Description

Book Synopsis


Table of Contents


Introduction xxiii

Assessment Test xxxii

Chapter 1 Architectural Concepts 1

Cloud Characteristics 3

Business Requirements 5

Understanding the Existing State 6

Cost/Benefit Analysis 7

Intended Impact 10

Cloud Computing Service Categories 11

Software as a Service 11

Infrastructure as a Service 12

Platform as a Service 12

Cloud Deployment Models 13

Private Cloud 13

Public Cloud 13

Hybrid Cloud 13

Multi- Cloud 13

Community Cloud 13

Multitenancy 14

Cloud Computing Roles and Responsibilities 15

Cloud Computing Reference Architecture 16

Virtualization 18

Hypervisors 18

Virtualization Security 19

Cloud Shared Considerations 20

Security and Privacy Considerations 20

Operational Considerations 21

Emerging Technologies 22

Machine Learning and Artificial Intelligence 22

Blockchain 23

Internet of Things 24

Containers 24

Quantum Computing 25

Edge and Fog Computing 26

Confidential Computing 26

DevOps and DevSecOps 27

Summary 28

Exam Essentials 28

Review Questions 30

Chapter 2 Data Classification 35

Data Inventory and Discovery 37

Data Ownership 37

Data Flows 42

Data Discovery Methods 43

Information Rights Management 46

Certificates and IRM 47

IRM in the Cloud 47

IRM Tool Traits 47

Data Control 49

Data Retention 50

Data Audit and Audit Mechanisms 53

Data Destruction/Disposal 55

Summary 57

Exam Essentials 57

Review Questions 59

Chapter 3 Cloud Data Security 63

Cloud Data Lifecycle 65

Create 66

Store 66

Use 67

Share 67

Archive 69

Destroy 70

Cloud Storage Architectures 71

Storage Types 71

Volume Storage: File- Based Storage and Block Storage 72

Object- Based Storage 72

Databases 73

Threats to Cloud Storage 73

Designing and Applying Security Strategies for Storage 74

Encryption 74

Certificate Management 77

Hashing 77

Masking, Obfuscation, Anonymization, and Tokenization 78

Data Loss Prevention 81

Log Capture and Analysis 82

Summary 85

Exam Essentials 85

Review Questions 86

Chapter 4 Security in the Cloud 91

Chapter 5 Shared Cloud Platform Risks and Responsibilities 92

Cloud Computing Risks by Deployment Model 94

Private Cloud 95

Community Cloud 95

Public Cloud 97

Hybrid Cloud 101

Cloud Computing Risks by Service Model 102

Infrastructure as a Service (IaaS) 102

Platform as a Service (PaaS) 102

Software as a Service (SaaS) 103

Virtualization 103

Threats 105

Risk Mitigation Strategies 107

Disaster Recovery (DR) and Business Continuity (BC) 110

Cloud- Specific BIA Concerns 110

Customer/Provider Shared BC/DR Responsibilities 111

Cloud Design Patterns 114

Summary 115

Exam Essentials 115

Review Questions 116

Cloud Platform, Infrastructure, and Operational Security 121

Foundations of Managed Services 123

Cloud Provider Responsibilities 124

Shared Responsibilities by Service Type 125

IaaS 125

PaaS 126

SaaS 126

Securing Communications and Infrastructure 126

Firewalls 127

Intrusion Detection/Intrusion Prevention Systems 128

Honeypots 128

Vulnerability Assessment Tools 128

Bastion Hosts 129

Identity Assurance in Cloud and Virtual Environments 130

Securing Hardware and Compute 130

Securing Software 132

Third- Party Software Management 133

Validating Open- Source Software 134

OS Hardening, Monitoring, and Remediation 134

Managing Virtual Systems 135

Assessing Vulnerabilities 137

Securing the Management Plane 138

Auditing Your Environment and Provider 141

Adapting Processes for the Cloud 142

Planning for Cloud Audits 143

Summary 144

Exam Essentials 145

Review Questions 147

Chapter 6 Cloud Application Security 151

Developing Software for the Cloud 154

Common Cloud Application Deployment Pitfalls 155

Cloud Application Architecture 157

Cryptography 157

Sandboxing 158

Application Virtualization and Orchestration 158

Application Programming Interfaces 159

Multitenancy 162

Supplemental Security Components 162

Cloud- Secure Software Development Lifecycle (SDLC) 164

Software Development Phases 165

Software Development Models 166

Cloud Application Assurance and Validation 172

Threat Modeling 172

Common Threats to Applications 174

Quality Assurance and Testing Techniques 175

Supply Chain Management and Licensing 177

Identity and Access Management 177

Cloud Identity and Access Control 178

Single Sign- On 179

Identity Providers 180

Federated Identity Management 180

Multifactor Authentication 181

Secrets Management 182

Common Threats to Identity and Access Management in the Cloud 183

Zero Trust 183

Summary 183

Exam Essentials 184

Review Questions 186

Chapter 7 Operations Elements 191

