Covers the unique risks of cloud environments, auditing IaaS/PaaS/SaaS models, evaluating cloud provider controls (e.g., SOC reports), and assessing cloud security configurations.