CCSP Certified Cloud Security Professional All-in-One Exam Guide, Third Edition
480CCSP Certified Cloud Security Professional All-in-One Exam Guide, Third Edition
480Paperback(3rd ed.)
-
PICK UP IN STORECheck Availability at Nearby Stores
Available within 2 business hours
Related collections and offers
Overview
Thoroughly revised for the 2022 edition of the exam, this highly effective test preparation guide covers all six domains within the CCSP Body of Knowledge. The book offers clear explanations of every subject on the CCSP exam and features accurate practice questions and real-world examples. New, updated, or expanded coverage includes cloud data security, DevOps security, mobile computing, threat modeling paradigms, regulatory and legal frameworks, and best practices and standards.
Written by a respected computer security expert, CCSP Certified Cloud Security Professional All-in-One Exam Guide, Third Edition is both a powerful study tool and a valuable reference that will serve professionals long after the test. To aid in self-study, each chapter includes exam tips that highlight key information, a summary that serves as a quick review of salient points, and practice questions that allow you to test your comprehension. Special design elements throughout provide insight and call out potentially harmful situations.
- All practice questions match the tone, content, and format of those on the actual exam
- Includes access to 300 practice questions in the TotalTester™ Online customizable test engine
- Written by an IT security expert and experienced author
Product Details
ISBN-13: | 9781264842209 |
---|---|
Publisher: | McGraw Hill LLC |
Publication date: | 11/18/2022 |
Edition description: | 3rd ed. |
Pages: | 480 |
Sales rank: | 622,298 |
Product dimensions: | 7.30(w) x 9.00(h) x 1.20(d) |
About the Author
Table of Contents
Acknowledgments xvii
Introduction xix
Chapter 1 How to Obtain the CCSP and Introduction to Security 1
Why Get Certified? 1
How to Get Certified 2
CCSP Domains 3
Domain 1 Cloud Concepts, Architecture, and Design 3
Domain 2 Cloud Data Security 5
Domain 3 Cloud Platform and Infrastructure Security 6
Domain 4 Cloud Application Security 7
Domain 5 Cloud Security Operations 8
Domain 6 Legal, Risk, and Compliance 10
Introduction to IT Security 11
Basic Security Concepts 11
Risk Management 15
Business Continuity and Disaster Recovery 16
Chapter Review 16
Chapter 2 Cloud Concepts, Architecture, and Design 17
Understand Cloud Computing Concepts 18
Cloud Computing Definitions 18
Cloud Computing Roles 19
Key Cloud Computing Characteristics 20
Building-Block Technologies 23
Describe a Cloud Reference Architecture 23
Cloud Computing Activities 23
Cloud Service Capabilities 24
Cloud Service Categories 25
Cloud Deployment Models 30
Cloud Shared Considerations 34
Impact of Related Technologies 38
Understand Security Concepts Relevant to Cloud Computing 43
Cryptography 43
Identity and Access Control 45
Data and Media Sanitation 48
Network Security 50
Virtualization Security 52
Common Threats 54
Security Hygiene 58
Understand Design Principles of Secure Cloud Computing 58
Cloud Secure Data Lifecycle 58
Cloud-Based Business Continuity/Disaster Recovery Planning 59
Business Impact Analysis 61
Functional Security Requirements 62
Security Considerations for the Different Cloud Categories 63
Cloud Design Patterns 67
DevOps Security 71
Evaluate Cloud Service Providers 71
Verification Against Criteria 71
System/Subsystem Product Certifications 76
Exercise 78
Chapter Review 78
Questions 78
Questions and Answers 82
Chapter 3 Cloud Data Security 89
Describe Cloud Data Concepts 89
Cloud Data Lifecycle Phases 89
Data Dispersion 92
Data Flows 93
Design and Implement Cloud Data Storage Architectures 93
Storage Types 94
Threats to Storage Types 96
Design and Apply Data Security Technologies and Strategies 96
Encryption 97
Hashing 98
Key Management 99
Tokenization 100
Data Loss Prevention 101
Data De-Identification 102
Application of Technologies 103
Emerging Technologies 104
Implement Data Discovery 105
Structured Data 107
Unstructured Data 107
Privacy Roles and Responsibilities 107
Implementation of Data Discovery 107
Classification of Discovered Sensitive Data 108
Mapping and Definition of Controls 108
Application of Defined Controls 109
Implement Data Classification 110
Mapping 110
Labeling 111
Sensitive Data 111
Design and Implement Information Rights Management (IRM) 112
Data Rights Objectives 112
Tools 113
Plan and Implement Data Retention, Deletion, and Archiving Policies 114
Data Retention Policies 114
Data Deletion Procedures and Mechanisms 115
Data Archiving Procedures and Mechanisms 115
Legal Hold 118
Design and Implement Auditability, Traceability, and Accountability of Data Events 118
Definition of Event Sources 118
Identity Attribution Requirements 120
Data Event Logging 122
Storage and Analysis of Data Events 123
Continuous Optimizations 126
Chain of Custody and Nonrepudiation 127
Exercise 127
Chapter Review 128
Questions 128
Questions and Answers 131
Chapter 4 Cloud Platform and Infrastructure Security 137
Comprehend Cloud Infrastructure and Platform Components 137
Physical Hardware and Environment 137
Networking 139
Computing 140
Storage 141
Virtualization 142
Management Plane 143
Design a Secure Data Center 144
Logical Design 144
Physical Design 146
Environmental Design 148
Design Resilient 149
Analyze Risks Associated with Cloud Infrastructure and Platforms 150
Risk Assessment and Analysis 151
Virtualization Risks 152
Risk Mitigation Strategies 153
