(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition
- Length: 416 pages
- Edition: 3
- Language: English
- Publisher: Sybex
- Publication Date: 2022-10-04
- ISBN-10: 1119909376
- ISBN-13: 9781119909378
- Sales Rank: #388556 (See Top 100 Books)
The only official study guide for the new CCSP exam objectives effective from 2022-2025
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. In this completely rewritten 3rd Edition, experienced cloud security professionals Mike Chapple and David Seidl use their extensive training and hands on skills to help you prepare for the CCSP exam. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Cloud Concepts, Architecture and Design, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Cloud Security Operations, and Legal, Risk, and Compliance with real-world scenarios to help you apply your skills along the way.
The CCSP credential from (ISC)2 and the Cloud Security Alliance is designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.
- Review 100% of all CCSP exam objectives
- Practice applying essential concepts and skills
- Access the industry-leading online study tool set
- Test your knowledge with bonus practice exams and more
As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification and apply your skills in a real-world setting.
Cover Title Page Copyright Page Contents Introduction CCSP Certification Taking the CCSP Exam Computer-Based Testing Environment Exam Retake Policy Work Experience Requirement Recertification Requirements What Does This Book Cover? CCSP Exam Objectives CCSP Certification Exam Objective Map How to Contact the Publisher Assessment Test Answers to Assessment Test Chapter 1 Architectural Concepts Cloud Characteristics Business Requirements Understanding the Existing State Cost/Benefit Analysis Intended Impact Cloud Computing Service Categories Software as a Service Infrastructure as a Service Platform as a Service Cloud Deployment Models Private Cloud Public Cloud Hybrid Cloud Multi-Cloud Community Cloud Multitenancy Cloud Computing Roles and Responsibilities Cloud Computing Reference Architecture Virtualization Hypervisors Virtualization Security Cloud Shared Considerations Security and Privacy Considerations Operational Considerations Emerging Technologies Machine Learning and Artificial Intelligence Blockchain Internet of Things Containers Quantum Computing Edge and Fog Computing Confidential Computing DevOps and DevSecOps Summary Exam Essentials Review Questions Chapter 2 Data Classification Data Inventory and Discovery Data Ownership Data Flows Data Discovery Methods Information Rights Management Certificates and IRM IRM in the Cloud IRM Tool Traits Data Control Data Retention Data Audit and Audit Mechanisms Data Destruction/Disposal Summary Exam Essentials Review Questions Chapter 3 Cloud Data Security Cloud Data Lifecycle Create Store Use Share Archive Destroy Cloud Storage Architectures Storage Types Volume Storage: File-Based Storage and Block Storage Object-Based Storage Databases Threats to Cloud Storage Designing and Applying Security Strategies for Storage Encryption Certificate Management Hashing Masking, Obfuscation, Anonymization, and Tokenization Data Loss Prevention Log Capture and Analysis Summary Exam Essentials Review Questions Chapter 4 Security in the Cloud Shared Cloud Platform Risks and Responsibilities Cloud Customers, Providers, and Similar Terms Cloud Computing Risks by Deployment Model Private Cloud Community Cloud Public Cloud Hybrid Cloud Cloud Computing Risks by Service Model Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Virtualization Threats Risk Mitigation Strategies Disaster Recovery (DR) and Business Continuity (BC) Cloud-Specific BIA Concerns Customer/Provider Shared BC/DR Responsibilities Cloud Design Patterns Summary Exam Essentials Review Questions Chapter 5 Cloud Platform, Infrastructure, and Operational Security Foundations of Managed Services Cloud Provider Responsibilities Shared Responsibilities by Service Type IaaS PaaS SaaS Securing Communications and Infrastructure Firewalls Intrusion Detection/Intrusion Prevention Systems Honeypots Vulnerability Assessment Tools Bastion Hosts Identity Assurance in Cloud and Virtual Environments Securing Hardware and Compute Securing Software Third-Party Software Management Validating Open-Source Software OS Hardening, Monitoring, and Remediation Managing Virtual Systems Assessing Vulnerabilities Securing the Management Plane Auditing Your Environment and Provider Adapting Processes for the Cloud Planning for Cloud Audits Summary Exam Essentials Review Questions Chapter 6 Cloud Application Security Developing Software for the Cloud Common Cloud Application Deployment Pitfalls Cloud Application Architecture Cryptography Sandboxing Application Virtualization and Orchestration Application Programming Interfaces Multitenancy Supplemental Security Components Cloud-Secure Software Development Lifecycle (SDLC) Software Development Phases Software Development Models Cloud Application Assurance and Validation Threat Modeling Common Threats to Applications Quality Assurance and Testing Techniques Supply Chain Management and Licensing Identity and Access Management Cloud Identity and Access Control Single Sign-On Identity Providers Federated Identity Management Multifactor Authentication Secrets Management Common Threats to Identity and Access Management in the Cloud Zero Trust Summary Exam Essentials Review Questions Chapter 7 Operations Elements Designing a Secure Data Center Build vs. Buy Location Facilities and Redundancy Data Center Tiers Logical Design Virtualization Operations Storage Operations Managing Security Operations Security Operations Center (SOC) Continuous Monitoring Incident Management Summary Exam Essentials Review Questions Chapter 8 Operations Management Monitoring, Capacity, and Maintenance Monitoring Physical and Environmental Protection Maintenance Change and Configuration Management Baselines Roles and Process Release and Deployment Management Problem and Incident Management IT Service Management and Continual Service Improvement Business Continuity and Disaster Recovery Prioritizing Safety Continuity of Operations BC/DR Planning The BC/DR Toolkit Relocation Power Testing Summary Exam Essentials Review Questions Chapter 9 Legal and Compliance Issues Legal Requirements and Unique Risks in the Cloud Environment Constitutional Law Legislation Administrative Law Case Law Common Law Contract Law Analyzing a Law Determining Jurisdiction Scope and Application Legal Liability Torts and Negligence U.S. Privacy and Security Laws Health Insurance Portability and Accountability Act The Health Information Technology for Economic and Clinical Health Act Gramm–Leach–Bliley Act Sarbanes–Oxley Act State Data Breach Notification Laws International Laws European Union General Data Protection Regulation Adequacy Decisions U.S.-EU Safe Harbor and Privacy Shield Laws, Regulations, and Standards Payment Card Industry Data Security Standard Critical Infrastructure Protection Program Conflicting International Legislation Information Security Management Systems ISO/IEC 27017:2015 Privacy in the Cloud Generally Accepted Privacy Principles ISO 27018 Direct and Indirect Identifiers Privacy Impact Assessments Cloud Forensics Forensic Requirements Cloud Forensic Challenges Collection and Acquisition Evidence Preservation and Management e-discovery Audit Processes, Methodologies, and Cloud Adaptations Virtualization Scope Gap Analysis Restrictions of Audit Scope Statements Policies Audit Reports Summary Exam Essentials Review Questions Chapter 10 Cloud Vendor Management The Impact of Diverse Geographical Locations and Legal Jurisdictions Security Policy Framework Policies Standards Procedures Guidelines Exceptions and Compensating Controls Developing Policies Enterprise Risk Management Risk Identification Risk Calculation Risk Assessment Risk Treatment and Response Risk Mitigation Risk Avoidance Risk Transference Risk Acceptance Risk Analysis Control Risk Risk Reporting Enterprise Risk Management Assessing Provider Risk Management Practices Risk Management Frameworks Cloud Contract Design Business Requirements Vendor Management Data Protection Negotiating Contracts Common Contract Provisions Contracting Documents Government Cloud Standards Common Criteria FedRAMP FIPS 140-2 Manage Communication with Relevant Parties Summary Exam Essentials Review Questions Appendix: Answers to the Review Questions Chapter 1: Architectural Concepts Chapter 2: Data Classification Chapter 3: Cloud Data Security Chapter 4: Security in the Cloud Chapter 5: Cloud Platform, Infrastructure, and Operational Security Chapter 6: Cloud Application Security Chapter 7: Operations Elements Chapter 8: Operations Management Chapter 9: Legal and Compliance Issues Chapter 10: Cloud Vendor Management Index Comprehensive Online Learning Environment EULA
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.