Details

The Official (ISC)2 CCSP CBK Reference


The Official (ISC)2 CCSP CBK Reference


3. Aufl.

von: Leslie Fife, Aaron Kraus, Bryan Lewis

61,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 17.06.2021
ISBN/EAN: 9781119603467
Sprache: englisch
Anzahl Seiten: 320

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

<p><b>The only official body of knowledge for CCSP—the most popular cloud security credential—fully revised and updated.</b></p> <p>Certified Cloud Security Professional (CCSP) certification validates the advanced technical skills needed to design, manage, and secure data, applications, and infrastructure in the cloud. This highly sought-after global credential has been updated with revised objectives. The new third edition of <i>The Official (ISC)<sup>2</sup> Guide to the CCSP CBK </i>is the authoritative, vendor-neutral common body of knowledge for cloud security professionals. </p> <p>This comprehensive resource provides cloud security professionals with an indispensable working reference to each of the six CCSP domains: Cloud Concepts, Architecture, and Design; Cloud Data Security; Cloud Platform and Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk, and Compliance. Detailed, in-depth chapters contain the accurate information required to prepare for and achieve CCSP certification. Every essential area of cloud security is covered, including implementation, architecture, operations, controls, and immediate and long-term responses.</p> <p>Developed by (ISC)<sup>2</sup>, the world leader in professional cybersecurity certification and training, this indispensable guide:</p> <ul> <li>Covers the six CCSP domains and over 150 detailed objectives</li> <li>Provides guidance on real-world best practices and techniques</li> <li>Includes illustrated examples, tables, diagrams and sample questions</li> </ul> <p><i>The Official (ISC)<sup>2</sup> Guide to the CCSP CBK </i>is a vital ongoing resource for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration.</p>
<p>Acknowledgments v</p> <p>About the Authors vii</p> <p>About the Technical Editor ix</p> <p>Foreword to the Third Edition xxi</p> <p>Introduction xxiii</p> <p><b>Domain 1: Cloud Concepts, Architecture, and Design 1</b></p> <p>Understand Cloud Computing Concepts 1</p> <p>Cloud Computing Definitions 1</p> <p>Cloud Computing Roles 4</p> <p>Key Cloud Computing Characteristics 5</p> <p>Building Block Technologies 9</p> <p>Describe Cloud Reference Architecture 12</p> <p>Cloud Computing Activities 12</p> <p>Cloud Service Capabilities 13</p> <p>Cloud Service Categories 14</p> <p>Cloud Deployment Models 15</p> <p>Cloud Shared Considerations 17</p> <p>Impact of Related Technologies 23</p> <p>Understand Security Concepts Relevant to Cloud Computing 27</p> <p>Cryptography and Key Management 27</p> <p>Access Control 28</p> <p>Data and Media Sanitization 29</p> <p>Network Security 30</p> <p>Virtualization Security 31</p> <p>Common Threats 32</p> <p>Understand Design Principles of Secure Cloud Computing 33</p> <p>Cloud Secure Data Lifecycle 33</p> <p>Cloud-Based Disaster Recovery and Business Continuity Planning 33</p> <p>Cost-Benefit Analysis 34</p> <p>Functional Security Requirements 35</p> <p>Security Considerations for Different Cloud Categories 36</p> <p>Evaluate Cloud Service Providers 38</p> <p>Verification against Criteria 39</p> <p>System/Subsystem Product Certifications 40</p> <p>Summary 41</p> <p><b>Domain 2: Cloud Data Security 43</b></p> <p>Describe Cloud Data Concepts 43</p> <p>Cloud Data Lifecycle Phases 44</p> <p>Data Dispersion 47</p> <p>Design and Implement Cloud Data Storage Architectures 48</p> <p>Storage Types 48</p> <p>Threats to Storage Types 50</p> <p>Design and Apply Data Security Technologies and Strategies 52</p> <p>Encryption and Key Management 52</p> <p>Hashing 55</p> <p>Masking 56</p> <p>Tokenization 56</p> <p>Data Loss Prevention 57</p> <p>Data Obfuscation 60</p> <p>Data De-identification 61</p> <p>Implement Data Discovery 62</p> <p>Structured Data 64</p> <p>Unstructured Data 65</p> <p>Implement Data Classification 66</p> <p>Mapping 68</p> <p>Labeling 68</p> <p>Sensitive Data 69</p> <p>Design and Implement Information Rights Management 71</p> <p>Objectives 72</p> <p>Appropriate Tools 73</p> <p>Plan and Implement Data Retention, Deletion, and Archiving Policies 74</p> <p>Data Retention Policies 74</p> <p>Data Deletion Procedures and Mechanisms 77</p> <p>Data Archiving Procedures and Mechanisms 79</p> <p>Legal Hold 80</p> <p>Design and Implement Auditability, Traceability, and Accountability of Data Events 81</p> <p>Definition of Event Sources and Requirement of Identity Attribution 81</p> <p>Logging, Storage, and Analysis of Data Events 82</p> <p>Chain of Custody and Nonrepudiation 