Normal view MARC view ISBD view

Ccsp (isc)2 certified cloud security professional official study guide / Ben Malisow.

By: Malisow, Ben [author.]

Language: English Publisher: Indianapolis : John Wiley and Sons, 2019Description: 1 online resourceContent type: text Media type: computer Carrier type: online resourceISBN: 9781119603375Genre/Form: Electronic books.Online resources: Full text available at Wiley Online Library Click here to view.

Contents:

Table of contents Introduction xxi Assessment Test xxviii Chapter 1 Architectural Concepts 1 Cloud Characteristics 2 Business Requirements 4 Existing State 5 Quantifying Benefits and Opportunity Cost 6 Intended Impact 8 Cloud Evolution, Vernacular, and Models 9 New Technology, New Options 9 Cloud Computing Service Models 10 Cloud Deployment Models 12 Cloud Computing Roles and Responsibilities 13 Cloud Computing Definitions 14 Foundational Concepts of Cloud Computing 16 Sensitive Data 16 Virtualization 16 Encryption 16 Auditing and Compliance 17 Cloud Service Provider Contracts 17 Related and Emerging Technologies 18 Summary 19 Exam Essentials 19 Written Labs 20 Review Questions 21 Chapter 2 Design Requirements 25 Business Requirements Analysis 26 Inventory of Assets 26 Valuation of Assets 27 Determination of Criticality 27 Risk Appetite 29 Security Considerations for Different Cloud Categories 31 IaaS Considerations 32 PaaS Considerations 32 SaaS Considerations 32 General Considerations 33 Design Principles for Protecting Sensitive Data 33 Hardening Devices 33 Encryption 35 Layered Defenses 35 Summary 36 Exam Essentials 37 Written Labs 37 Review Questions 38 Chapter 3 Data Classification 43 Data Inventory and Discovery 45 Data Ownership 45 The Data Lifecycle 46 Data Discovery Methods 50 Jurisdictional Requirements 51 Information Rights Management (IRM) 53 Intellectual Property Protections 53 IRM Tool Traits 57 Data Control 59 Data Retention 60 Data Audit 61 Data Destruction/Disposal 63 Summary 65 Exam Essentials 65 Written Labs 66 Review Questions 67 Chapter 4 Cloud Data Security 71 Cloud Data Lifecycle 73 Create 74 Store 75 Use 75 Share 75 Archive 76 Destroy 77 Cloud Storage Architectures 78 Volume Storage: File-Based Storage and Block Storage 78 Object-Based Storage 78 Databases 79 Content Delivery Network (CDN) 79 Cloud Data Security Foundational Strategies 79 Encryption 79 Masking, Obfuscation, Anonymization, and Tokenization 81 Security Information and Event Management 84 Egress Monitoring (DLP) 85 Summary 86 Exam Essentials 86 Written Labs 87 Review Questions 88 Chapter 5 Security in the Cloud 93 Shared Cloud Platform Risks and Responsibilities 95 Cloud Computing Risks by Deployment Model 97 Private Cloud 98 Community Cloud 98 Public Cloud 100 Hybrid Cloud 104 Cloud Computing Risks by Service Model 104 Infrastructure as a Service (IaaS) 104 Platform as a Service (PaaS) 105 Software as a Service (SaaS) 106 Virtualization 106 Threats 107 Countermeasure Methodology 109 Disaster Recovery (DR) and Business Continuity (BC) 112 Cloud-Specific BIA Concerns 112 Customer/Provider Shared BC/DR Responsibilities 113 Summary 116 Exam Essentials 116 Written Labs 117 Review Questions 118 Chapter 6 Responsibilities in the Cloud 123 Foundations of Managed Services 126 Business Requirements 127 Business Requirements: The Cloud Provider Perspective 127 Shared Responsibilities by Service Type 133 IaaS 133 PaaS 133 SaaS 133 Shared Administration of OS, Middleware, or Applications 134 Operating System Baseline Configuration and Management 134 Shared Responsibilities: Data Access 136 Customer Directly Administers Access 137 Provider Administers Access on Behalf of the Customer 137 Third-Party (CASB) Administers Access on Behalf of the Customer 137 Lack of Physical Access 137 Audits 138 Shared Policy 142 Shared Monitoring and Testing 142 Summary 143 Exam Essentials 143 Written Labs 144 Review Questions 145 Chapter 7 Cloud Application Security 149 Training and Awareness 151 Common Cloud Application Deployment Pitfalls 154 Cloud-Secure Software Development Lifecycle (SDLC) 156 Configuration Management for the SDLC 157 ISO/IEC 27034-1 Standards for Secure Application Development 158 Identity and Access Management (IAM) 159 Identity Repositories and Directory Services 160 Single Sign-On (SSO) 161 Federated Identity Management 161 Federation Standards 162 Multifactor Authentication 162 Supplemental Security Components 163 Cloud Application Architecture 164 Application Programming Interfaces 164 Tenancy Separation 165 Cryptography 165 Sandboxing 166 Application Virtualization 167 Cloud Application Assurance and Validation 167 Threat Modeling 167 Quality of Service 169 Software Security Testing 170 Approved APIs 172 Software Supply Chain (API) Management 172 Securing Open-Source Software 172 Application Orchestration 173 The Secure Network Environment 174 Summary 175 Exam Essentials 175 Written Labs 176 Review Questions 177 Chapter 8 Operations Elements 181 Physical/Logical Operations 183 Facilities and Redundancy 184 Virtualization Operations 194 Storage Operations 196 Physical and Logical Isolation 199 Application Testing Methods 200 Security Operations Center 201 Continuous Monitoring 201 Incident Management 202 Summary 203 Exam Essentials 204 Written Labs 204 Review Questions 205 Chapter 9 Operations Management 209 Monitoring, Capacity, and Maintenance 211 Monitoring 211 Maintenance 213 Change and Configuration Management (CM) 217 Baselines 218 Deviations and Exceptions 218 Roles and Process 219 Release Management 221 IT Service Management and Continual Service Improvement 222 Business Continuity and Disaster Recovery (BC/DR) 223 Primary Focus 224 Continuity of Operations 225 The BC/DR Plan 225 The BC/DR Kit 227 Relocation 228 Power 229 Testing 230 Summary 231 Exam Essentials 231 Written Labs 232 Review Questions 233 Chapter 10 Legal and Compliance Part 1 237 Legal Requirements and Unique Risks in the Cloud Environment 239 Legal Concepts 239 US Laws 242 International Laws 246 Laws, Frameworks, and Standards Around the World 246 Information Security Management Systems (ISMSs) 252 The Difference between Laws, Regulations, and Standards 254 Potential Personal and Data Privacy Issues in the Cloud Environment 254 eDiscovery 255 Forensic Requirements 256 Conflicting International Legislation 256 Cloud Forensic Challenges 257 Direct and Indirect Identifiers 258 Forensic Data Collection Methodologies 258 Audit Processes, Methodologies, and Cloud Adaptations 259 Virtualization 259 Scope 259 Gap Analysis 260 Restrictions of Audit Scope Statements 260 Policies 261 Different Types of Audit Reports 261 Auditor Independence 262 AICPA Reports and Standards 262 Summary 263 Exam Essentials 264 Written Labs 264 Review Questions 265 Chapter 11 Legal and Compliance Part 2 269 The Impact of Diverse Geographical Locations and Legal Jurisdictions 271 Policies 272 Implications of the Cloud for Enterprise Risk Management 276 Choices Involved in Managing Risk 276 Risk Management Frameworks 279 Risk Management Metrics 281 Contracts and Service-Level Agreements (SLAs) 281 Business Requirements 284 Cloud Contract Design and Management for Outsourcing 284 Identifying Appropriate Supply Chain and Vendor Management Processes 285 Common Criteria Assurance Framework (ISO/IEC 15408-1:2009) 285 CSA Security, Trust, and Assurance Registry (STAR) 286 Supply Chain Risk 287 Manage Communication with Relevant Parties 288 Summary 289 Exam Essentials 289 Written Labs 289 Review Questions 290 Appendix A Answers to Written Labs 295 Chapter 1: Architectural Concepts 296 Chapter 2: Design Requirements 296 Chapter 3: Data Classification 297 Chapter 4: Cloud Data Security 298 Chapter 5: Security in the Cloud 299 Chapter 6: Responsibilities in the Cloud 299 Chapter 7: Cloud Application Security 300 Chapter 8: Operations Elements 300 Chapter 9: Operations Management 301 Chapter 10: Legal and Compliance Part 1 302 Chapter 11: Legal and Compliance Part 2 302 Appendix B Answers to Review Questions 303 Chapter 1: Architectural Concepts 304 Chapter 2: Design Requirements 305 Chapter 3: Data Classification 307 Chapter 4: Cloud Data Security 308 Chapter 5: Security in the Cloud 310 Chapter 6: Responsibilities in the Cloud 311 Chapter 7: Cloud Application Security 313 Chapter 8: Operations Elements 314 Chapter 9: Operations Management 316 Chapter 10: Legal and Compliance Part 1 317 Chapter 11: Legal and Compliance Part 2 319 Index 321

