CCSP (ISC)2 Certified Cloud Security Professional Exam Guide Build Your Knowledge to Pass the CCSP Exam with Expert Guidance
Become a Certified Cloud Security Professional and open new avenues for growth in your career Purchase of this book unlocks access to web-based exam prep resources including mock exams, flashcards, exam tips, and the eBook PDF Key Features Gain confidence to pass the CCSP exam with tricks, technique...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, England :
Packt Publishing Ltd
[2024]
|
| Edición: | First edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009835405406719 |
Tabla de Contenidos:
- Cover
- FM
- Copyright
- Contributors
- Table of Contents
- Preface
- Chapter 1: Core Cloud Concepts
- Making the Most Out of This Book - Your Certification and Beyond
- What Is Cloud Computing?
- Essential Cloud Computing Characteristics
- Cloud Stakeholders
- ISO/IEC 17789 CCRA Roles and Sub-Roles
- Cloud Service Customer
- CSP
- Cloud Service Partner
- Cloud Auditor
- NIST Cloud Computing Key Actors
- Cloud Consumer
- Cloud Provider
- Cloud Broker
- Cloud Auditor (CA)
- Cloud Carrier (CC)
- Key Cloud Computing Technologies and Building Blocks
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 2: Cloud Reference Architecture
- Cloud Service Models
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
- Cloud Service Models and Categories
- Cloud Deployment Models
- Shared Responsibility Model
- Shared Considerations for Cloud Deployments
- Emerging Technologies in Cloud Computing
- Data Science
- Artificial Intelligence and Machine Learning (AI/ML)
- Blockchain
- Internet of Things (IoT)
- Containers
- Quantum Computing
- Quantum as a Service (QaaS)
- Quantum-Enhanced Optimization and ML
- Quantum Simulation and Modeling
- Quantum Cloud-Based Software Development
- Edge Computing
- Confidential Computing
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 3: Top Threats and Essential Cloud Security Concepts and Controls
- The CIA Triad-Confidentiality, Integrity, and Availability
- Common Threats to Cloud Deployments
- Data Breaches
- Misconfiguration
- Insecure APIs
- Insider Threats
- Account Hijacking
- Security Control Categories and Types
- Security Control Categories/Classes
- Security Control Types and Functionality
- Summary
- Exam Readiness Drill - Chapter Review Questions.
- Chapter 4: Design Principles for Secure Cloud Computing
- Security for IaaS, SaaS, and PaaS
- Security Considerations for Infrastructure as a Service (IaaS)
- Core Elements of Security for IaaS
- Security Considerations for Platform as a Service (PaaS)
- Core Elements of Security for PaaS
- Security Considerations for Software as a Service (SaaS)
- Core Elements of Security for SaaS
- Shared Responsibility Model for Cloud Service Models
- Review of Your Responsibilities
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 5: How to Evaluate Your Cloud Service Provider
- Key Cloud Service Contractual Documents
- CSA
- The Customer Agreement
- The CSA from a CSP Perspective
- AUP
- The Purpose of an AUP
- The Importance of an AUP
- SLA
- The Purpose of an SLA
- The Key Characteristics of an SLA
- The Importance of an SLA
- Evaluation of the CSP Services
- Know Your Business Needs
- Assessing Security and Compliance
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 6: Cloud Data Security Concepts and Architectures
- Structured and Unstructured Data
- Key Differences
- The Cloud Data Lifecycle
- Data Creation or Procurement
- Data Storage
- Data Usage
- Data Sharing
- Data Archiving
- Data Destruction
- Various Storage Types and Common Threats
- Object Storage
- File Storage
- Block Storage
- Prevalent Threats to Cloud Data
- Security Measures for Cloud Object Storage, File Storage, and Block Storage
- Data Classification and Discovery
- Recommended Data Classification Process
- Cloud Data Security Technologies and Common Strategies
- Encryption in Cloud Data Security
- IAM
- SIEM
- Firewall and Intrusion Detection Systems
- Data Loss Prevention Tools
- Critical Cloud Data Security Strategies
- Importance of a Cloud Security Policy.