Designing a Secure Data Center 193

Build vs. Buy 193

Location 194

Facilities and Redundancy 196

Data Center Tiers 200

Logical Design 201

Virtualization Operations 202

Storage Operations 205

Managing Security Operations 207

Security Operations Center (SOC) 208

Continuous Monitoring 208

Incident Management 209

Summary 209

Exam Essentials 210

Review Questions 211

Chapter 8 Operations Management 215

Monitoring, Capacity, and Maintenance 217

Monitoring 217

Physical and Environmental Protection 218

Maintenance 219

Change and Configuration Management 224

Baselines 224

Roles and Process 226

Release and Deployment Management 228

Problem and Incident Management 229

IT Service Management and Continual Service Improvement 229

Business Continuity and Disaster Recovery 231

Prioritizing Safety 231

Continuity of Operations 232

BC/DR Planning 232

The BC/DR Toolkit 234

Relocation 235

Power 237

Testing 238

Summary 239

Exam Essentials 239

Review Questions 241

Chapter 9 Legal and Compliance Issues 245

Legal Requirements and Unique Risks in the Cloud Environment 247

Constitutional Law 247

Legislation 249

Administrative Law 249

Case Law 250

Common Law 250

Contract Law 250

Analyzing a Law 251

Determining Jurisdiction 251

Scope and Application 252

Legal Liability 253

Torts and Negligence 254

U.S. Privacy and Security Laws 255

Health Insurance Portability and Accountability Act 255

The Health Information Technology for Economic and Clinical Health Act 258

Gramm–Leach–Bliley Act 259

Sarbanes–Oxley Act 261

State Data Breach Notification Laws 261

International Laws 263

European Union General Data Protection Regulation 263

Adequacy Decisions 267

U.S.- EU Safe Harbor and Privacy Shield 267

Laws, Regulations, and Standards 269

Payment Card Industry Data Security Standard 270

Critical Infrastructure Protection Program 270

Conflicting International Legislation 270

Information Security Management Systems 272

Iso/iec 27017:2015 272

Privacy in the Cloud 273

Generally Accepted Privacy Principles 273

Iso 27018 279

Direct and Indirect Identifiers 279

Privacy Impact Assessments 280

Cloud Forensics 281

Forensic Requirements 281

Cloud Forensic Challenges 281

Collection and Acquisition 282

Evidence Preservation and Management 283

e-discovery 283

Audit Processes, Methodologies, and Cloud Adaptations 284

Virtualization 284

Scope 284

Gap Analysis 285

Restrictions of Audit Scope Statements 285

Policies 286

Audit Reports 286

Summary 288

Exam Essentials 288

Review Questions 290

Chapter 10 Cloud Vendor Management 295

The Impact of Diverse Geographical Locations and Legal Jurisdictions 297

Security Policy Framework 298

Policies 298

Standards 300

Procedures 302

Guidelines 303

Exceptions and Compensating Controls 304

Developing Policies 305

Enterprise Risk Management 306

Risk Identification 308

Risk Calculation 308

Risk Assessment 309

Risk Treatment and Response 313

Risk Mitigation 313

Risk Avoidance 314

Risk Transference 314

Risk Acceptance 315

Risk Analysis 316

Risk Reporting 316

Enterprise Risk Management 318

Assessing Provider Risk Management Practices 318

Risk Management Frameworks 319

Cloud Contract Design 320

Business Requirements 321

Vendor Management 321

Data Protection 323

Negotiating Contracts 324

Common Contract Provisions 324

Contracting Documents 326

Government Cloud Standards 327

Common Criteria 327

FedRAMP 327

Fips 140- 2 327

Manage Communication with Relevant Parties 328

Summary 328

Exam Essentials 329

Review Questions 330

Appendix Answers to the Review Questions 335

Chapter 1: Architectural Concepts 336

Chapter 2: Data Classification 337

Chapter 3: Cloud Data Security 339

Chapter 4: Security in the Cloud 341

Chapter 5: Cloud Platform, Infrastructure, and Operational Security 343

Chapter 6: Cloud Application Security 345

Chapter 7: Operations Elements 347

Chapter 8: Operations Management 349

Chapter 9: Legal and Compliance Issues 350

Chapter 10: Cloud Vendor Management 352

Index 355

ISC2 CCSP Certified Cloud Security Professional

Product form

£37.50

Includes FREE delivery

RRP £50.00 – you save £12.50 (25%)

Order before 4pm today for delivery by Mon 22 Dec 2025.

A Paperback / softback by Mike Chapple, David Seidl

15 in stock


    View other formats and editions of ISC2 CCSP Certified Cloud Security Professional by Mike Chapple

    Publisher: John Wiley & Sons Inc
    Publication Date: 06/10/2022
    ISBN13: 9781119909378, 978-1119909378
    ISBN10: 1119909376
    Also in:
    Cloud computing Electronics and communications engineering

    Description

    Book Synopsis


    Table of Contents


    Introduction xxiii

    Assessment Test xxxii

    Chapter 1 Architectural Concepts 1

    Cloud Characteristics 3

    Business Requirements 5

    Understanding the Existing State 6

    Cost/Benefit Analysis 7

    Intended Impact 10

    Cloud Computing Service Categories 11

    Software as a Service 11

    Infrastructure as a Service 12

    Platform as a Service 12

    Cloud Deployment Models 13

    Private Cloud 13

    Public Cloud 13

    Hybrid Cloud 13

    Multi- Cloud 13

    Community Cloud 13

    Multitenancy 14

    Cloud Computing Roles and Responsibilities 15

    Cloud Computing Reference Architecture 16

    Virtualization 18

    Hypervisors 18

    Virtualization Security 19

    Cloud Shared Considerations 20

    Security and Privacy Considerations 20

    Operational Considerations 21

    Emerging Technologies 22

    Machine Learning and Artificial Intelligence 22

    Blockchain 23

    Internet of Things 24

    Containers 24

    Quantum Computing 25

    Edge and Fog Computing 26

    Confidential Computing 26

    DevOps and DevSecOps 27

    Summary 28

    Exam Essentials 28

    Review Questions 30

    Chapter 2 Data Classification 35

    Data Inventory and Discovery 37

    Data Ownership 37

    Data Flows 42

    Data Discovery Methods 43

    Information Rights Management 46

    Certificates and IRM 47

    IRM in the Cloud 47

    IRM Tool Traits 47

    Data Control 49

    Data Retention 50

    Data Audit and Audit Mechanisms 53

    Data Destruction/Disposal 55

    Summary 57

    Exam Essentials 57

    Review Questions 59

    Chapter 3 Cloud Data Security 63

    Cloud Data Lifecycle 65

    Create 66

    Store 66

    Use 67

    Share 67

    Archive 69

    Destroy 70

    Cloud Storage Architectures 71

    Storage Types 71

    Volume Storage: File- Based Storage and Block Storage 72

    Object- Based Storage 72

    Databases 73

    Threats to Cloud Storage 73

    Designing and Applying Security Strategies for Storage 74

    Encryption 74

    Certificate Management 77

    Hashing 77

    Masking, Obfuscation, Anonymization, and Tokenization 78

    Data Loss Prevention 81

    Log Capture and Analysis 82

    Summary 85

    Exam Essentials 85

    Review Questions 86

    Chapter 4 Security in the Cloud 91

    Chapter 5 Shared Cloud Platform Risks and Responsibilities 92

    Cloud Computing Risks by Deployment Model 94

    Private Cloud 95

    Community Cloud 95

    Public Cloud 97

    Hybrid Cloud 101

    Cloud Computing Risks by Service Model 102

    Infrastructure as a Service (IaaS) 102

    Platform as a Service (PaaS) 102

    Software as a Service (SaaS) 103

    Virtualization 103

    Threats 105

    Risk Mitigation Strategies 107

    Disaster Recovery (DR) and Business Continuity (BC) 110

    Cloud- Specific BIA Concerns 110

    Customer/Provider Shared BC/DR Responsibilities 111

    Cloud Design Patterns 114

    Summary 115

    Exam Essentials 115

    Review Questions 116

    Cloud Platform, Infrastructure, and Operational Security 121

    Foundations of Managed Services 123

    Cloud Provider Responsibilities 124

    Shared Responsibilities by Service Type 125

    IaaS 125

    PaaS 126

    SaaS 126