Summary: The only official study guide for the new CCSP exam (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way. The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond. Review 100% of all CCSP exam objectives Practice applying essential concepts and skills Access the industry-leading online study tool set Test your knowledge with bonus practice exams and more As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.

Tags from this library: No tags from this library for this title. Log in to add tags.

Average rating: 0.0 (0 votes)

Holdings ( 1 )
Title notes
Comments ( 0 )

Item type	Current location	Home library	Call number	Status	Date due	Barcode	Item holds
EBOOK	COLLEGE LIBRARY	COLLEGE LIBRARY	004.6782 M2956 2019 (Browse shelf)	Available		CL-52886

Total holds: 0

Browsing COLLEGE LIBRARY Shelves Close shelf browser

Previous								Next
Previous	004.6782 In812 2021 Integration of cloud computing with Internet of things : foundations, analytics and applications /	004.6782 J799 2012 Cloud computing : automating the virtualized data center /	004.6782 M181 2021 Cloud technologies : an overview of cloud computing technologies for managers /	004.6782 M2956 2019 Ccsp (isc)2 certified cloud security professional official study guide /	004.6782 M2956 2020 Ccsp official (isc)2 practice tests /	004.6782 R315 2020 CompTIA cloud essentials+ study guide : exam CLO-002 /	004.6782 Sa943 2020 Microsoft Azure infrastructure services for architects : designing cloud solutions /	Next

Includes index.

Ben Malisow, CCSP, CISSP, SSCP, CISM, Security+, has worked with INFOSEC and education for more than 20 years. He has taught computer classes to students from grade 6 through university level and crafted and delivered the CISSP prep course (among others) for Carnegie-Mellon University's CERT/SEU. In addition, Malisow built and ran DARPA's internal INFOSEC training program, was the ISSM for the FBI's most-classified counterterror intelligence-sharing network and was a security architect for TSA. He also teaches exam prep courses for (ISC)2. You can find more of his writings at his blog: securityzed.com.