- Implementing a Cloud Security Policy
- Regular Security Audits and Assessments
- Employee Training and Awareness
- Regular Data Backups and Recovery Planning
- Best Practices for Data Retention, Archival, and Deletion
- Understanding Data Lifecycle Management
- Implementing Data Retention Policies
- Secure Data Deletion Techniques
- Effective Data Archiving Solutions
- Compliance with Data Protection Regulations
- Lessons from Cloud Data Security Breaches
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 7: Data Governance Essentials
- Data Governance
- Data Dispersion in the Cloud
- The Importance of Data Governance for Cloud Security
- Leveraging Cloud-Specific Tools and Services
- IRM
- The Role of IRM in Data Governance
- Key Components of an Effective IRM System
- IRM and Cloud Computing
- Implementing IRM
- Implementing IRM in a Cloud Environment
- Best Practices for IRM Implementation
- Case Studies of Successful IRM Implementation
- Auditability in Cloud Data Governance
- Implementing Auditability in the Cloud
- Traceability in Cloud Data Governance
- Implementing Traceability in the Cloud
- Tools and Technologies for Enhancing Traceability
- Accountability in Cloud Data Governance
- Key Components of Accountability
- Implementing Accountability in Cloud Data Governance
- Tools and Technologies for Enhancing Accountability
- Cloud Data Life Cycle
- The Role of IRM, Auditability, Traceability, and Accountability in Each Phase of the Cloud Data Life Cycle
- Challenges and Solutions in Implementing IRM and Data Governance in the Cloud
- Emerging Trends and Technologies in Cloud Data Governance and IRM
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 8: Essential Infrastructure and Platform Components for a Secure Data Center.
- Cloud Infrastructure and Platform Components
- Physical Environment
- Network and Communications
- VMs
- Storage
- Virtualization
- Management Plane
- Designing a Secure Data Center
- Physical Design
- Choosing a Location
- Buying versus Building
- Environmental Design
- Heating, Ventilation, and Air Conditioning (HVAC)
- Multi-Vendor Pathway Connectivity
- Logical Design
- Tenant Partitioning
- Access Control
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 9: Analyzing Risks
- Overview of Risk Management
- Key Concepts in Risk Management
- Risk Management in Cloud Environments
- IaaS
- PaaS
- SaaS
- Distinction between Cloud Service Models and Deployment Models (Public, Private, Hybrid, and Community)
- Cybersecurity
- Importance of Risk Management in Cloud Computing
- The Outsourcing Model
- Vendor-Lock In
- Data Residency - Processing, Storage, and Transfer Considerations
- Access to Resources
- Resources that are not persistent (ephemeral)
- Risk Identification and Analysis
- Risk Frameworks
- Assessing the CSP's Risk
- SLAs
- Identifying Cloud Security Risks
- Tools and Practices for Identifying Risks in Cloud Environments
- Risk Assessments and Tools
- External Third-Party Assessments
- Analyzing and Assessing Cloud Security Risks
- Qualitative versus Quantitative Risk Analysis Methods
- Tools and Frameworks for Cloud Risk Assessments
- Cloud Attack Surface Area, Vulnerabilities, Threats, and Attack Vectors
- Cloud Attack Surface and Vulnerabilities
- Hypervisor
- Direct Connections from Remote Devices
- Threats, Attack Vectors, and Incident Response (IR) in Cloud
- IR Planning for Cloud Environments
- Risk Response Strategies
- Addressing Cloud Security Risks - Safeguards and Countermeasures
- Data Breaches and Data Loss
- Non-Authorized Access.
- Administrative Concerns
- Virtualization Risks
- Regulatory Non-Compliance
- Distributed Denial of Service (DDoS) Attacks
- Man-in-the-Middle Attacks
- Vendor Issues
- Shadow IT
- Natural Disasters
- Insider Threats
- Insecure APIs
- Misconfigurations
- Forensic Challenges in Cloud Environments and Solutions
- Implementing Cloud Security Best Practices, Controls and Countermeasures
- Best Practices
- Controls
- Data Encryption and Protection Techniques in the Cloud
- IAM in Cloud Environments
- Information Rights Management (IRM) / Digital Rights Management (DRM)
- Virtualization
- Network Segmentation
- Firewalls and Other Devices
- DLP Tools / Egress Monitoring
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 10: Security Control Implementation
- Physical and Environmental Protection Controls
- Site Selection and Facility Design
- System, Storage, and Communication Protection Controls
- Protecting Data
- Cryptographic Key Establishment and Management
- Managing a Network to Protect Systems and Services
- Landing Zones
- Virtualization Systems
- IAM Solutions for Identification, Authentication, and Authorization
- OpenID
- OAuth
- Identification
- Authentication
- Authentication Methods
- Conditional Authentication Policies
- Authorization
- Federation
- Key Cloud Control Audit Mechanisms
- Log Collection
- Correlation
- Packet Capturing
- Summary
- Exam Readiness Drill - Chapter Review Questions
- Chapter 11: Planning for the Worst-Case Scenario - Business Continuity and Disaster Recovery
- BCDR Definitions
- The Importance of BCDR
- Key Concepts and Terminology
- BCDR Strategies
- Defining the Scope of the BCDR Plan
- Gathering Requirements and Generating Objectives
- Integrating Requirements
- Assessing Risk
- Performance Issues Due to Location Change.
- Cost and Effort to Maintain Redundancy.