Plan and Implementation of Security Controls 153
Physical and Environmental Protection 154
System, Storage, and Communication Protection 155
Virtualization Systems Protection 155
Identification, Authentication, and Authorization in a Cloud Infrastructure 157
Audit Mechanisms 159
Plan Business Continuity (BC) and Disaster Recovery (DR) 162
Understanding the Cloud Environment 162
Understanding Business Requirements 163
Understanding Risks 164
Disaster Recovery/Business Continuity Strategy 165
Exercise 169
Chapter Review 169
Questions 170
Questions and Answers 173
Chapter 5 Cloud Application Security 179
Advocate Training and Awareness for Application Security 179
Cloud Development Basics 180
Common Pitfalls 180
Common Cloud Vulnerabilities 182
Describe the Secure Software Development Lifecycle (SDLC) Process 189
Business Requirements 189
Phases 189
Methodologies 191
Apply the Secure Software Development Lifecycle 192
Cloud-Specific Risks 192
Threat Modeling 194
Secure Coding 197
Software Configuration Management and Versioning 198
Apply Cloud Software Assurance and Validation 199
Cloud-Based Functional Testing 199
Cloud Secure Development Lifecycle (CSDLC) 199
Security Testing 200
Quality of Service 201
Use Verified Secure Software 202
Approved API 202
Supply Chain Management 202
Community Knowledge 203
Comprehend the Specifics of Cloud Application Architecture 203
Supplemental Security Devices 204
Cryptography 206
Sandboxing 206
Application Virtualization 207
Design Appropriate Identity and Access Management (IAM) Solutions 208
Federated Identity 208
Identity Providers 210
Single Sign-On 210
Multifactor Authentication 211
Cloud Access Security Broker 211
Exercise 212
Chapter Review 212
Questions 212
Questions and Answers 214
Chapter 6 Cloud Security Operations 221
Implement and Build the Physical and Logical Infrastructure for the Cloud Environment 221
Hardware-Specific Security Configuration Requirements 221
Installation and Configuration of Management Tools 222
Virtual Hardware Specific Security Configuration Requirements 223
Installation of Guest Operating System Virtualization Toolsets 228
Operate the Physical and Logical Infrastructure for the Cloud Environment 228
Access Controls for Local and Remote Access 228
Secure Network Configuration 231
Network Security Controls 235
OS Hardening via Application of Baselines 239
Patch Management 241
Infrastructure as Code Strategy 243
Availability of Standalone Hosts 243
Availability of Clustered Hosts 244
Availability of the Guest Operating System 245
Performance Monitoring 246
Hardware Monitoring 246
Backup and Restore Functions 247
Management Plane 247
Implement Operational Controls and Standards 249
Change Management 249
Continuity Management 251
Information Security Management 251
Continual Service Improvement Management 252
Incident Management 252
Problem Management 252
Release and Deployment Management 253
Configuration Management 253
Service Level Management 254
Availability Management 254
Capacity Management 254
Support Digital Forensics 255
Forensic Data Collection Methodologies 255
Evidence Management 256
Manage Communication with Relevant Parties 257
Vendors 257
Customers 257
Partners 258
Regulators 258
Other Stakeholders 258
Manage Security Operations 258
Security Operations Center 258
Monitoring of Security Controls 259
Log Capture and Analysis 259
Exercise 261
Chapter Review 261
Questions 261
Questions and Answers 263
Chapter 7 Legal, Risk, and Compliance 269
Articulate Legal Requirements and Unique Risks Within the Cloud Environment 269
Conflicting International Legislation 269
Evaluation of Legal Risks Specific to Cloud Computing 270
Legal Framework and Guidelines 270
eDiscovery 271
Forensics Requirements 275
Understand Privacy Issues 276
Difference Between Contractual and Regulated Personally Identifiable Information 276
Country-Specific Legislation Related to PII and Data Privacy 277
Differences Among Confidentiality, Integrity, Availability, and Privacy 279
Standard Privacy Requirements 282
Privacy Impact Assessments 284
Understand Audit Processes, Methodologies, and Required Adaptations for a Cloud Environment 284
Internal and External Audit Controls 284
Impact of Audit Requirements 285
Identify Assurance Challenges of Virtualization and Cloud 285
Types of Audit Reports 286
Restrictions of Audit Scope Statements 289
Gap Analysis 291
Audit Planning 291
Internal Information Security Management System 296
Internal Information Security Controls System 297
Policies 298
Identification and Involvement of Relevant Stakeholders 298
Specialized Compliance Requirements for Highly Regulated Industries 299
Impact of Distributed IT Model 301
Understand Implications of Cloud to Enterprise Risk Management 302
Assess Provider's Risk Management 302
Difference Between Data Owner/Controller vs. Data Custodian/Processor 302
Risk Treatment 303
Different Risk Frameworks 307
Metrics for Risk Management 308
Assessment of the Risk Environment 309
Understand Outsourcing and Cloud Contract Design 309
Business Requirements 309
Vendor Management 310
Contract Management 312
Executive Vendor Management 314
Supply Chain Management 314
Exercise 315
Chaptet Review 315
Questions 315
Questions and Answers 318
Appendix A Exam Review Questions 323
Questions 323
Quick Answers 343
Questions and Comprehensive Answer Explanations 344
Appendix B About the Online Content 423
System Requirements 423
Your Total Seminars Training Hub Account 423
Privacy Notice 423
Single User License Terms and Conditions 423
TotalTester Online 425
Technical Support 425
Glossary 427
Index 443