Table of contents

Introduction xxi

Assessment Test xxviii

Chapter 1 Architectural Concepts 1

Cloud Characteristics 2

Business Requirements 4

Existing State 5

Quantifying Benefits and Opportunity Cost 6

Intended Impact 8

Cloud Evolution, Vernacular, and Models 9

New Technology, New Options 9

Cloud Computing Service Models 10

Cloud Deployment Models 12

Cloud Computing Roles and Responsibilities 13

Cloud Computing Definitions 14

Foundational Concepts of Cloud Computing 16

Sensitive Data 16

Virtualization 16

Encryption 16

Auditing and Compliance 17

Cloud Service Provider Contracts 17

Related and Emerging Technologies 18

Summary 19

Exam Essentials 19

Written Labs 20

Review Questions 21

Chapter 2 Design Requirements 25

Business Requirements Analysis 26

Inventory of Assets 26

Valuation of Assets 27

Determination of Criticality 27

Risk Appetite 29

Security Considerations for Different Cloud Categories 31

IaaS Considerations 32

PaaS Considerations 32

SaaS Considerations 32

General Considerations 33

Design Principles for Protecting Sensitive Data 33

Hardening Devices 33

Encryption 35

Layered Defenses 35

Summary 36

Exam Essentials 37

Written Labs 37

Review Questions 38

Chapter 3 Data Classification 43

Data Inventory and Discovery 45

Data Ownership 45

The Data Lifecycle 46

Data Discovery Methods 50

Jurisdictional Requirements 51

Information Rights Management (IRM) 53

Intellectual Property Protections 53

IRM Tool Traits 57

Data Control 59

Data Retention 60

Data Audit 61

Data Destruction/Disposal 63

Summary 65

Exam Essentials 65

Written Labs 66

Review Questions 67

Chapter 4 Cloud Data Security 71

Cloud Data Lifecycle 73

Create 74

Store 75

Use 75

Share 75

Archive 76

Destroy 77

Cloud Storage Architectures 78

Volume Storage: File-Based Storage and Block Storage 78

Object-Based Storage 78

Databases 79

Content Delivery Network (CDN) 79

Cloud Data Security Foundational Strategies 79

Encryption 79

Masking, Obfuscation, Anonymization, and Tokenization 81

Security Information and Event Management 84

Egress Monitoring (DLP) 85

Summary 86

Exam Essentials 86

Written Labs 87

Review Questions 88

Chapter 5 Security in the Cloud 93

Shared Cloud Platform Risks and Responsibilities 95

Cloud Computing Risks by Deployment Model 97

Private Cloud 98

Community Cloud 98

Public Cloud 100

Hybrid Cloud 104

Cloud Computing Risks by Service Model 104

Infrastructure as a Service (IaaS) 104

Platform as a Service (PaaS) 105

Software as a Service (SaaS) 106

Virtualization 106

Threats 107

Countermeasure Methodology 109

Disaster Recovery (DR) and Business Continuity (BC) 112

Cloud-Specific BIA Concerns 112

Customer/Provider Shared BC/DR Responsibilities 113

Summary 116

Exam Essentials 116

Written Labs 117

Review Questions 118

Chapter 6 Responsibilities in the Cloud 123

Foundations of Managed Services 126

Business Requirements 127

Business Requirements: The Cloud Provider Perspective 127

Shared Responsibilities by Service Type 133

IaaS 133

PaaS 133

SaaS 133

Shared Administration of OS, Middleware, or Applications 134

Operating System Baseline Configuration and Management 134

Shared Responsibilities: Data Access 136

Customer Directly Administers Access 137

Provider Administers Access on Behalf of the Customer 137

Third-Party (CASB) Administers Access on Behalf of the Customer 137

Lack of Physical Access 137

Audits 138

Shared Policy 142

Shared Monitoring and Testing 142

Summary 143

Exam Essentials 143

Written Labs 144

Review Questions 145

Chapter 7 Cloud Application Security 149

Training and Awareness 151

Common Cloud Application Deployment Pitfalls 154

Cloud-Secure Software Development Lifecycle (SDLC) 156

Configuration Management for the SDLC 157

ISO/IEC 27034-1 Standards for Secure Application Development 158

Identity and Access Management (IAM) 159

Identity Repositories and Directory Services 160

Single Sign-On (SSO) 161

Federated Identity Management 161

Federation Standards 162

Multifactor Authentication 162

Supplemental Security Components 163

Cloud Application Architecture 164

Application Programming Interfaces 164

Tenancy Separation 165

Cryptography 165

Sandboxing 166

Application Virtualization 167

Cloud Application Assurance and Validation 167

