Ccsp (ISC)2 certified cloud security professional official study guide
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Indianapolis, [Indiana] :
John Wiley & Sons, Inc
2017.
|
| Edición: | 1st ed |
| Colección: | THEi Wiley ebooks.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009849089006719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright
- Acknowledgments
- About the Authors
- About the Technical Editors
- Contents at a Glance
- Contents
- Introduction
- Assessment Test
- Answers to Assessment Test
- Chapter 1 Architectural Concepts
- Business Requirements
- Existing State
- Quantifying Benefits and Opportunity Cost
- Intended Impact
- Cloud Evolution, Vernacular, and Definitions
- New Technology, New Options
- Cloud Computing Service Models
- Cloud Deployment Models
- Cloud Computing Roles and Responsibilities
- Cloud Computing Definitions
- Foundational Concepts of Cloud Computing
- Sensitive Data
- Virtualization
- Encryption
- Auditing and Compliance
- Cloud Service Provider Contracts
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 2 Design Requirements
- Business Requirements Analysis
- Inventory of Assets
- Valuation of Assets
- Determination of Criticality
- Risk Appetite
- Boundaries of Cloud Models
- IaaS Boundaries
- PaaS Boundaries
- SaaS Boundaries
- Design Principles for Protecting Sensitive Data
- Hardening Devices
- Encryption
- Layered Defenses
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 3 Data Classification
- Data Inventory and Discovery
- Data Ownership
- The Data Life Cycle
- Data Discovery Methods
- Jurisdictional Requirements
- Data Rights Management
- Intellectual Property Protections
- DRM Tool Traits
- Data Control
- Data Retention
- Data Audit
- Data Destruction/Disposal
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 4 Cloud Data Security
- Cloud Data Life Cycle
- Create
- Store
- Use
- Share
- Archive
- Destroy
- Cloud Storage Architectures
- Volume Storage: File-Based Storage and Block Storage
- Object-Based Storage
- Databases
- Content Delivery Network (CDN).
- Cloud Data Security Foundational Strategies
- Encryption
- Masking, Obfuscation, Anonymization, and Tokenization
- Security Information and Event Management
- Egress Monitoring (DLP)
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 5 Security in the Cloud
- Shared Cloud Platform Risks and Responsibilities
- Cloud Computing Risks by Deployment and Service Model
- Private Cloud
- Community Cloud
- Public Cloud
- Hybrid Cloud
- IaaS (Infrastructure as a Service)
- PaaS (Platform as a Service)
- SaaS (Software as a Service)
- Virtualization
- Cloud Attack Surface
- Threats by Deployment Model
- Countermeasure Methodology
- Disaster Recovery (DR) and Business Continuity Management (BCM)
- Cloud-Specific BIA Concerns
- Customer/Provider Shared BC/DR Responsibilities
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 6 Responsibilities in the Cloud
- Foundations of Managed Services
- Business Requirements
- Business Requirements: The Cloud Provider Perspective
- Shared Responsibilities by Service Type
- IaaS
- PaaS
- SaaS
- Shared Administration of OS, Middleware, or Applications
- Operating System Baseline Configuration and Management
- Share Responsibilities: Data Access
- Customer Directly Administers Access
- Provider Administers Access on Behalf of the Customer
- Third-Party (CASB) Administers Access on Behalf of the Customer
- Lack of Physical Access
- Audits
- Shared Policy
- Shared Monitoring and Testing
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 7 Cloud Application Security
- Training and Awareness
- Common Cloud Application Deployment Pitfalls
- Cloud-Secure Software Development Life Cycle (SDLC)
- ISO/IEC 27034-1 Standards for Secure Application Development
- Identity and Access Management (IAM).
- Identity Repositories and Directory Services
- Single Sign-On (SSO)
- Federated Identity Management
- Federation Standards
- Multifactor Authentication
- Supplemental Security Devices
- Cloud Application Architecture
- Application Programming Interfaces
- Tenancy Separation
- Cryptography
- Sandboxing
- Application Virtualization
- Cloud Application Assurance and Validation
- Threat Modeling
- Quality of Service
- Software Security Testing
- Approved APIs
- Software Supply Chain (API) Management
- Securing Open Source Software
- Runtime Application Self-Protection (RASP)
- Secure Code Reviews
- OWASP Top 9 Coding Flaws
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 8 Operations Elements
- Physical/Logical Operations
- Facilities and Redundancy
- Virtualization Operations
- Storage Operations
- Physical and Logical Isolation
- Security Training and Awareness
- Training Program Categories
- Additional Training Insights
- Basic Operational Application Security
- Threat Modeling
- Application Testing Methods
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 9 Operations Management
- Monitoring, Capacity, and Maintenance
- Monitoring
- Maintenance
- Change and Configuration Management (CM)
- Baselines
- Deviations and Exceptions
- Roles and Process
- Business Continuity and Disaster Recovery (BC/DR)
- Primary Focus
- Continuity of Operations
- The BC/DR Plan
- The BC/DR Kit
- Relocation
- Power
- Testing
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 10 Legal and Compliance Part 1
- Legal Requirements and Unique Risks in the Cloud Environment
- Legal Concepts
- U.S. Laws
- International Laws
- Laws, Frameworks, and Standards Around the World
- The Difference Between Laws, Regulations and Standards.
- Potential Personal and Data Privacy Issues in the Cloud Environment
- eDiscovery
- Forensic Requirements
- International Conflict Resolution
- Cloud Forensic Challenges
- Contractual and Regulated PII
- Direct and Indirect Identifiers
- Audit Processes, Methodologies, and Cloud Adaptations
- Virtualization
- Scope
- Gap Analysis
- Information Security Management Systems (ISMSs)
- The Right to Audit in Managed Services
- Audit Scope Statements
- Policies
- Different Types of Audit Reports
- Auditor Independence
- AICPA Reports and Standards
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Chapter 11 Legal and Compliance Part 2
- The Impact of Diverse Geographical Locations and Legal Jurisdictions
- Policies
- Implications of the Cloud for Enterprise Risk Management
- Choices Involved in Managing Risk
- Risk Management Frameworks
- Risk Management Metrics
- Contracts and Service-Level Agreements (SLAs)
- Business Requirements
- Cloud Contract Design and Management for Outsourcing
- Identifying Appropriate Supply Chain and Vendor Management Processes
- Common Criteria Assurance Framework (ISO/IEC 15408-1:2009)
- Cloud Computing Certification
- CSA Security, Trust, and Assurance Registry (STAR)
- Supply Chain Risk
- Summary
- Exam Essentials
- Written Labs
- Review Questions
- Appendix A Answers to the Review Questions
- Chapter 1: Architectural Concepts
- Chapter 2: Design Requirements
- Chapter 3: Data Classification
- Chapter 4: Cloud Data Security
- Chapter 5: Security in the Cloud
- Chapter 6: Responsibilities in the Cloud
- Chapter 7: Cloud Application Security
- Chapter 8: Operations Elements
- Chapter 9: Operations Management
- Chapter 10: Legal and Compliance Part 1
- Chapter 11: Legal and Compliance Part 2
- Appendix B Answers to the Written Labs
- Chapter 1
- Chapter 2.
- Chapter 3
- Chapter 4
- Chapter 5
- Chapter 6
- Chapter 7
- Chapter 8
- Chapter 9
- Chapter 10
- Chapter 11
- Index
- EULA.
