Details

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide


(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide


2. Aufl.

von: Ben Malisow

38,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 09.12.2019
ISBN/EAN: 9781119603368
Sprache: englisch
Anzahl Seiten: 384

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

The only official study guide for the new CCSP exam (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way. The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond. Review 100% of all CCSP exam objectives Practice applying essential concepts and skills Access the industry-leading online study tool set Test your knowledge with bonus practice exams and more As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.
Introduction xxi Assessment Test xxviii Chapter 1 Architectural Concepts 1 Cloud Characteristics 2 Business Requirements 4 Existing State 5 Quantifying Benefits and Opportunity Cost 6 Intended Impact 8 Cloud Evolution, Vernacular, and Models 9 New Technology, New Options 9 Cloud Computing Service Models 10 Cloud Deployment Models 12 Cloud Computing Roles and Responsibilities 13 Cloud Computing Definitions 14 Foundational Concepts of Cloud Computing 16 Sensitive Data 16 Virtualization 16 Encryption 16 Auditing and Compliance 17 Cloud Service Provider Contracts 17 Related and Emerging Technologies 18 Summary 19 Exam Essentials 19 Written Labs 20 Review Questions 21 Chapter 2 Design Requirements 25 Business Requirements Analysis 26 Inventory of Assets 26 Valuation of Assets 27 Determination of Criticality 27 Risk Appetite 29 Security Considerations for Different Cloud Categories 31 IaaS Considerations 32 PaaS Considerations 32 SaaS Considerations 32 General Considerations 33 Design Principles for Protecting Sensitive Data 33 Hardening Devices 33 Encryption 35 Layered Defenses 35 Summary 36 Exam Essentials 37 Written Labs 37 Review Questions 38 Chapter 3 Data Classification 43 Data Inventory and Discovery 45 Data Ownership 45 The Data Lifecycle 46 Data Discovery Methods 50 Jurisdictional Requirements 51 Information Rights Management (IRM) 53 Intellectual Property Protections 53 IRM Tool Traits 57 Data Control 59 Data Retention 60 Data Audit 61 Data Destruction/Disposal 63 Summary 65 Exam Essentials 65 Written Labs 66 Review Questions 67 Chapter 4 Cloud Data Security 71 Cloud Data Lifecycle 73 Create 74 Store 75 Use 75 Share 75 Archive 76 Destroy 77 Cloud Storage Architectures 78 Volume Storage: File-Based Storage and Block Storage 78 Object-Based Storage 78 Databases 79 Content Delivery Network (CDN) 79 Cloud Data Security Foundational Strategies 79 Encryption 79 Masking, Obfuscation, Anonymization, and Tokenization 81 Security Information and Event Management 84 Egress Monitoring (DLP) 85 Summary 86 Exam Essentials 86 Written Labs 87 Review Questions 88 Chapter 5 Security in the Cloud 93 Shared Cloud Platform Risks and Responsibilities 95 Cloud Computing Risks by Deployment Model 97 Private Cloud 98 Community Cloud 98 Public Cloud 100 Hybrid Cloud 104 Cloud Computing Risks by Service Model 104 Infrastructure as a Service (IaaS) 104 Platform as a Service (PaaS) 105 Software as a Service (SaaS) 106 Virtualization 106 Threats 107 Countermeasure Methodology 109 Disaster Recovery (DR) and Business Continuity (BC) 112 Cloud-Specific BIA Concerns 112 Customer/Provider Shared BC/DR Responsibilities 113 Summary 116 Exam Essentials 116 Written Labs 117 Review Questions 118 Chapter 6 Responsibilities in the Cloud 123 Foundations of Managed Services 126 Business Requirements 127 Business Requirements: The Cloud Provider Perspective 127 Shared Responsibilities by Service Type 133 IaaS 133 PaaS 133 SaaS 133 Shared Administration of OS, Middleware, or Applications 134 Operating System Baseline Configuration and Management 134 Shared Responsibilities: Data Access 136 Customer Directly Administers Access 137 Provider Administers Access on Behalf of the Customer 137 Third-Party (CASB) Administers Access on Behalf of the Customer 137 Lack of Physical Access 137 Audits 138 Shared Policy 142 Shared Monitoring and Testing 142 Summary 