Official (Isc)2 Ccsp Cbk Reference

Read more

Klappentext "We wish you all the best in your CCSP® journey. From the very beginning through the advancements and discoveries that you are sure to find along the way, (ISC)2 will be by your side, always advocating for you, as we work together to create a safe and secure cyber world." - Clar Rosso, CEO of (ISC)2 The only official body of knowledge for CCSP-the most popular cloud security credential-fully revised and updated. Certified Cloud Security Professional (CCSP) certification validates the advanced technical skills needed to design, manage, and secure data, applications, and infrastructure in the cloud. This highly sought-after global credential has been updated with revised objectives. The new fourth edition of The Official (ISC)2® CCSP® CBK® Reference is the authoritative, vendor-neutral common body of knowledge for cloud security professionals. This comprehensive resource provides cloud security professionals with an indispensable working reference to each of the six CCSP domains: Cloud Concepts, Architecture and Design; Cloud Data Security; Cloud Platform and Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk and Compliance. Detailed, in-depth chapters contain the accurate information required to prepare for and achieve CCSP certification. Every essential area of cloud security is covered, including implementation, architecture, operations, controls, and immediate and long-term responses. The Official (ISC)2®CCSP® CBK® Reference is a vital ongoing resource for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Zusammenfassung The only official body of knowledge for CCSP--the most popular cloud security credential--fully revised and updated.Certified Cloud Security Professional (CCSP) certification validates the advanced technical skills needed to design, manage, and secure data, applications, and infrastructure in the cloud. This highly sought-after global credential has been updated with revised objectives. The new third edition of The Official (ISC)² Guide to the CCSP CBK is the authoritative, vendor-neutral common body of knowledge for cloud security professionals.This comprehensive resource provides cloud security professionals with an indispensable working reference to each of the six CCSP domains: Cloud Concepts, Architecture and Design; Cloud Data Security; Cloud Platform and Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk and Compliance. Detailed, in-depth chapters contain the accurate information required to prepare for and achieve CCSP certification. Every essential area of cloud security is covered, including implementation, architecture, operations, controls, and immediate and long-term responses.Developed by (ISC)², the world leader in professional cybersecurity certification and training, this indispensable guide:* Covers the six CCSP domains and over 150 detailed objectives* Provides guidance on real-world best practices and techniques* Includes illustrated examples, tables, and diagramsThe Official (ISC)² Guide to the CCSP CBK is a vital ongoing resource for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Inhaltsverzeichnis Foreword to the Fourth Edition xxi Introduction xix Chapter 1 Cloud Concepts, Architecture, and Design 1 Understand Cloud Computing Concepts 2 Cloud Computing Definitions 2 Cloud Computing Roles and Responsibilities 3 Key Cloud Computing Characteristics 7 Building Block Technologies 11 Describe Cloud Reference Architecture 14 Cloud Computing Activities 14 Cloud Service Capabilities 15 Cloud Service Categories 17<...

List of contents

Foreword to the Fourth Edition xxi
 
Introduction xix
 
Chapter 1 Cloud Concepts, Architecture, and Design 1
 
Understand Cloud Computing Concepts 2
 
Cloud Computing Definitions 2
 
Cloud Computing Roles and Responsibilities 3
 
Key Cloud Computing Characteristics 7
 
Building Block Technologies 11
 
Describe Cloud Reference Architecture 14
 
Cloud Computing Activities 14
 
Cloud Service Capabilities 15
 
Cloud Service Categories 17
 
Cloud Deployment Models 18
 
Cloud Shared Considerations 21
 
Impact of Related Technologies 27
 
Understand Security Concepts Relevant to Cloud Computing 33
 
Cryptography and Key Management 33
 
Identity and Access Control 34
 
Data and Media Sanitization 36
 
Network Security 37
 
Virtualization Security 39
 
Common Threats 41
 
Security Hygiene 41
 
Understand Design Principles of Secure Cloud Computing 43
 
Cloud Secure Data Lifecycle 43
 
Cloud- Based Business Continuity and Disaster Recovery Plan 44
 
Business Impact Analysis 45
 
Functional Security Requirements 46
 
Security Considerations for Different Cloud Categories 48
 
Cloud Design Patterns 49
 
DevOps Security 51
 
Evaluate Cloud Service Providers 51
 
Verification against Criteria 52
 
System/Subsystem Product Certifications 54
 
Summary 56
 
Chapter 2 Cloud Data Security 57
 
Describe Cloud Data Concepts 58
 
Cloud Data Lifecycle Phases 58
 
Data Dispersion 61
 
Data Flows 62
 
Design and Implement Cloud Data Storage Architectures 63
 
Storage Types 63
 
Threats to Storage Types 66
 
Design and Apply Data Security Technologies and Strategies 67
 
Encryption and Key Management 67
 
Hashing 70
 
Data Obfuscation 71
 
Tokenization 73
 
Data Loss Prevention 74
 
Keys, Secrets, and Certificates Management 77
 
Implement Data Discovery 78
 
Structured Data 79
 
Unstructured Data 80
 
Semi- structured Data 81
 
Data Location 82
 
Implement Data Classification 82
 
Data Classification Policies 83
 
Mapping 85
 
Labeling 86
 
Design and Implement Information Rights Management 87
 
Objectives 88
 
Appropriate Tools 89
 
Plan and Implement Data Retention, Deletion, and Archiving Policies 89
 
Data Retention Policies 90
 
Data Deletion Procedures and Mechanisms 93
 
Data Archiving Procedures and Mechanisms 94
 
Legal Hold 95
 
Design and Implement Auditability, Traceability, and Accountability of Data Events 96
 
Definition of Event Sources and Requirement of Event Attribution 97
 
Logging, Storage, and Analysis of Data Events 99
 
Chain of Custody and Nonrepudiation 100
 
Summary 101
 
Chapter 3 Cloud Platform and Infrastructure Security 103
 
Comprehend Cloud Infrastructure and Platform Components 104
 
Physical Environment 104
 
Network and Communications 106
 
Compute 107
 
Virtualization 108
 
Storage 110
 
Management Plane 111
 
Design a Secure Data Center 113
 
Logical Design 114
 
Physical Design 116
 
Environmental Design 117
 
Analyze Risks Associated with Cloud Infrastructure and Platforms 119
 
Risk Assessment 119
 
Cloud Vulnerabilities, Threats, and Attacks 122
 
Risk Mitigation Strategi