(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide
eBook - ePub

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide

Ben Malisow

Compartir libro
  1. English
  2. ePUB (apto para móviles)
  3. Disponible en iOS y Android
eBook - ePub

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide

Ben Malisow

Detalles del libro
Vista previa del libro
Índice
Citas

Información del libro

The only official study guide for the new CCSP exam

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.

  • Review 100% of all CCSP exam objectives
  • Practice applying essential concepts and skills
  • Access the industry-leading online study tool set
  • Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.

Preguntas frecuentes

¿Cómo cancelo mi suscripción?
Simplemente, dirígete a la sección ajustes de la cuenta y haz clic en «Cancelar suscripción». Así de sencillo. Después de cancelar tu suscripción, esta permanecerá activa el tiempo restante que hayas pagado. Obtén más información aquí.
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide un PDF/ePUB en línea?
Sí, puedes acceder a (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide de Ben Malisow en formato PDF o ePUB, así como a otros libros populares de Computer Science y Cyber Security. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.

Información

Editorial
Sybex
Año
2019
ISBN
9781119603368
Edición
2
Categoría
Computer Science
Categoría
Cyber Security

Chapter 1
Architectural Concepts

THE OBJECTIVE OF THIS CHAPTER IS TO ACQUAINT THE READER WITH THE FOLLOWING CONCEPTS:
  • Domain 1: Cloud Concepts, Architecture, and Design
    • 1.1. Understand Cloud Computing Concepts
      • 1.1.1. Cloud Computing Definitions
      • 1.1.2. Cloud Computing Roles
      • 1.1.3. Key Cloud Computing Characteristics
      • 1.1.4. Building Block Technologies
    • 1.2. Describe Cloud Reference Architecture
      • 1.2.1. Cloud Computing Activities
      • 1.2.2. Cloud Service Capabilities
      • 1.2.3. Cloud Service Categories
      • 1.2.4. Cloud Deployment Models
      • 1.2.5. Cloud Shared Considerations
      • 1.2.6. Impact of Related Technologies
    • 1.4. Understand Design Principles of Secure Cloud Computing
      • 1.4.3. Cost Benefit Analysis
      • 1.4.4. Functional Security Requirements
  • Domain 4: Cloud Application Security
    • 4.7. Design Appropriate Identity and Access Management (IAM) Solutions
      • 4.7.5. Cloud Access Security Broker (CASB)
  • Domain 5: Cloud Security Operations
    • 5.4. Implement Operational Controls and Standards
      • 5.4.10. Service Level Management
Image of Warning
This chapter is the foundation for all the other chapters in this study guide. You may find it useful to review this material before reading other chapters.
The CCSP is not a certification of basic computer skills or training; it is a professional certification for practitioners with some background in the field. (ISC)2 expects that those who want to earn this particular certification already have experience in the industry; have been employed in an InfoSec position in some professional capacity; and have a thorough understanding of many basic areas related to computers, security, business, risk, and networking. Many people taking the test already have other certifications that validate their knowledge and experience, such as the CISSP. Therefore, this book will not contain many of the basics that, while testable, you are already expected to know. If you aren’t coming from a CISSP background, it would be good to supplement your knowledge with CISSP-focused materials as well.
However, the CCSP Common Body of Knowledge (CBK) contains terminology and concepts that may be expressed in specific ways, to include perspectives and usages that may be unique to the CCSP and different from what you are used to dealing with in your current operations. This chapter is therefore intended as a guide, laying down the foundation for understanding the rest of the material and the CBK as a whole.

Cloud Characteristics

Cloud computing has come to mean many things, but the following characteristics have become part of the generally accepted definition:
  • Broad network access
  • On-demand self-service
  • Resource pooling
  • Rapid elasticity
  • Measured or “metered” service
These traits are expressed succinctly in the NIST definition of cloud computing.
NIST 800-145 Cloud Computing Definition
The official NIST definition of cloud computing says, “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
These characteristics are also similar to how cloud computing is defined in ISO 17788 (www.iso.org/iso/catalogue_detail?csnumber=60544).
You can expect to see mention of each of these throughout this book, the CBK, and the exam.
Broad network access means services are consistently accessible by standard means, such as the use of a web browser to access a Software as a Service (SaaS) application regardless of the user’s location or choice of computer OS, browser, and so on. This is generally accomplished with the use of such technologies as advanced routing techniques, load balancers, and multisite hosting, among others.
On-demand self-service refers to the model that allows customers to scale their compute and/or storage needs with little or no intervention from or prior communication with the provider. The services happen in real time.
Resource pooling is the characteristic that allows the cloud provider to meet various demands from customers while remaining financially viable. The cloud provider can make capital investments that greatly exceed what any single customer could provide on their own and can apportion these resources as needed so that the resources are not underutilized (which would mean a wasteful investment) or overtaxed (which would mean a decrease in level of service). This is often referred to as a multitenant environment; multiple customers share the same underlying hardware, software, and networking assets.
Rapid elasticity allows the customer to grow or shrink the IT footprint (number of users, number of machines, size of storage, and so on) as necessary to meet operational needs without excess capacity. In the cloud, this can be done in moments, as opposed to the traditional environment, where acquisition and deployment of resources (or dispensing old resources) can take weeks or months.
Finally, measured or metered service simply means that the customer is charged for only what they use and nothing more. This is much like how a water or power company might charge you each month for the services used (with perhaps a minimum monthly charge for maintaining the connection).
Rest assured—we will be going into more detail regarding all of these concepts in the chapters to come.
Image of Real World Scenario

Online Shopping
Think of retail demand during the pre-holiday crush toward the end of the year. The sheer volume of customers and transactions greatly exceeds all normal operations throughout the rest of the year. When this happens, retailers who offer online shopping can see great benefit from hosting their sales capability in the cloud. The cloud provider can apportion resources necessary to meet this increased demand and will charge for this increased usage at a negotiated rate, but when shopping drops off after the holiday, the retailers will not continue to be charged at the higher rate.

Business Requirements

The IT department is not a profit center; it provides a support function. This is even more accurate to describe the security department. Security activities actually hinder business efficiency (because, generally, the more secure something is, be it a device or a process, the less efficient it will be). This is why the business needs of the organization drive security decisions and not the other way around.
A successful organization will gather as much information about operational business requirements as possible; this information can be used for many purposes, including several functions in the security realm (I’ll touch on this throughout the book, but a few examples inclu...

Índice