84</p> <p>Summary 85</p> <p><b>Domain 3: Cloud Platform and Infrastructure Security 87</b></p> <p>Comprehend Cloud Infrastructure Components 88</p> <p>Physical Environment 88</p> <p>Network and Communications 89</p> <p>Compute 90</p> <p>Virtualization 91</p> <p>Storage 93</p> <p>Management Plane 93</p> <p>Design a Secure Data Center 95</p> <p>Logical Design 95</p> <p>Physical Design 97</p> <p>Environmental Design 98</p> <p>Analyze Risks Associated with Cloud Infrastructure 99</p> <p>Risk Assessment and Analysis 100</p> <p>Cloud Vulnerabilities, Threats, and Attacks 101</p> <p>Virtualization Risks 101</p> <p>Countermeasure Strategies 102</p> <p>Design and Plan Security Controls 102</p> <p>Physical and Environmental Protection 103</p> <p>System and Communication Protection 103</p> <p>Virtualization Systems Protection 104</p> <p>Identification, Authentication, and Authorization in Cloud Infrastructure 105</p> <p>Audit Mechanisms 106</p> <p>Plan Disaster Recovery and Business Continuity 107</p> <p>Risks Related to the Cloud Environment 108</p> <p>Business Requirements 109</p> <p>Business Continuity/Disaster Recovery Strategy 111</p> <p>Creation, Implementation, and Testing of Plan 112</p> <p>Summary 116</p> <p><b>Domain 4: Cloud Application Security 117</b></p> <p>Advocate Training and Awareness for Application Security 117</p> <p>Cloud Development Basics 118</p> <p>Common Pitfalls 118</p> <p>Common Cloud Vulnerabilities 119</p> <p>Describe the Secure Software Development Lifecycle Process 120</p> <p>NIST Secure Software Development Framework 120</p> <p>OWASP Software Assurance Security Model 121</p> <p>Business Requirements 121</p> <p>Phases and Methodologies 122</p> <p>Apply the Secure Software Development Lifecycle 123</p> <p>Avoid Common Vulnerabilities During Development 123</p> <p>Cloud-Specific Risks 124</p> <p>Quality Assurance 127</p> <p>Threat Modeling 127</p> <p>Software Configuration Management and Versioning 128</p> <p>Apply Cloud Software Assurance and Validation 129</p> <p>Functional Testing 130</p> <p>Security Testing Methodologies 131</p> <p>Use Verified Secure Software 132</p> <p>Approved Application Programming Interfaces 132</p> <p>Supply-Chain Management 133</p> <p>Third-Party Software Management 134</p> <p>Validated Open Source Software 134</p> <p>Comprehend the Specifics of Cloud Application Architecture 135</p> <p>Supplemental Security Components 136</p> <p>Cryptography 138</p> <p>Sandboxing 139</p> <p>Application Virtualization and Orchestration 139</p> <p>Design Appropriate Identity and Access Management Solutions 140</p> <p>Federated Identity 140</p> <p>Identity Providers 141</p> <p>Single Sign-On 141</p> <p>Multifactor Authentication 142</p> <p>Cloud Access Security Broker 142</p> <p>Summary 143</p> <p><b>Domain 5: Cloud Security Operations 145</b></p> <p>Implement and Build Physical and Logical Infrastructure for Cloud Environment 145</p> <p>Hardware-Specific Security Configuration Requirements 146</p> <p>Installation and Configuration of Virtualization Management Tools 149</p> <p>Virtual Hardware–Specific Security Configuration Requirements 150</p> <p>Installation of Guest Operating System Virtualization Toolsets 152</p> <p>Operate Physical and Logical Infrastructure for Cloud Environment 152</p> <p>Configure Access Control for Local and Remote Access 153</p> <p>Secure Network Configuration 155</p> <p>Operating System Hardening through the Application of Baselines 160</p> <p>Availability of Stand-Alone Hosts 162</p> <p>Availability of Clustered Hosts 162</p> <p>Availability of Guest Operating Systems 165</p> <p>Manage Physical and Logical Infrastructure for Cloud Environment 166</p> <p>Access Controls for Remote Access 166</p> <p>Operating System Baseline Compliance Monitoring and Remediation 168</p> <p>Patch Management 169</p> <p>Performance and Capacity Monitoring 172</p> <p>Hardware Monitoring 173</p> <p>Configuration of Host and Guest Operating System Backup</p> <p>and Restore Functions 174</p> <p>Network Security Controls 175</p> <p>Management Plane 179</p> <p>Implement Operational Controls and Standards 180</p> <p>Change Management 180</p> <p>Continuity Management 182</p> <p>Information Security Management 184</p> <p>Continual Service Improvement Management 185</p> <p>Incident Management 186</p> <p>Problem Management 189</p> <p>Release Management 190</p> <p>Deployment Management 191</p> <p>Configuration Management 192</p> <p>Service Level Management 194</p> <p>Availability Management 195</p> <p>Capacity Management 196</p> <p>Support Digital Forensics 197</p> <p>Forensic Data Collection Methodologies 197</p> <p>Evidence Management 200</p> <p>Collect, Acquire, and Preserve Digital Evidence 201</p> <p>Manage Communication with Relevant Parties 204</p> <p>Vendors 205</p> <p>Customers 206</p> <p>Shared Responsibility Model 206</p> <p>Partners 208</p> <p>Regulators 208</p> <p>Other Stakeholders 209</p> <p>Manage Security Operations 210</p> <p>Security Operations Center 210</p> <p>Monitoring of Security Controls 215</p> <p>Log Capture and Analysis 217</p> <p>Incident Management 220</p> <p>Summary 226</p> <p><b>Domain 6: Legal, Risk, and Compliance 227</b></p> <p>Articulating Legal Requirements and Unique Risks Within the Cloud Environment 227</p> <p>Conflicting International Legislation 228</p> <p>Evaluation of Legal Risks Specific to Cloud Computing 229</p> <p>Legal Frameworks and Guidelines That Affect Cloud Computing 229</p> <p>Forensics and eDiscovery in the Cloud 236</p> <p>Understanding Privacy Issues 238</p> <p>Difference between Contractual and Regulated Private Data 239</p> <p>Country-Specific Legislation Related to Private Data 242</p> <p>Jurisdictional Differences in Data Privacy 247</p> <p>Standard Privacy Requirements 248</p> <p>Understanding Audit Process, Methodologies, and Required Adaptations for a Cloud Environment 250</p> <p>Internal and External Audit Controls 251</p> <p>Impact of Audit Requirements 251</p> <p>Identity Assurance Challenges of Virtualization and Cloud 252</p> <p>Types of Audit Reports 252</p> <p>Restrictions of Audit Scope Statements 255</p> <p>Gap Analysis 256</p> <p>Audit Planning 257</p> <p>Internal Information Security Management Systems 258</p> <p>Internal Information Security Controls System 259</p> <p>Policies 260</p> <p>Identification and Involvement of Relevant Stakeholders 262</p> <p>Specialized Compliance Requirements for Highly Regulated Industries 264</p> <p>Impact of Distributed Information Technology Models 264</p> <p>Understand Implications of Cloud to Enterprise Risk Management 266</p> <p>Assess Providers Risk Management Programs 266</p> <p>Differences Between Data Owner/Controller vs. Data Custodian/Processor 268</p> <p>Regulatory Transparency Requirements 269</p> <p>Risk Treatment 270</p> <p>Risk Frameworks 270</p> <p>Metrics for Risk Management 272</p> <p>Assessment of Risk Environment 273</p> <p>Understanding Outsourcing and Cloud Contract Design 276</p> <p>Business Requirements 277</p> <p>Vendor Management 278</p> <p>Contract Management 279</p> <p>Supply Chain Management 281</p> <p>Summary 282</p> <p>Index 283</p>
<p><b>(ISC)²</b> is an international, nonprofit membership association for information security leaders like you. (ISC)² is committed to helping their members learn, grow and thrive. More than 150,000 certified members strong, (ISC)² empowers professionals who touch every aspect of information security.</p>
<p>"In an era of increasing reliance on telework for business operations, the interest in and need for cloud computing security has never been greater. The CCSP CBK is the ultimate reference guide for those committed to protecting critical data assets in virtual environments."<br />–<b>Clar Rosso, CEO of (ISC)<sup>2</sup></b></p> <p><b>The only official body of knowledge for CCSP—the most popular cloud security credential—fully revised and updated.</b></p> <p>Certified Cloud Security Professional (CCSP) certification validates the advanced technical skills needed to design, manage, and secure data, applications, and infrastructure in the cloud. This highly sought-after global credential has been updated with revised objectives. The new third edition of <i>The Official (ISC)<sup>2®</sup> CCSP<sub>®</sub> CBK<sup>®</sup> Reference</i> is the authoritative, vendor-neutral common body of knowledge for cloud security professionals.</p> <p>This comprehensive resource provides cloud security professionals with an indispensable working reference to each of the six CCSP domains: Cloud Concepts, Architecture, and Design; Cloud Data Security; Cloud Platform and Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk, and Compliance. Detailed, in-depth chapters contain the accurate information required to prepare for and achieve CCSP certification. Every essential area of cloud security is covered, including implementation, architecture, operations, controls, and immediate and long-term responses.</p> <p><i>The Official (ISC)<sup>2</sup> CCSP CBK Reference</i> is a vital ongoing resource for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration.</p>

Diese Produkte könnten Sie auch interessieren:

MDX Solutions
MDX Solutions
von: George Spofford, Sivakumar Harinath, Christopher Webb, Dylan Hai Huang, Francesco Civardi
PDF ebook
53,99 €
Concept Data Analysis
Concept Data Analysis
von: Claudio Carpineto, Giovanni Romano
PDF ebook
99,99 €
Handbook of Virtual Humans
Handbook of Virtual Humans
von: Nadia Magnenat-Thalmann, Daniel Thalmann
PDF ebook
136,99 €