143 Exam Essentials 143 Written Labs 144 Review Questions 145 Chapter 7 Cloud Application Security 149 Training and Awareness 151 Common Cloud Application Deployment Pitfalls 154 Cloud-Secure Software Development Lifecycle (SDLC) 156 Configuration Management for the SDLC 157 ISO/IEC 27034-1 Standards for Secure Application Development 158 Identity and Access Management (IAM) 159 Identity Repositories and Directory Services 160 Single Sign-On (SSO) 161 Federated Identity Management 161 Federation Standards 162 Multifactor Authentication 162 Supplemental Security Components 163 Cloud Application Architecture 164 Application Programming Interfaces 164 Tenancy Separation 165 Cryptography 165 Sandboxing 166 Application Virtualization 167 Cloud Application Assurance and Validation 167 Threat Modeling 167 Quality of Service 169 Software Security Testing 170 Approved APIs 172 Software Supply Chain (API) Management 172 Securing Open-Source Software 172 Application Orchestration 173 The Secure Network Environment 174 Summary 175 Exam Essentials 175 Written Labs 176 Review Questions 177 Chapter 8 Operations Elements 181 Physical/Logical Operations 183 Facilities and Redundancy 184 Virtualization Operations 194 Storage Operations 196 Physical and Logical Isolation 199 Application Testing Methods 200 Security Operations Center 201 Continuous Monitoring 201 Incident Management 202 Summary 203 Exam Essentials 204 Written Labs 204 Review Questions 205 Chapter 9 Operations Management 209 Monitoring, Capacity, and Maintenance 211 Monitoring 211 Maintenance 213 Change and Configuration Management (CM) 217 Baselines 218 Deviations and Exceptions 218 Roles and Process 219 Release Management 221 IT Service Management and Continual Service Improvement 222 Business Continuity and Disaster Recovery (BC/DR) 223 Primary Focus 224 Continuity of Operations 225 The BC/DR Plan 225 The BC/DR Kit 227 Relocation 228 Power 229 Testing 230 Summary 231 Exam Essentials 231 Written Labs 232 Review Questions 233 Chapter 10 Legal and Compliance Part 1 237 Legal Requirements and Unique Risks in the Cloud Environment 239 Legal Concepts 239 US Laws 242 International Laws 246 Laws, Frameworks, and Standards Around the World 246 Information Security Management Systems (ISMSs) 252 The Difference between Laws, Regulations, and Standards 254 Potential Personal and Data Privacy Issues in the Cloud Environment 254 eDiscovery 255 Forensic Requirements 256 Conflicting International Legislation 256 Cloud Forensic Challenges 257 Direct and Indirect Identifiers 258 Forensic Data Collection Methodologies 258 Audit Processes, Methodologies, and Cloud Adaptations 259 Virtualization 259 Scope 259 Gap Analysis 260 Restrictions of Audit Scope Statements 260 Policies 261 Different Types of Audit Reports 261 Auditor Independence 262 AICPA Reports and Standards 262 Summary 263 Exam Essentials 264 Written Labs 264 Review Questions 265 Chapter 11 Legal and Compliance Part 2 269 The Impact of Diverse Geographical Locations and Legal Jurisdictions 271 Policies 272 Implications of the Cloud for Enterprise Risk Management 276 Choices Involved in Managing Risk 276 Risk Management Frameworks 279 Risk Management Metrics 281 Contracts and Service-Level Agreements (SLAs) 281 Business Requirements 284 Cloud Contract Design and Management for Outsourcing 284 Identifying Appropriate Supply Chain and Vendor Management Processes 285 Common Criteria Assurance Framework (ISO/IEC 15408-1:2009) 285 CSA Security, Trust, and Assurance Registry (STAR) 286 Supply Chain Risk 287 Manage Communication with Relevant Parties 288 Summary 289 Exam Essentials 289 Written Labs 289 Review Questions 290 Appendix A Answers to Written Labs 295 Chapter 1: Architectural Concepts 296 Chapter 2: Design Requirements 296 Chapter 3: Data Classification 297 Chapter 4: Cloud Data Security 298 Chapter 5: Security in the Cloud 299 Chapter 6: Responsibilities in the Cloud 299 Chapter 7: Cloud Application Security 300 Chapter 8: Operations Elements 300 Chapter 9: Operations Management 301 Chapter 10: Legal and Compliance Part 1 302 Chapter 11: Legal and Compliance Part 2 302 Appendix B Answers to Review Questions 303 Chapter 1: Architectural Concepts 304 Chapter 2: Design Requirements 305 Chapter 3: Data Classification 307 Chapter 4: Cloud Data Security 308 Chapter 5: Security in the Cloud 310 Chapter 6: Responsibilities in the Cloud 311 Chapter 7: Cloud Application Security 313 Chapter 8: Operations Elements 314 Chapter 9: Operations Management 316 Chapter 10: Legal and Compliance Part 1 317 Chapter 11: Legal and Compliance Part 2 319 Index 321
