Home Page Icon
Home Page
Table of Contents for
Title Page
Close
Title Page
by Daniel Carter
CCSP Certified Cloud Security Professional All-in-One Exam Guide, Second Edition, 2nd Edition
Cover
Title Page
Copyright Page
Dedication
ABOUT THE AUTHOR
CONTENTS AT A GLANCE
CONTENTS
Introduction
Acknowledgments
Chapter 1 How to Obtain the CCSP and Introduction to Security
Why Get Certified?
How to Get Certified
CCSP Domains
Domain 1: Cloud Concepts, Architecture, and Design
Domain 2: Cloud Data Security
Domain 3: Cloud Platform and Infrastructure Security
Domain 4: Cloud Application Security
Domain 5: Cloud Security Operations
Domain 6: Legal, Risk, and Compliance
Introduction to IT Security
Basic Security Concepts
Risk Management
Business Continuity and Disaster Recovery
Chapter Review
Chapter 2 Cloud Concepts, Architecture, and Design
Cloud Computing Concepts
Cloud Computing Definitions
Cloud Computing Roles
Key Cloud Computing Characteristics
Building-Block Technologies
Cloud Reference Architecture
Cloud Computing Activities
Cloud Service Capabilities
Cloud Service Categories
Cloud Deployment Models
Cloud Shared Considerations
Impact of Related Technologies
Security Concepts Relevant to Cloud Computing
Cryptography
Access Control
Data and Media Sanitation
Network Security
Virtualization Security
Common Threats
Security Considerations for the Different Cloud Categories
Design Principles of Secure Cloud Computing
Cloud Secure Data Lifecycle
Cloud-Based Business Continuity/Disaster Recovery Planning
Cost-Benefit Analysis
Identify Trusted Cloud Services
Certification Against Criteria
System/Subsystem Product Certifications
Cloud Architecture Models
Sherwood Applied Business Security Architecture (SABSA)
IT Infrastructure Library (ITIL)
The Open Group Architecture Framework (TOGAF)
NIST Cloud Technology Roadmap
Exercise
Chapter Review
Questions
Questions and Answers
Chapter 3 Cloud Data Security
Describe Cloud Data Concepts
Cloud Data Lifecycle Phases
Data Dispersion
Design and Implement Cloud Data Storage Architectures
Storage Types
Threats to Storage Types
Design and Apply Data Security Strategies
Encryption
Hashing
Key Management
Tokenization
Data Loss Prevention
Data De-identification
Application of Technologies
Emerging Technologies
Implement Data Discovery
Structured Data
Unstructured Data
Implement Data Classification
Mapping
Labeling
Sensitive Data
Relevant Jurisdictional Data Protections for Personally Identifiable Information
Data Privacy Acts
Privacy Roles and Responsibilities
Implementation of Data Discovery
Classification of Discovered Sensitive Data
Mapping and Definition of Controls
Application of Defined Controls
Data Rights Management
Data Rights Objectives
Tools
Data Retention, Deletion, and Archiving Policies
Data Retention
Data Deletion
Data Archiving
Legal Hold
Auditability, Traceability, and Accountability of Data Events
Definition of Event Sources
Identity Attribution Requirements
Data Event Logging
Storage and Analysis of Data Events
Continuous Optimizations
Chain of Custody and Nonrepudiation
Exercise
Chapter Review
Questions
Questions and Answers
Chapter 4 Cloud Platform and Infrastructure Security
Comprehend Cloud Infrastructure Components
Physical Environment
Network and Communications
Compute
Storage
Virtualization
Management Plane
Analyze Risks Associated with Cloud Infrastructure
Risk Assessment and Analysis
Virtualization Risks
Countermeasure Strategies
Design and Plan Security Controls
Physical and Environmental Protection
System and Communication Protection
Virtualization Systems Protection
Identification, Authentication, and Authorization in a Cloud Infrastructure
Audit Mechanisms
Disaster Recovery and Business Continuity Management Planning
Understanding the Cloud Environment
Understanding Business Requirements
Understanding Risks
Disaster Recovery/Business Continuity Strategy
Exercise
Chapter Review
Questions
Questions and Answers
Chapter 5 Cloud Application Security
Advocate Training and Awareness for Application Security
Cloud Development Basics
Common Pitfalls
Describe the Secure Software Development Lifecycle (SDLC) Process
Business Requirements
Phases and Methodologies
Apply the Secure Software Development Lifecycle
Avoid Common Vulnerabilities During Development
Cloud-Specific Risks
Quality of Service
