Leslie Fife

The Official (ISC)2 CCSP CBK Reference


Скачать книгу

ion id="u61fbf66b-fa97-5220-bdf4-d370f4b38c67">

      

      Table of Contents

      1  Cover

      2  Title Page

      3  Copyright

      4  Acknowledgments

      5  About the Authors

      6  About the Technical Editor

      7  Foreword to the Third Edition

      8  Introduction

      9  Domain 1: Cloud Concepts, Architecture, and Design UNDERSTAND CLOUD COMPUTING CONCEPTS DESCRIBE CLOUD REFERENCE ARCHITECTURE UNDERSTAND SECURITY CONCEPTS RELEVANT TO CLOUD COMPUTING UNDERSTAND DESIGN PRINCIPLES OF SECURE CLOUD COMPUTING EVALUATE CLOUD SERVICE PROVIDERS

      10  Domain 2: Cloud Data Security DESCRIBE CLOUD DATA CONCEPTS DESIGN AND IMPLEMENT CLOUD DATA STORAGE ARCHITECTURES DESIGN AND APPLY DATA SECURITY TECHNOLOGIES AND STRATEGIES IMPLEMENT DATA DISCOVERY IMPLEMENT DATA CLASSIFICATION DESIGN AND IMPLEMENT INFORMATION RIGHTS MANAGEMENT PLAN AND IMPLEMENT DATA RETENTION, DELETION, AND ARCHIVING POLICIES DESIGN AND IMPLEMENT AUDITABILITY, TRACEABILITY, AND ACCOUNTABILITY OF DATA EVENTS SUMMARY

      11  Domain 3: Cloud Platform and Infrastructure Security COMPREHEND CLOUD INFRASTRUCTURE COMPONENTS DESIGN A SECURE DATA CENTER ANALYZE RISKS ASSOCIATED WITH CLOUD INFRASTRUCTURE DESIGN AND PLAN SECURITY CONTROLS PLAN DISASTER RECOVERY AND BUSINESS CONTINUITY SUMMARY

      12  Domain 4: Cloud Application Security ADVOCATE TRAINING AND AWARENESS FOR APPLICATION SECURITY DESCRIBE THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE PROCESS APPLY THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE APPLY CLOUD SOFTWARE ASSURANCE AND VALIDATION USE VERIFIED SECURE SOFTWARE COMPREHEND THE SPECIFICS OF CLOUD APPLICATION ARCHITECTURE DESIGN APPROPRIATE IDENTITY AND ACCESS MANAGEMENT SOLUTIONS SUMMARY

      13  Domain 5: Cloud Security Operations IMPLEMENT AND BUILD PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT OPERATE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT MANAGE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT IMPLEMENT OPERATIONAL CONTROLS AND STANDARDS SUPPORT DIGITAL FORENSICS MANAGE COMMUNICATION WITH RELEVANT PARTIES MANAGE SECURITY OPERATIONS SUMMARY

      14  Domain 6: Legal, Risk, and Compliance ARTICULATING LEGAL REQUIREMENTS AND UNIQUE RISKS WITHIN THE CLOUD ENVIRONMENT UNDERSTANDING PRIVACY ISSUES UNDERSTANDING AUDIT PROCESS, METHODOLOGIES, AND REQUIRED ADAPTATIONS FOR A CLOUD ENVIRONMENT UNDERSTAND IMPLICATIONS OF CLOUD TO ENTERPRISE RISK MANAGEMENT UNDERSTANDING OUTSOURCING AND CLOUD CONTRACT DESIGN SUMMARY

      15  Index

      16  End User License Agreement

      List of Tables

      1 Chapter 4TABLE 4.1 The STRIDE Model

      2 Chapter 5TABLE 5.1 Cloud Shared Responsibility Model

      3 Chapter 6TABLE 6.1 Types of Regulated DataTABLE 6.2 AICPA Service Organization Control Reports

      List of Illustrations

      1 Chapter 2FIGURE 2.1 The secure data lifecycle

      2 Chapter 5FIGURE 5.1 NIST incident response lifecycle phases

      3 Chapter