ABOUT THE AUTHOR Ben Malisow, CCSP, CISSP, SSCP, CISM, Security+, has worked with INFOSEC and education for more than 20 years. He has taught computer classes to students from grade 6 through university level and crafted and delivered the CISSP prep course (among others) for Carnegie-Mellon University's CERT/SEU. In addition, Malisow built and ran DARPA's internal INFOSEC training program, was the ISSM for the FBI's most-classified counterterror intelligence-sharing network and was a security architect for TSA. He also teaches exam prep courses for (ISC)2. You can find more of his writings at his blog: securityzed.com.
Includes interactive online learning environment and study tools with: Two complete custom practice exams Over 100 electronic flashcards Searchable glossary of terms Your Official Study Guide for the Certified Cloud Security Professional (CCSP) Exam Organizations increasingly rely on cloud-based services, making cloud data security more vital than ever. The (ISC)2 Certified Cloud Security Professional (CCSP) credential proves your expertise in every aspect of essential cloud security, and this Sybex Study Guide is the only official Study Guide reviewed and endorsed by (ISC)2. Covering 100% of CCSP exam objectives, this book helps you prepare with assessment tests that check exam readiness, objective maps, exercises, chapter review questions, and an industry-leading online study tool set. Along with plenty of practice in applying critical concepts and skills, you'll have online access to two complete practice exams, a searchable glossary of essential terms, and more than 100 electronic flash cards to help you review. It's the smartest, most effective way to prepare for the exam – and further your career. Coverage of all exam objectives in this Study Guide means you'll be ready for: Cloud Concepts, Architecture, and Design Cloud Data Security Cloud Platform and Infrastructure Security Cloud Application Security Cloud Security Operations Legal, Risk, and Compliance Interactive Learning Environment Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit http://www.wiley.com/go/sybextestprep, register your book to receive your unique PIN, and instantly gain access to: Interactive test bank with two custom practice exams to help you identify where you need additional study. Get more than 90% of the answers correct, and you're ready to take the certification exam. More than 475 questions total! More than 100 electronic flash cards to reinforce learning and last-minute prep before the exam. Comprehensive glossary in PDF format gives you instant access to the terms and definitions so you are fully prepared. ABOUT THE CCSP CERTIFICATION The CCSP is the premier cloud security certification from (ISC)??. This vendor-neutral certification validates IT and information security professionals' knowledge and competency to apply best practices to cloud security architecture, design, operations and service orchestration. It shows you're on the forefront of cloud security. (ISC)?? is a global nonprofit organization that maintains the Common Body of Knowledge for information security professionals. Candidates must have experience, adhere to the (ISC)?? Code of Ethics and maintain continuing education requirements or recertify every three years. Visit www.isc2.org to learn more.

Diese Produkte könnten Sie auch interessieren:

Symbian OS Explained
Symbian OS Explained
von: Jo Stichbury
PDF ebook
32,99 €
Symbian OS Internals
Symbian OS Internals
von: Jane Sales
PDF ebook
56,99 €
Parallel Combinatorial Optimization
Parallel Combinatorial Optimization
von: El-Ghazali Talbi
PDF ebook
109,99 €