Threat Modeling 167

Quality of Service 169

Software Security Testing 170

Approved APIs 172

Software Supply Chain (API) Management 172

Securing Open-Source Software 172

Application Orchestration 173

The Secure Network Environment 174

Summary 175

Exam Essentials 175

Written Labs 176

Review Questions 177

Chapter 8 Operations Elements 181

Physical/Logical Operations 183

Facilities and Redundancy 184

Virtualization Operations 194

Storage Operations 196

Physical and Logical Isolation 199

Application Testing Methods 200

Security Operations Center 201

Continuous Monitoring 201

Incident Management 202

Summary 203

Exam Essentials 204

Written Labs 204

Review Questions 205

Chapter 9 Operations Management 209

Monitoring, Capacity, and Maintenance 211

Monitoring 211

Maintenance 213

Change and Configuration Management (CM) 217

Baselines 218

Deviations and Exceptions 218

Roles and Process 219

Release Management 221

IT Service Management and Continual Service Improvement 222

Business Continuity and Disaster Recovery (BC/DR) 223

Primary Focus 224

Continuity of Operations 225

The BC/DR Plan 225

The BC/DR Kit 227

Relocation 228

Power 229

Testing 230

Summary 231

Exam Essentials 231

Written Labs 232

Review Questions 233

Chapter 10 Legal and Compliance Part 1 237

Legal Requirements and Unique Risks in the Cloud Environment 239

Legal Concepts 239

US Laws 242

International Laws 246

Laws, Frameworks, and Standards Around the World 246

Information Security Management Systems (ISMSs) 252

The Difference between Laws, Regulations, and Standards 254

Potential Personal and Data Privacy Issues in the Cloud Environment 254

eDiscovery 255

Forensic Requirements 256

Conflicting International Legislation 256

Cloud Forensic Challenges 257

Direct and Indirect Identifiers 258

Forensic Data Collection Methodologies 258

Audit Processes, Methodologies, and Cloud Adaptations 259

Virtualization 259

Scope 259

Gap Analysis 260

Restrictions of Audit Scope Statements 260

Policies 261

Different Types of Audit Reports 261

Auditor Independence 262

AICPA Reports and Standards 262

Summary 263

Exam Essentials 264

Written Labs 264

Review Questions 265

Chapter 11 Legal and Compliance Part 2 269

The Impact of Diverse Geographical Locations and Legal Jurisdictions 271

Policies 272

Implications of the Cloud for Enterprise Risk Management 276

Choices Involved in Managing Risk 276

Risk Management Frameworks 279

Risk Management Metrics 281

Contracts and Service-Level Agreements (SLAs) 281

Business Requirements 284

Cloud Contract Design and Management for Outsourcing 284

Identifying Appropriate Supply Chain and Vendor Management Processes 285

Common Criteria Assurance Framework (ISO/IEC 15408-1:2009) 285

CSA Security, Trust, and Assurance Registry (STAR) 286

Supply Chain Risk 287

Manage Communication with Relevant Parties 288

Summary 289

Exam Essentials 289

Written Labs 289

Review Questions 290

Appendix A Answers to Written Labs 295

Chapter 1: Architectural Concepts 296

Chapter 2: Design Requirements 296

Chapter 3: Data Classification 297

Chapter 4: Cloud Data Security 298

Chapter 5: Security in the Cloud 299

Chapter 6: Responsibilities in the Cloud 299

Chapter 7: Cloud Application Security 300

Chapter 8: Operations Elements 300

Chapter 9: Operations Management 301

Chapter 10: Legal and Compliance Part 1 302

Chapter 11: Legal and Compliance Part 2 302

Appendix B Answers to Review Questions 303

Chapter 1: Architectural Concepts 304

Chapter 2: Design Requirements 305

Chapter 3: Data Classification 307

Chapter 4: Cloud Data Security 308

Chapter 5: Security in the Cloud 310

Chapter 6: Responsibilities in the Cloud 311

Chapter 7: Cloud Application Security 313

Chapter 8: Operations Elements 314

Chapter 9: Operations Management 316

Chapter 10: Legal and Compliance Part 1 317

Chapter 11: Legal and Compliance Part 2 319

Index 321

The only official study guide for the new CCSP exam

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.

Review 100% of all CCSP exam objectives
Practice applying essential concepts and skills
Access the industry-leading online study tool set
Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.

There are no comments for this item.

to post a comment.