    Securing Communications and Infrastructure 126

    Firewalls 127

    Intrusion Detection/Intrusion Prevention Systems 128

    Honeypots 128

    Vulnerability Assessment Tools 128

    Bastion Hosts 129

    Identity Assurance in Cloud and Virtual Environments 130

    Securing Hardware and Compute 130

    Securing Software 132

    Third- Party Software Management 133

    Validating Open- Source Software 134

    OS Hardening, Monitoring, and Remediation 134

    Managing Virtual Systems 135

    Assessing Vulnerabilities 137

    Securing the Management Plane 138

    Auditing Your Environment and Provider 141

    Adapting Processes for the Cloud 142

    Planning for Cloud Audits 143

    Summary 144

    Exam Essentials 145

    Review Questions 147

    Chapter 6 Cloud Application Security 151

    Developing Software for the Cloud 154

    Common Cloud Application Deployment Pitfalls 155

    Cloud Application Architecture 157

    Cryptography 157

    Sandboxing 158

    Application Virtualization and Orchestration 158

    Application Programming Interfaces 159

    Multitenancy 162

    Supplemental Security Components 162

    Cloud- Secure Software Development Lifecycle (SDLC) 164

    Software Development Phases 165

    Software Development Models 166

    Cloud Application Assurance and Validation 172

    Threat Modeling 172

    Common Threats to Applications 174

    Quality Assurance and Testing Techniques 175

    Supply Chain Management and Licensing 177

    Identity and Access Management 177

    Cloud Identity and Access Control 178

    Single Sign- On 179

    Identity Providers 180

    Federated Identity Management 180

    Multifactor Authentication 181

    Secrets Management 182

    Common Threats to Identity and Access Management in the Cloud 183

    Zero Trust 183

    Summary 183

    Exam Essentials 184

    Review Questions 186

    Chapter 7 Operations Elements 191

    Designing a Secure Data Center 193

    Build vs. Buy 193

    Location 194

    Facilities and Redundancy 196

    Data Center Tiers 200

    Logical Design 201

    Virtualization Operations 202

    Storage Operations 205

    Managing Security Operations 207

    Security Operations Center (SOC) 208

    Continuous Monitoring 208

    Incident Management 209

    Summary 209

    Exam Essentials 210

    Review Questions 211

    Chapter 8 Operations Management 215

    Monitoring, Capacity, and Maintenance 217

    Monitoring 217

    Physical and Environmental Protection 218

    Maintenance 219

    Change and Configuration Management 224

    Baselines 224

    Roles and Process 226

    Release and Deployment Management 228

    Problem and Incident Management 229

    IT Service Management and Continual Service Improvement 229

    Business Continuity and Disaster Recovery 231

    Prioritizing Safety 231

    Continuity of Operations 232

    BC/DR Planning 232

    The BC/DR Toolkit 234

    Relocation 235

    Power 237

    Testing 238

    Summary 239

    Exam Essentials 239

    Review Questions 241

    Chapter 9 Legal and Compliance Issues 245

    Legal Requirements and Unique Risks in the Cloud Environment 247

    Constitutional Law 247

    Legislation 249

    Administrative Law 249

    Case Law 250

    Common Law 250

    Contract Law 250