Threat Modeling
Software Configuration Management and Versioning
Cloud Software Assurance and Validation
Cloud-Based Functional Testing
Cloud Secure Development Lifecycle (CSDLC)
Security Testing
Verified Secure Software
Approved API
Supply-Chain Management
Community Knowledge
Cloud Application Architecture
Supplemental Security Devices
Cryptography
Sandboxing
Application Virtualization
Identity and Access Management (IAM) Solutions
Federated Identity
Identity Providers
Single Sign-On
Multifactor Authentication
Exercise
Chapter Review
Questions
Questions and Answers
Chapter 6 Cloud Security Operations
Support the Planning Process for the Data Center Design
Logical Design
Physical Design
Environmental Design
Implement and Build the Physical Infrastructure for the Cloud Environment
Secure Configuration of Hardware-Specific Requirements
Installation and Configuration of Virtualization Management Tools
Virtual Hardware Specific Security Configuration Requirements
Installation of Guest Operating System Virtualization Toolsets
Operate the Physical and Logical Infrastructure for the Cloud Environment
Configuration of Access Control for Local and Remote Access
Secure Network Configuration
OS Hardening via Application of Baselines
Availability of Standalone Hosts
Availability of Clustered Hosts
Availability of the Guest Operating System
Manage the Physical and Logical Infrastructure for Cloud Environment
Access Controls for Remote Access
OS Baseline Compliance Monitoring and Remediation
Patch Management
Performance Monitoring
Hardware Monitoring
Backup and Restore Functions
Network Security Controls
Management Plan
Implement Operational Controls and Standards
Change Management
Continuity Management
Information Security Management
Continual Service Improvement Management
Incident Management
Problem Management
Release and Deployment Management
Configuration Management
Service Level Management
Availability Management
Capacity Management
Support Digital Forensics
Proper Methodologies for the Forensic Collection of Data
Evidence Management
Manage Communication with Relevant Parties
Vendors
Customers
Partners
Regulators
Other Stakeholders
Manage Security Operations
Security Operations Center
Monitoring of Security Controls
Log Capture and Analysis
Exercise
Chapter Review
Questions
Questions and Answers
Chapter 7 Legal, Risk, and Compliance
Articulate Legal Requirements and Unique Risks Within the Cloud Environment
Conflicting International Legislation
Evaluation of Legal Risks Specific to Cloud Computing
Legal Framework and Guidelines
eDiscovery
Forensics Requirements
Understand Privacy Issues
Difference Between Contractual and Regulated Personally Identifiable Information (PII)
Country-Specific Legislation Related to PII and Data Privacy
Differences Among Confidentiality, Integrity, Availability, and Privacy
Standard Privacy Requirements
Understand Audit Processes, Methodologies, and Required Adaptations for a Cloud Environment
Internal and External Audit Controls
Impact of Audit Requirements
Identify Assurance Challenges of Virtualization and Cloud
Types of Audit Reports
Restrictions of Audit Scope Statements
Gap Analysis
Audit Planning
Internal Information Security Management System (ISMS)
Internal Information Security Controls System
Policies
Identification and Involvement of Relevant Stakeholders
Specialized Compliance Requirements for Highly Regulated Industries
Impact of Distributed IT Model
Understand Implications of Cloud to Enterprise Risk Management
Assess Provider’s Risk Management
Difference Between Data Owner/Controller vs. Data Custodian/Processor
Risk Treatment
Different Risk Frameworks
Metrics for Risk Management
Assessment of the Risk Environment
Understand Outsourcing and Cloud Contract Design
Business Requirements
Vendor Management
Contract Management
Executive Vendor Management
Supply-Chain Management
Exercise
Chapter Review
Questions
Questions and Answers
Appendix A Exam Review Questions
Questions
Quick Answers
Questions and Comprehensive Answer Explanations
Appendix B About the Online Content
System Requirements
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Technical Support
Glossary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cover
Next
Next Chapter
Copyright Page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset