Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying The Official (ISC)2 Guide to the CCSP CBK
  • Table Of Contents Toc
The Official (ISC)2 Guide to the CCSP CBK

The Official (ISC)2 Guide to the CCSP CBK - Second Edition

By : Adam Gordon
close
close
The Official (ISC)2 Guide to the CCSP CBK

The Official (ISC)2 Guide to the CCSP CBK

By: Adam Gordon

Overview of this book

Globally recognized and backed by the Cloud Security Alliance (CSA) and the (ISC)2 the CCSP credential is the ideal way to match marketability and credibility to your cloud security skillset. The Official (ISC)2 Guide to the CCSPSM CBK second edition is your ticket for expert insight through the 6 CCSP domains. The book starts by focusing on building blocks of cloud-based systems and progresses to explaining concepts, principles, structures, and standards for designing, implementing, monitoring, and securing operating systems (OSs), equipment, networks, and applications. Next, you’ll cover cloud infrastructure components, existing threats, and mitigating and developing plans to deal with those threats. Moving ahead, you’ll ensure that the need for training and awareness in application security, the processes involved with cloud software assurance and validation, and the use of verified secure software are understood. Then, you’ll identify critical information and the execution of selected measures that eliminate adversary exploitation of critical information. In the end chapters, you’ll address ethical behavior and compliance with regulatory frameworks. By the end of this book, you’ll acquire the knowledge you'll need to implement strong information security programs in cloud computing.
Table of Contents (12 chapters)
close
close
close
Lock Free Chapter
1
Foreword
Icon
Foreword
2
Introduction
Icon
Introduction
Icon
Conventions
Icon
Note
3
Domain 1: Architectural Concepts and Design Requirements
Icon
Domain 1: Architectural Concepts and Design Requirements
Icon
Introduction
Icon
Cloud Computing Definitions
Icon
Cloud Computing Roles
Icon
Key Cloud Computing Characteristics
Icon
Cloud Transition Scenario
Icon
Building Blocks
Icon
Cloud Computing Functions
Icon
Cloud Service Categories
Icon
Cloud Deployment Models
Icon
Cloud Cross-Cutting Aspects
Icon
Network Security and Perimeter
Icon
Cryptography
Icon
IAM and Access Control
Icon
Data and Media Sanitization
Icon
Virtualization Security
Icon
Common Threats
Icon
Security Considerations for Different Cloud Categories
Icon
Open Web Application Security Project Top Ten Security Threats
Icon
Cloud Secure Data Lifecycle
Icon
Information and Data Governance Types
Icon
Business Continuity and Disaster Recovery Planning
Icon
Cost-Benefit Analysis
Icon
Certification Against Criteria
Icon
System and Subsystem Product Certification
Icon
Summary
Icon
Review Questions
Icon
Notes
4
Domain 2: Cloud Data Security
Icon
Domain 2: Cloud Data Security
Icon
Introduction
Icon
The Cloud Data Lifecycle Phases
Icon
Location and Access of Data
Icon
Functions, Actors, and Controls of the Data
Icon
Cloud Services, Products, and Solutions
Icon
Data Storage
Icon
Relevant Data Security Technologies
Icon
Application of Security Strategy Technologies
Icon
Emerging Technologies
Icon
Data Discovery
Icon
Data Classification
Icon
Data Privacy Acts
Icon
Typical Meanings for Common Privacy Terms
Icon
Privacy Roles for Customers and Service Providers
Icon
Responsibility Depending on the Type of Cloud Services
Icon
Implementation of Data Discovery
Icon
Classification of Discovered Sensitive Data
Icon
Mapping and Definition of Controls
Icon
Privacy Level Agreement
Icon
PLA Versus Essential P&DP Requirements Activity
Icon
Application of Defined Controls for PII
Icon
Data Rights Management Objectives
Icon
Data-Protection Policies
Icon
Events
Icon
Supporting Continuous Operations
Icon
Chain of Custody and Nonrepudiation
Icon
Summary
Icon
Review Questions
Icon
Notes
5
Domain 3: Cloud Platform and Infrastructure Security
Icon
Domain 3: Cloud Platform and Infrastructure Security
Icon
Introduction
Icon
Network and Communications in the Cloud
Icon
The Compute Parameters of a Cloud Server
Icon
Storage Issues in the Cloud
Icon
Management of Cloud Computing Risks
Icon
Countermeasure Strategies Across the Cloud
Icon
Physical and Environmental Protections
Icon
System and Communication Protections
Icon
Virtualization Systems Controls
Icon
Managing Identification, Authentication, and Authorization in the Cloud Infrastructure
Icon
Risk Audit Mechanisms
Icon
Understanding the Cloud Environment Related to BCDR
Icon
Understanding the Business Requirements Related to BCDR
Icon
Understanding the BCDR Risks
Icon
BCDR Strategies
Icon
Creating the BCDR Plan
Icon
Summary
Icon
Review Questions
Icon
Notes
6
Domain 4: Cloud Application Security
chevron up
Icon
Domain 4: Cloud Application Security
Icon
Introduction
Icon
Determining Data Sensitivity and Importance
Icon
Understanding the API Formats
Icon
Common Pitfalls of Cloud Security Application Deployment
Icon
Awareness of Encryption Dependencies
Icon
Understanding the Software Development Lifecycle Process for a Cloud Environment
Icon
Assessing Common Vulnerabilities
Icon
Cloud-Specific Risks
Icon
Threat Modeling
Icon
Identity and Access Management
Icon
Federated Identity Management
Icon
Multifactor Authentication
Icon
Supplemental Security Devices
Icon
Cryptography
Icon
Tokenization
Icon
Data Masking
Icon
Sandboxing
Icon
Application Virtualization
Icon
Cloud-Based Functional Data
Icon
Cloud-Secure Development Lifecycle
Icon
Application Security Testing
Icon
Summary
Icon
Review Questions
Icon
Notes
7
Domain 5: Operations
Icon
Domain 5: Operations
Icon
Introduction
Icon
Modern Data Centers and Cloud Service Offerings
Icon
Factors That Affect Data Center Design
Icon
Enterprise Operations
Icon
Secure Configuration of Hardware: Specific Requirements
Icon
Installation and Configuration of Virtualization Management Tools for the Host
Icon
Securing the Network Configuration
Icon
Identifying and Understanding Server Threats
Icon
Using Standalone Hosts
Icon
Using Clustered Hosts
Icon
Accounting for Dynamic Operation
Icon
Using Storage Clusters
Icon
Using Maintenance Mode
Icon
Providing HA on the Cloud
Icon
The Physical Infrastructure for Cloud Environments
Icon
Configuring Access Control for Remote Access
Icon
Performing Patch Management
Icon
Performance Monitoring
Icon
Backing Up and Restoring the Host Configuration
Icon
Implementing Network Security Controls: Defense in Depth
Icon
Developing a Management Plan
Icon
Building a Logical Infrastructure for Cloud Environments
Icon
Running a Logical Infrastructure for Cloud Environments
Icon
Managing the Logical Infrastructure for Cloud Environments
Icon
Implementation of Network Security Controls
Icon
Using an ITSM Solution
Icon
Considerations for Shadow IT
Icon
Operations Management
Icon
Managing Risk in Logical and Physical Infrastructures
Icon
The Risk-Management Process Overview
Icon
Understanding the Collection and Preservation of Digital Evidence
Icon
Managing Communications with Relevant Parties
Icon
Wrap-Up: Data Breach Example
Icon
Summary
Icon
Review Questions
Icon
Notes
8
Domain 6: Legal and Compliance
Icon
Domain 6: Legal and Compliance
Icon
Introduction
Icon
International Legislation Conflicts
Icon
Legislative Concepts
Icon
Frameworks and Guidelines Relevant to Cloud Computing
Icon
Common Legal Requirements
Icon
Legal Controls and Cloud Service Providers
Icon
e-Discovery
Icon
Cloud Forensics and ISO/IEC 27050-1
Icon
Protecting Personal Information in the Cloud
Icon
Auditing in the Cloud
Icon
Standard Privacy Requirements (ISO/IEC 27018)
Icon
GAPP
Icon
Internal ISMS
Icon
Implementing Policies
Icon
Identifying and Involving the Relevant Stakeholders
Icon
Impact of Distributed IT Models
Icon
Understanding the Implications of the Cloud to Enterprise Risk Management
Icon
Risk Mitigation
Icon
Understanding Outsourcing and Contract Design
Icon
Business Requirements
Icon
Vendor Management
Icon
Cloud Computing Certification
Icon
Contract Management
Icon
Supply Chain Management
Icon
Summary
Icon
Review Questions
Icon
Notes
9
EULA
Icon
EULA
1
Appendix A: Answers to Review Questions
Icon
Appendix A: Answers to Review Questions
Icon
Domain 1: Architectural Concepts and Design Requirements
Icon
Domain 2: Cloud Data Security
Icon
Domain 3: Cloud Platform and Infrastructure Security
Icon
Domain 4: Cloud Application Security
Icon
Domain 5: Operations
Icon
Domain 6: Legal and Compliance Issues
Icon
Notes
2
Appendix B: Glossary
Icon
Appendix B: Glossary
3
Appendix C: Helpful Resources and Links
Icon
Appendix C: Helpful Resources and Links

Threat Modeling

Threat modeling is performed once an application design is created. The goal of threat modeling is to determine any weaknesses in the application and the potential ingress, egress, and actors involved before the weakness is introduced to production. It is the overall attack surface that is amplified by the cloud, and the threat model has to take that into account. Quite often, this involves a security professional determining various ways to attack the system or connections or even performing social engineering against staff with access to the system. The CCSP should always remember that the nature of threats faced by a system changes over time. Because of the dynamic nature of a changing threat landscape, constant vigilance and monitoring are important aspects of overall system security in the cloud.

STRIDE Threat Model

STRIDE12 is a system for classifying known threats according to the kinds of exploits that are used or the motivation of the attacker. In the STRIDE...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
The Official (ISC)2 Guide to the CCSP CBK
End of Section 6
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon