ion id="u61fbf66b-fa97-5220-bdf4-d370f4b38c67">
Table of Contents
1 Cover
7 Foreword to the Third Edition
9 Domain 1: Cloud Concepts, Architecture, and Design UNDERSTAND CLOUD COMPUTING CONCEPTS DESCRIBE CLOUD REFERENCE ARCHITECTURE UNDERSTAND SECURITY CONCEPTS RELEVANT TO CLOUD COMPUTING UNDERSTAND DESIGN PRINCIPLES OF SECURE CLOUD COMPUTING EVALUATE CLOUD SERVICE PROVIDERS
10 Domain 2: Cloud Data Security DESCRIBE CLOUD DATA CONCEPTS DESIGN AND IMPLEMENT CLOUD DATA STORAGE ARCHITECTURES DESIGN AND APPLY DATA SECURITY TECHNOLOGIES AND STRATEGIES IMPLEMENT DATA DISCOVERY IMPLEMENT DATA CLASSIFICATION DESIGN AND IMPLEMENT INFORMATION RIGHTS MANAGEMENT PLAN AND IMPLEMENT DATA RETENTION, DELETION, AND ARCHIVING POLICIES DESIGN AND IMPLEMENT AUDITABILITY, TRACEABILITY, AND ACCOUNTABILITY OF DATA EVENTS SUMMARY
11 Domain 3: Cloud Platform and Infrastructure Security COMPREHEND CLOUD INFRASTRUCTURE COMPONENTS DESIGN A SECURE DATA CENTER ANALYZE RISKS ASSOCIATED WITH CLOUD INFRASTRUCTURE DESIGN AND PLAN SECURITY CONTROLS PLAN DISASTER RECOVERY AND BUSINESS CONTINUITY SUMMARY
12 Domain 4: Cloud Application Security ADVOCATE TRAINING AND AWARENESS FOR APPLICATION SECURITY DESCRIBE THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE PROCESS APPLY THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE APPLY CLOUD SOFTWARE ASSURANCE AND VALIDATION USE VERIFIED SECURE SOFTWARE COMPREHEND THE SPECIFICS OF CLOUD APPLICATION ARCHITECTURE DESIGN APPROPRIATE IDENTITY AND ACCESS MANAGEMENT SOLUTIONS SUMMARY
13 Domain 5: Cloud Security Operations IMPLEMENT AND BUILD PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT OPERATE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT MANAGE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT IMPLEMENT OPERATIONAL CONTROLS AND STANDARDS SUPPORT DIGITAL FORENSICS MANAGE COMMUNICATION WITH RELEVANT PARTIES MANAGE SECURITY OPERATIONS SUMMARY
14 Domain 6: Legal, Risk, and Compliance ARTICULATING LEGAL REQUIREMENTS AND UNIQUE RISKS WITHIN THE CLOUD ENVIRONMENT UNDERSTANDING PRIVACY ISSUES UNDERSTANDING AUDIT PROCESS, METHODOLOGIES, AND REQUIRED ADAPTATIONS FOR A CLOUD ENVIRONMENT UNDERSTAND IMPLICATIONS OF CLOUD TO ENTERPRISE RISK MANAGEMENT UNDERSTANDING OUTSOURCING AND CLOUD CONTRACT DESIGN SUMMARY
15 Index
List of Tables
1 Chapter 4TABLE 4.1 The STRIDE Model
2 Chapter 5TABLE 5.1 Cloud Shared Responsibility Model
3 Chapter 6TABLE 6.1 Types of Regulated DataTABLE 6.2 AICPA Service Organization Control Reports
List of Illustrations
1 Chapter 2FIGURE 2.1 The secure data lifecycle
2 Chapter 5FIGURE 5.1 NIST incident response lifecycle phases
3 Chapter