    Analyzing a Law 251

    Determining Jurisdiction 251

    Scope and Application 252

    Legal Liability 253

    Torts and Negligence 254

    U.S. Privacy and Security Laws 255

    Health Insurance Portability and Accountability Act 255

    The Health Information Technology for Economic and Clinical Health Act 258

    Gramm–Leach–Bliley Act 259

    Sarbanes–Oxley Act 261

    State Data Breach Notification Laws 261

    International Laws 263

    European Union General Data Protection Regulation 263

    Adequacy Decisions 267

    U.S.- EU Safe Harbor and Privacy Shield 267

    Laws, Regulations, and Standards 269

    Payment Card Industry Data Security Standard 270

    Critical Infrastructure Protection Program 270

    Conflicting International Legislation 270

    Information Security Management Systems 272

    Iso/iec 27017:2015 272

    Privacy in the Cloud 273

    Generally Accepted Privacy Principles 273

    Iso 27018 279

    Direct and Indirect Identifiers 279

    Privacy Impact Assessments 280

    Cloud Forensics 281

    Forensic Requirements 281

    Cloud Forensic Challenges 281

    Collection and Acquisition 282

    Evidence Preservation and Management 283

    e-discovery 283

    Audit Processes, Methodologies, and Cloud Adaptations 284

    Virtualization 284

    Scope 284

    Gap Analysis 285

    Restrictions of Audit Scope Statements 285

    Policies 286

    Audit Reports 286

    Summary 288

    Exam Essentials 288

    Review Questions 290

    Chapter 10 Cloud Vendor Management 295

    The Impact of Diverse Geographical Locations and Legal Jurisdictions 297

    Security Policy Framework 298

    Policies 298

    Standards 300

    Procedures 302

    Guidelines 303

    Exceptions and Compensating Controls 304

    Developing Policies 305

    Enterprise Risk Management 306

    Risk Identification 308

    Risk Calculation 308

    Risk Assessment 309

    Risk Treatment and Response 313

    Risk Mitigation 313

    Risk Avoidance 314

    Risk Transference 314

    Risk Acceptance 315

    Risk Analysis 316

    Risk Reporting 316

    Enterprise Risk Management 318

    Assessing Provider Risk Management Practices 318

    Risk Management Frameworks 319

    Cloud Contract Design 320

    Business Requirements 321

    Vendor Management 321

    Data Protection 323

    Negotiating Contracts 324

    Common Contract Provisions 324

    Contracting Documents 326

    Government Cloud Standards 327

    Common Criteria 327

    FedRAMP 327

    Fips 140- 2 327

    Manage Communication with Relevant Parties 328

    Summary 328

    Exam Essentials 329

    Review Questions 330

    Appendix Answers to the Review Questions 335

    Chapter 1: Architectural Concepts 336

    Chapter 2: Data Classification 337

    Chapter 3: Cloud Data Security 339

    Chapter 4: Security in the Cloud 341

    Chapter 5: Cloud Platform, Infrastructure, and Operational Security 343

    Chapter 6: Cloud Application Security 345

    Chapter 7: Operations Elements 347

    Chapter 8: Operations Management 349

    Chapter 9: Legal and Compliance Issues 350

    Chapter 10: Cloud Vendor Management 352

    Index 355

    Recently viewed products

    © 2025 Book Curl

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account