(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide
eBook - ePub

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide

Ben Malisow

Condividi libro
  1. English
  2. ePUB (disponibile sull'app)
  3. Disponibile su iOS e Android
eBook - ePub

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide

Ben Malisow

Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni

Informazioni sul libro

The only official study guide for the new CCSP exam

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.

  • Review 100% of all CCSP exam objectives
  • Practice applying essential concepts and skills
  • Access the industry-leading online study tool set
  • Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.

Domande frequenti

Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide è disponibile online in formato PDF/ePub?
Sì, puoi accedere a (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide di Ben Malisow in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Computer Science e Cyber Security. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.

Informazioni

Editore
Sybex
Anno
2019
ISBN
9781119603368
Edizione
2
Argomento
Computer Science
Categoria
Cyber Security

Chapter 1
Architectural Concepts

THE OBJECTIVE OF THIS CHAPTER IS TO ACQUAINT THE READER WITH THE FOLLOWING CONCEPTS:
  • Domain 1: Cloud Concepts, Architecture, and Design
    • 1.1. Understand Cloud Computing Concepts
      • 1.1.1. Cloud Computing Definitions
      • 1.1.2. Cloud Computing Roles
      • 1.1.3. Key Cloud Computing Characteristics
      • 1.1.4. Building Block Technologies
    • 1.2. Describe Cloud Reference Architecture
      • 1.2.1. Cloud Computing Activities
      • 1.2.2. Cloud Service Capabilities
      • 1.2.3. Cloud Service Categories
      • 1.2.4. Cloud Deployment Models
      • 1.2.5. Cloud Shared Considerations
      • 1.2.6. Impact of Related Technologies
    • 1.4. Understand Design Principles of Secure Cloud Computing
      • 1.4.3. Cost Benefit Analysis
      • 1.4.4. Functional Security Requirements
  • Domain 4: Cloud Application Security
    • 4.7. Design Appropriate Identity and Access Management (IAM) Solutions
      • 4.7.5. Cloud Access Security Broker (CASB)
  • Domain 5: Cloud Security Operations
    • 5.4. Implement Operational Controls and Standards
      • 5.4.10. Service Level Management
Image of Warning
This chapter is the foundation for all the other chapters in this study guide. You may find it useful to review this material before reading other chapters.
The CCSP is not a certification of basic computer skills or training; it is a professional certification for practitioners with some background in the field. (ISC)2 expects that those who want to earn this particular certification already have experience in the industry; have been employed in an InfoSec position in some professional capacity; and have a thorough understanding of many basic areas related to computers, security, business, risk, and networking. Many people taking the test already have other certifications that validate their knowledge and experience, such as the CISSP. Therefore, this book will not contain many of the basics that, while testable, you are already expected to know. If you aren’t coming from a CISSP background, it would be good to supplement your knowledge with CISSP-focused materials as well.
However, the CCSP Common Body of Knowledge (CBK) contains terminology and concepts that may be expressed in specific ways, to include perspectives and usages that may be unique to the CCSP and different from what you are used to dealing with in your current operations. This chapter is therefore intended as a guide, laying down the foundation for understanding the rest of the material and the CBK as a whole.

Cloud Characteristics

Cloud computing has come to mean many things, but the following characteristics have become part of the generally accepted definition:
  • Broad network access
  • On-demand self-service
  • Resource pooling
  • Rapid elasticity
  • Measured or “metered” service
These traits are expressed succinctly in the NIST definition of cloud computing.
NIST 800-145 Cloud Computing Definition
The official NIST definition of cloud computing says, “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
These characteristics are also similar to how cloud computing is defined in ISO 17788 (www.iso.org/iso/catalogue_detail?csnumber=60544).
You can expect to see mention of each of these throughout this book, the CBK, and the exam.
Broad network access means services are consistently accessible by standard means, such as the use of a web browser to access a Software as a Service (SaaS) application regardless of the user’s location or choice of computer OS, browser, and so on. This is generally accomplished with the use of such technologies as advanced routing techniques, load balancers, and multisite hosting, among others.
On-demand self-service refers to the model that allows customers to scale their compute and/or storage needs with little or no intervention from or prior communication with the provider. The services happen in real time.
Resource pooling is the characteristic that allows the cloud provider to meet various demands from customers while remaining financially viable. The cloud provider can make capital investments that greatly exceed what any single customer could provide on their own and can apportion these resources as needed so that the resources are not underutilized (which would mean a wasteful investment) or overtaxed (which would mean a decrease in level of service). This is often referred to as a multitenant environment; multiple customers share the same underlying hardware, software, and networking assets.
Rapid elasticity allows the customer to grow or shrink the IT footprint (number of users, number of machines, size of storage, and so on) as necessary to meet operational needs without excess capacity. In the cloud, this can be done in moments, as opposed to the traditional environment, where acquisition and deployment of resources (or dispensing old resources) can take weeks or months.
Finally, measured or metered service simply means that the customer is charged for only what they use and nothing more. This is much like how a water or power company might charge you each month for the services used (with perhaps a minimum monthly charge for maintaining the connection).
Rest assured—we will be going into more detail regarding all of these concepts in the chapters to come.
Image of Real World Scenario

Online Shopping
Think of retail demand during the pre-holiday crush toward the end of the year. The sheer volume of customers and transactions greatly exceeds all normal operations throughout the rest of the year. When this happens, retailers who offer online shopping can see great benefit from hosting their sales capability in the cloud. The cloud provider can apportion resources necessary to meet this increased demand and will charge for this increased usage at a negotiated rate, but when shopping drops off after the holiday, the retailers will not continue to be charged at the higher rate.

Business Requirements

The IT department is not a profit center; it provides a support function. This is even more accurate to describe the security department. Security activities actually hinder business efficiency (because, generally, the more secure something is, be it a device or a process, the less efficient it will be). This is why the business needs of the organization drive security decisions and not the other way around.
A successful organization will gather as much information about operational business requirements as possible; this information can be used for many purposes, including several functions in the security realm (I’ll touch on this throughout the book, but a few examples inclu...

Indice dei contenuti