Book description
Globally recognized and backed by the Cloud Security Alliance (CSA) and the (ISC)2 the CCSP credential is the ideal way to match marketability and credibility to your cloud security skill set. The Official (ISC)2® Guide to the CCSPSM CBK® is your ticket for expert insight through the 6 CCSP domains. You will find step-by-step guidance through real-life scenarios, illustrated examples, tables, best practices, and more. Sample questions help you reinforce what you have learned and prepare smarter. Easy-to-follow content guides you through
• Major topics and subtopics within the 6 domains
• Detailed description of exam format
• Exam registration and administration policies
Reviewed by cloud security experts, and developed by (ISC)2, this is your study guide to fully preparing for the CCSP and reaffirming your unique cloud security skills. Get ready for the next step in your career with Official (ISC)2 Guide to the CCSP CBK.
Table of contents
- Introduction
-
Domain 1: Architectural Concepts and Design Requirements Domain
- Cloud Computing Definitions
- Cloud Computing Roles
- Key Cloud Computing Characteristics
- Cloud Transition Scenario
- Building Blocks
- Cloud Computing Activities
- Cloud Service Categories
- Cloud Deployment Models
- Cloud Cross-Cutting Aspects
- Network Security and Perimeter
- Cryptography
- IAM and Access Control
- Data and Media Sanitization
- Virtualization Security
- Common Threats
- Security Considerations for Different Cloud Categories
- Open Web Application Security Project (OWASP) Top Ten Security Threats
- Cloud Secure Data Lifecycle
- Information/Data Governance Types
- Business Continuity/Disaster Recovery Planning
- Cost-Benefit Analysis
- Certification Against Criteria
- System/Subsystem Product Certification
- Summary
- Review Questions
- Notes
-
Domain 2: Cloud Data Security Domain
- The Cloud Data Lifecycle Phases
- Location and Access of Data
- Functions, Actors, and Controls of the Data
- Cloud Services, Products, and Solutions
- Data Storage
- Relevant Data Security Technologies
- Application of Security Strategy Technologies
- Emerging Technologies
- Data Discovery
- Data Classification
- Data Privacy Acts
- Typical Meanings for Common Privacy Terms
- Privacy Roles for Customers and Service Providers
- Responsibility Depending on the Type of Cloud Services
- Implementation of Data Discovery
- Classification of Discovered Sensitive Data
- Mapping and Definition of Controls
- Privacy Level Agreement (PLA)
- PLAs vs. Essential P&DP Requirements Activity
- Application of Defined Controls for Personally Identifiable Information (PII)
- Data Rights Management Objectives
- Data-Protection Policies
- Events
- Supporting Continuous Operations
- Chain of Custody and Non-Repudiation
- Summary
- Review Questions
- Notes
-
Domain 3: Cloud Platform and Infrastructure Security Domain
- Network and Communications in the Cloud
- The Compute Parameters of a Cloud Server
- Storage Issues in the Cloud
- Management of Cloud Computing Risks
- Countermeasure Strategies Across the Cloud
- Physical and Environmental Protections
- System and Communication Protections
- Virtualization Systems Controls
- Managing Identification, Authentication, and Authorization in the Cloud Infrastructure
- Risk Audit Mechanisms
- Understanding the Cloud Environment Related to BCDR
- Understanding the Business Requirements Related to BCDR
- Understanding the BCDR Risks
- BCDR Strategies
- Creating the BCDR Plan
- Summary
- Review Questions
- Notes
-
Domain 4: Cloud Application Security
- Determining Data Sensitivity and Importance
- Understanding the Application Programming Interfaces (APIs)
- Common Pitfalls of Cloud Security Application Deployment
- Awareness of Encryption Dependencies
- Understanding the Software Development Lifecycle (SDLC) Process for a Cloud Environment
- Assessing Common Vulnerabilities
- Cloud-Specific Risks
- Threat Modeling
- Identity and Access Management (IAM)
- Federated Identity Management
- Multi-Factor Authentication
- Supplemental Security Devices
- Cryptography
- Tokenization
- Data Masking
- Sandboxing
- Application Virtualization
- Cloud-Based Functional Data
- Cloud-Secure Development Lifecycle
- Application Security Testing
- Summary
- Review Questions
- Notes
-
Domain 5: Operations Domain
- Modern Datacenters and Cloud Service Offerings
- Factors That Impact Datacenter Design
- Enterprise Operations
- Secure Configuration of Hardware: Specific Requirements
- Installation and Configuration of Virtualization Management Tools for the Host
- Securing the Network Configuration
- Identifying and Understanding Server Threats
- Using Stand-Alone Hosts
- Using Clustered Hosts
- Accounting for Dynamic Operation
- Using Storage Clusters
- Using Maintenance Mode
- Providing High Availability on the Cloud
- The Physical Infrastructure for Cloud Environments
- Configuring Access Control for Remote Access
- Performing Patch Management
- Performance Monitoring
- Backing Up and Restoring the Host Configuration
- Implementing Network Security Controls: Defense in Depth
- Developing a Management Plan
- Building a Logical Infrastructure for Cloud Environments
- Running a Logical Infrastructure for Cloud Environments
- Managing the Logical Infrastructure for Cloud Environments
- Implementation of Network Security Controls
- Using an IT Service Management (ITSM) Solution
- Considerations for Shadow IT
- Operations Management
- Managing Risk in Logical and Physical Infrastructures
- The Risk-Management Process Overview
- Understanding the Collection and Preservation of Digital Evidence
- Managing Communications with Relevant Parties
- Wrap Up: Data Breach Example
- Summary
- Review Questions
- Notes
-
Domain 6: Legal and Compliance Domain
- International Legislation Conflicts
- Legislative Concepts
- Frameworks and Guidelines Relevant to Cloud Computing
- Common Legal Requirements
- Legal Controls and Cloud Providers
- eDiscovery
- Cloud Forensics and ISO/IEC 27050-1
- Protecting Personal Information in the Cloud
- Auditing in the Cloud
- Standard Privacy Requirements (ISO/IEC 27018)
- Generally Accepted Privacy Principles (GAPP)
- Internal Information Security Management System (ISMS)
- Implementing Policies
- Identifying and Involving the Relevant Stakeholders
- Impact of Distributed IT Models
- Understanding the Implications of the Cloud to Enterprise Risk Management
- Risk Mitigation
- Understanding Outsourcing and Contract Design
- Business Requirements
- Vendor Management
- Cloud Computing Certification: CCSL and CCSM
- Contract Management
- Supply Chain Management
- Summary
- Review Questions
- Notes
- Appendix A: Answers to Review Questions
- Appendix B: Glossary
- Appendix C: Helpful Resources and Links
- Titlepage
- Copyright
- Credits
- About the Editor
- Foreword
- Introduction
- End-User License Agreement
Product information
- Title: The Official (ISC)2 Guide to the CCSP CBK
- Author(s):
- Release date: November 2015
- Publisher(s): Sybex
- ISBN: 9781119207498
You might also like
book
The Official (ISC)2 Guide to the CCSP CBK, 2nd Edition
Globally recognized and backed by the Cloud Security Alliance (CSA) and the (ISC)2 the CCSP credential …
book
Official (ISC)2® Guide to the ISSAP® CBK, 2nd Edition
Candidates for the CISSP-ISSAP professional certification need to not only demonstrate a thorough understanding of the …
book
Information Security Handbook
Implement information security effectively as per your organization's needs. About This Book Learn to build your …
book
CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide
The only official study guide for the new CCSP exam CCSP (ISC) is your ultimate resource …