant of eWalker Consulting Ltd. He is an authorised (ISC)2 Certified Cloud Security Professional (CCSP) and Certificate of Cloud Security Knowledge (CCSK) trainer.
He has worked for HP and founded the first HP e-Security Center (also known as Penetration Test Center) in Hong Kong. He has led and conducted over 100 security assessments, IT Security Audits, penetration tests and incident handling services for HKSAR government departments, banks and multinational organisations in Hong Kong throughout these years. He is one of the founding instructors in the first diploma and graduate diploma course in computer security and forensics investigation recognised by the HKSAR law enforcement team. In year 2002, Dr IEONG was invited by the HK Police Force as the first expert witness in a HK Computer Crime Investigation.
Dr IEONG is a founding member and Council member of the Information Security and Forensics Society (ISFS). He has recently founded the Cloud Security Alliance Hong Kong and Macau Chapter and participated as the Director of Education. He conducted over 20 technical IT security trainings and workshops on cloud computing security in 2010. Besides, he has been invited to provide cloud security awareness training for the general public.
Mr Rafael WONG
Senior Consultant, eWalker Consulting (HK) Limited
CISSP, CISM, CISA, CCSP, CCSK, CEH, GPEN, GWAPT, GCFA, (ISC)² Authorised Instructor
Rafael currently serves as a Senior Consultant of eWalker Consulting (HK) Ltd. and has more than 7 years of industry experience specialising in Security Risk Assessment, IT Audit, Ethical Hacking, Penetration Test and Computer Forensics Investigation.
Throughout Rafael’s career in the IT security field, he has conducted numerous cloud security related trainings and workshops with Dr Ricci IEONG for various organisations, such as Hewlett-Packard (HPE), Hong Kong Productivity Council (HKPC) and so on.
He is an authorised (ISC)2 Certified Cloud Security Professional (CCSP) and Certificate of Cloud Security Knowledge (CCSK) trainer.
Regarding to the Cloud Assessment, Rafael has conducted corresponding security assessment and audit, including public and private cloud security review, cloud application penetration test, for various enterprises.
Certificate of Training
Participants who have attained at least 75% attendance of lecture will be awarded a Training Attendance Certificate.