Contents

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

Contents at a Glance

CONTENTS

Acknowledgments

Chapter 1 Cloud Computing Concepts and Architectures

Cloud Logical Model

Cloud Computing Definitions

Essential Characteristics

Cloud Service Models

Cloud Deployment Models

Cloud Security Scope and the Shared Responsibility Model

Shared Responsibility Model

Cloud Security Alliance Tools

Cloud Controls Matrix

Consensus Assessments Initiative Questionnaire

Cloud Reference and Architecture Models

Chapter 2 Governance and Enterprise Risk Management

Governance Backgrounder

Cloud Governance

Risk Management

Risk Management Backgrounder

Cloud Risk Management

The Effects of Service and Deployment Models

Cloud Risk Management Trade-Offs

Assessing Cloud Service Providers

Chapter 3 Legal Issues, Contracts, and Electronic Discovery

Legal Frameworks Governing Data Protection and Privacy

Required Security Measures

Restrictions to Cross-Border Data Transfers

Regional Examples

Asia Pacific Region

European Union and European Economic Area

Contracts and Provider Selection

Internal Due Diligence

Monitoring, Testing, and Updating

External Due Diligence

Contract Negotiations

Third-Party Audits and Attestations

Electronic Discovery

Possession, Custody, and Control

Relevant Cloud Applications and Environment

Searchability and E-Discovery Tools

Data Retention Laws and Recordkeeping Obligations

Data Collection

Reasonable Integrity

Native Production

Cooperation Between Provider and Client in E-Discovery

Response to a Subpoena or Search Warrant

Chapter 4 Compliance and Audit Management

Compliance Backgrounder

Impact of the Cloud on Contracts

How the Cloud Changes Compliance

Compliance Inheritance

Continuous Compliance

Audit Backgrounder

Audit Management in the Cloud

SOC Reports and ISO Certifications Backgrounder

SOC Backgrounder

ISO Backgrounder

How the Cloud Changes Audits

Auditor Requirements

Chapter 5 Information Governance

Cloud Information Governance Domains

Information Classification Backgrounder

Information Management Backgrounder

The Data Security Lifecycle

Locations and Entitlements

Functions, Actors, and Controls

Chapter 6 Management Plane and Business Continuity

Management Plane

Application Programming Interface Backgrounder

Accessing the Management Plane

Securing the Management Plane

Business Continuity and Disaster Recovery in the Cloud

BCP/DR Backgrounder

Architecting for Failure

Business Continuity Within the Cloud Provider

Chaos Engineering

Business Continuity for Loss of the Cloud Provider

Continuity for Private Cloud and Providers

Chapter 7 Infrastructure Security

Cloud Network Virtualization

OSI Reference Model Backgrounder

Networking Planes Backgrounder

Software Defined Networking

Network Functions Virtualization

How Security Changes with Cloud Networking

Challenges of Virtual Appliances

Benefits of SDN Security

Microsegmentation and the Software Defined Perimeter

Additional Considerations for CSPs or Private Clouds

Hybrid Cloud Considerations

Cloud Compute and Workload Security

Compute Abstraction Technologies

How the Cloud Changes Workload Security

Immutable Workloads Enable Security

The Impact of the Cloud on Standard Workload Security Controls

Changes to Workload Security Monitoring and Logging

Changes to Vulnerability Assessment

Chapter 8 Virtualization and Containers

Major Virtualization Categories Relevant to Cloud Computing

Compute Virtualization

Network Virtualization

Storage Virtualization

Container Definitions Backgrounder

Container Security Recommendations

Chapter 9 Incident Response

Incident Response Lifecycle

Incident and Event Backgrounder

Preparation Phase

Detection and Analysis Phase

Containment, Eradication, and Recovery Phase

Post-Incident Activity Phase

How the Cloud Impacts Incident Response

Detection and Analysis

Containment, Eradication, and Recovery

Post-Incident Activity

Chapter 10 Application Security

The SSDLC and Cloud Computing

Secure Design and Development

Secure Deployment

Cloud Impacts on Vulnerability Assessments

Cloud Impact on Penetration Testing

Deployment Pipeline Security

Impact of IaC and Immutable Workloads

Secure Operations

How the Cloud Impacts Application Design and Architectures

Microservices Backgrounder

The Rise and Role of DevOps

DevOps Backgrounder

Security Implications and Advantages of DevOps

Chapter 11 Data Security and Encryption

Data Security Controls

Cloud Data Storage Types

Managing Data Migrations to the Cloud

CASB Backgrounder

Securing Cloud Data Transfers

Securing Data in the Cloud

Cloud Data Access Controls

Storage (at Rest) Encryption and Tokenization

Key Management (Including Customer-Managed Keys)

Data Security Architecture

Monitoring, Auditing, and Alerting

Additional Data Security Controls

Cloud Platform/Provider-Specific Controls

Data Loss Prevention

Enterprise Rights Management

Data Masking and Test Data Generation

Enforcing Lifecycle Management Security

Chapter 12 Identity, Entitlement, and Access Management

How IAM Works in the Cloud

Federation Backgrounder

Managing Users and Identities for Cloud Computing

Authentication and Credentials

Entitlements and Access Management

Privileged User Management

Chapter 13 Security as a Service

Potential Benefits and Concerns of SecaaS

Major Categories of SaaS Offerings

Identity, Entitlement, and Access Management Services

Cloud Access Security Broker

Web Security Gateway

E-mail Security

Security Assessment

Web Application Firewall

Intrusion Detection/Prevention

Security Information and Event Management (SIEM)

Encryption and Key Management

Business Continuity and Disaster Recovery

Security Management

Distributed Denial of Service Protection

Chapter 14 Related Technologies

Distributed Data Collection Backgrounder

Hadoop Backgrounder

Security and Privacy Considerations

Data Collection

Security Capabilities

Identity and Access Management

Internet of Things (IoT)

Mobile Computing

Serverless Computing

Chapter 15 ENISA Cloud Computing: Benefits, Risks, and Recommendations for Information Security

Security Benefits of Cloud

Security and the Benefits of Scale

Security as a Market Differentiator

Standardized Interfaces for Managed Security Services

Rapid, Smart Scaling of Resources

Audit and Evidence Gathering

Timely, Effective, and Efficient Updates and Defaults

Audit and SLAs Force Better Risk Management

Benefits of Resource Concentration

Top Security Risks

IT Risk Backgrounder

Loss of Governance

Isolation Failure

Compliance Risks

Management Interface Compromise

Data Protection

Insecure or Incomplete Data Deletion

Malicious Insider

Five Key Legal Issues Common Across All Scenarios

Data Protection

Confidentiality

Intellectual Property

Professional Negligence

Outsourcing Service and Changes in Control

Additional Items for the Exam

Open Virtualization Format

Economic Denial of Service

Licensing Risks

Risk Concerns of a Cloud Provider Being Acquired

Data Controller vs. Data Processor Definitions

Guest System Monitoring in IaaS Responsibilities

User Provisioning Vulnerability

Underlying Vulnerability in Loss of Governance

Risks R.1–R.35 and Underlying Vulnerabilities

Appendix A Cloud Computing Security Policy Examples

Cloud Security Policy: Centralized Example

Cloud Security Policy: Classification Example

Appendix B About the Online Content

System Requirements

Your Total Seminars Training Hub Account

Single User License Terms and Conditions

TotalTester Online

Technical Support

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

18.118.30.253