(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide
eBook - ePub

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide

Ben Malisow

Buch teilen
  1. English
  2. ePUB (handyfreundlich)
  3. Über iOS und Android verfügbar
eBook - ePub

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide

Ben Malisow

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

The only official study guide for the new CCSP exam

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.

  • Review 100% of all CCSP exam objectives
  • Practice applying essential concepts and skills
  • Access the industry-leading online study tool set
  • Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide von Ben Malisow im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Computer Science & Cyber Security. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Sybex
Jahr
2019
ISBN
9781119603368
Auflage
2
Thema
Computer Science
Thema
Cyber Security

Chapter 1
Architectural Concepts

THE OBJECTIVE OF THIS CHAPTER IS TO ACQUAINT THE READER WITH THE FOLLOWING CONCEPTS:
  • Domain 1: Cloud Concepts, Architecture, and Design
    • 1.1. Understand Cloud Computing Concepts
      • 1.1.1. Cloud Computing Definitions
      • 1.1.2. Cloud Computing Roles
      • 1.1.3. Key Cloud Computing Characteristics
      • 1.1.4. Building Block Technologies
    • 1.2. Describe Cloud Reference Architecture
      • 1.2.1. Cloud Computing Activities
      • 1.2.2. Cloud Service Capabilities
      • 1.2.3. Cloud Service Categories
      • 1.2.4. Cloud Deployment Models
      • 1.2.5. Cloud Shared Considerations
      • 1.2.6. Impact of Related Technologies
    • 1.4. Understand Design Principles of Secure Cloud Computing
      • 1.4.3. Cost Benefit Analysis
      • 1.4.4. Functional Security Requirements
  • Domain 4: Cloud Application Security
    • 4.7. Design Appropriate Identity and Access Management (IAM) Solutions
      • 4.7.5. Cloud Access Security Broker (CASB)
  • Domain 5: Cloud Security Operations
    • 5.4. Implement Operational Controls and Standards
      • 5.4.10. Service Level Management
Image of Warning
This chapter is the foundation for all the other chapters in this study guide. You may find it useful to review this material before reading other chapters.
The CCSP is not a certification of basic computer skills or training; it is a professional certification for practitioners with some background in the field. (ISC)2 expects that those who want to earn this particular certification already have experience in the industry; have been employed in an InfoSec position in some professional capacity; and have a thorough understanding of many basic areas related to computers, security, business, risk, and networking. Many people taking the test already have other certifications that validate their knowledge and experience, such as the CISSP. Therefore, this book will not contain many of the basics that, while testable, you are already expected to know. If you aren’t coming from a CISSP background, it would be good to supplement your knowledge with CISSP-focused materials as well.
However, the CCSP Common Body of Knowledge (CBK) contains terminology and concepts that may be expressed in specific ways, to include perspectives and usages that may be unique to the CCSP and different from what you are used to dealing with in your current operations. This chapter is therefore intended as a guide, laying down the foundation for understanding the rest of the material and the CBK as a whole.

Cloud Characteristics

Cloud computing has come to mean many things, but the following characteristics have become part of the generally accepted definition:
  • Broad network access
  • On-demand self-service
  • Resource pooling
  • Rapid elasticity
  • Measured or “metered” service
These traits are expressed succinctly in the NIST definition of cloud computing.
NIST 800-145 Cloud Computing Definition
The official NIST definition of cloud computing says, “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
These characteristics are also similar to how cloud computing is defined in ISO 17788 (www.iso.org/iso/catalogue_detail?csnumber=60544).
You can expect to see mention of each of these throughout this book, the CBK, and the exam.
Broad network access means services are consistently accessible by standard means, such as the use of a web browser to access a Software as a Service (SaaS) application regardless of the user’s location or choice of computer OS, browser, and so on. This is generally accomplished with the use of such technologies as advanced routing techniques, load balancers, and multisite hosting, among others.
On-demand self-service refers to the model that allows customers to scale their compute and/or storage needs with little or no intervention from or prior communication with the provider. The services happen in real time.
Resource pooling is the characteristic that allows the cloud provider to meet various demands from customers while remaining financially viable. The cloud provider can make capital investments that greatly exceed what any single customer could provide on their own and can apportion these resources as needed so that the resources are not underutilized (which would mean a wasteful investment) or overtaxed (which would mean a decrease in level of service). This is often referred to as a multitenant environment; multiple customers share the same underlying hardware, software, and networking assets.
Rapid elasticity allows the customer to grow or shrink the IT footprint (number of users, number of machines, size of storage, and so on) as necessary to meet operational needs without excess capacity. In the cloud, this can be done in moments, as opposed to the traditional environment, where acquisition and deployment of resources (or dispensing old resources) can take weeks or months.
Finally, measured or metered service simply means that the customer is charged for only what they use and nothing more. This is much like how a water or power company might charge you each month for the services used (with perhaps a minimum monthly charge for maintaining the connection).
Rest assured—we will be going into more detail regarding all of these concepts in the chapters to come.
Image of Real World Scenario

Online Shopping
Think of retail demand during the pre-holiday crush toward the end of the year. The sheer volume of customers and transactions greatly exceeds all normal operations throughout the rest of the year. When this happens, retailers who offer online shopping can see great benefit from hosting their sales capability in the cloud. The cloud provider can apportion resources necessary to meet this increased demand and will charge for this increased usage at a negotiated rate, but when shopping drops off after the holiday, the retailers will not continue to be charged at the higher rate.

Business Requirements

The IT department is not a profit center; it provides a support function. This is even more accurate to describe the security department. Security activities actually hinder business efficiency (because, generally, the more secure something is, be it a device or a process, the less efficient it will be). This is why the business needs of the organization drive security decisions and not the other way around.
A successful organization will gather as much information about operational business requirements as possible; this information can be used for many purposes, including several functions in the security realm (I’ll touch on this throughout the book, but a few examples inclu...

Inhaltsverzeichnis