Description

Book Synopsis


Table of Contents

Foreword to the Fourth Edition xxi

Introduction xix

Chapter 1 Cloud Concepts, Architecture, and Design 1

Understand Cloud Computing Concepts 2

Cloud Computing Definitions 2

Cloud Computing Roles and Responsibilities 3

Key Cloud Computing Characteristics 7

Building Block Technologies 11

Describe Cloud Reference Architecture 14

Cloud Computing Activities 14

Cloud Service Capabilities 15

Cloud Service Categories 17

Cloud Deployment Models 18

Cloud Shared Considerations 21

Impact of Related Technologies 27

Understand Security Concepts Relevant to Cloud Computing 33

Cryptography and Key Management 33

Identity and Access Control 34

Data and Media Sanitization 36

Network Security 37

Virtualization Security 39

Common Threats 41

Security Hygiene 41

Understand Design Principles of Secure Cloud Computing 43

Cloud Secure Data Lifecycle 43

Cloud- Based Business Continuity and Disaster Recovery Plan 44

Business Impact Analysis 45

Functional Security Requirements 46

Security Considerations for Different Cloud Categories 48

Cloud Design Patterns 49

DevOps Security 51

Evaluate Cloud Service Providers 51

Verification against Criteria 52

System/Subsystem Product Certifications 54

Summary 56

Chapter 2 Cloud Data Security 57

Describe Cloud Data Concepts 58

Cloud Data Lifecycle Phases 58

Data Dispersion 61

Data Flows 62

Design and Implement Cloud Data Storage Architectures 63

Storage Types 63

Threats to Storage Types 66

Design and Apply Data Security Technologies and Strategies 67

Encryption and Key Management 67

Hashing 70

Data Obfuscation 71

Tokenization 73

Data Loss Prevention 74

Keys, Secrets, and Certificates Management 77

Implement Data Discovery 78

Structured Data 79

Unstructured Data 80

Semi- structured Data 81

Data Location 82

Implement Data Classification 82

Data Classification Policies 83

Mapping 85

Labeling 86

Design and Implement Information Rights Management 87

Objectives 88

Appropriate Tools 89

Plan and Implement Data Retention, Deletion, and Archiving Policies 89

Data Retention Policies 90

Data Deletion Procedures and Mechanisms 93

Data Archiving Procedures and Mechanisms 94

Legal Hold 95

Design and Implement Auditability, Traceability, and Accountability of Data Events 96

Definition of Event Sources and Requirement of Event Attribution 97

Logging, Storage, and Analysis of Data Events 99

Chain of Custody and Nonrepudiation 100

Summary 101

Chapter 3 Cloud Platform and Infrastructure Security 103

Comprehend Cloud Infrastructure and Platform Components 104

Physical Environment 104

Network and Communications 106

Compute 107

Virtualization 108

Storage 110

Management Plane 111

Design a Secure Data Center 113

Logical Design 114

Physical Design 116

Environmental Design 117

Analyze Risks Associated with Cloud Infrastructure and Platforms 119

Risk Assessment 119

Cloud Vulnerabilities, Threats, and Attacks 122

Risk Mitigation Strategies 123

Plan and Implementation of Security Controls 124

Physical and Environmental Protection 124

System, Storage, and Communication Protection 125

Identification, Authentication, and Authorization in Cloud Environments 127

Audit Mechanisms 128

Plan Disaster Recovery and Business Continuity 131

Business Continuity/Disaster Recovery Strategy 131

Business Requirements 132

Creation, Implementation, and Testing of Plan 134

Summary 138

Chapter 4 Cloud Application Security 139

Advocate Training and Awareness for Application Security 140

Cloud Development Basics 140

Common Pitfalls 141

Common Cloud Vulnerabilities 142

Describe the Secure Software Development Life Cycle Process 144

NIST Secure Software Development Framework 145

OWASP Software Assurance Maturity Model 145

Business Requirements 145

Phases and Methodologies 146

Apply the Secure Software Development Life Cycle 149

Cloud- Specific Risks 149

Threat Modeling 153

Avoid Common Vulnerabilities during Development 156

Secure Coding 156

Software Configuration Management and Versioning 157

Apply Cloud Software Assurance and Validation 158

Functional and Non- functional Testing 159

Security Testing Methodologies 160

Quality Assurance 164

Abuse Case Testing 164

Use Verified Secure Software 165

Securing Application Programming Interfaces 165

Supply- Chain Management 166

Third- Party Software Management 166

Validated Open- Source Software 167

Comprehend the Specifics of Cloud Application Architecture 168

Supplemental Security Components 169

Cryptography 171

Sandboxing 172

Application Virtualization and Orchestration 173

Design Appropriate Identity and Access Management Solutions 174

Federated Identity 175

Identity Providers 175

Single Sign- on 176

Multifactor Authentication 176

Cloud Access Security Broker 178

Summary 179

Chapter 5 Cloud Security Operations 181

Build and Implement Physical and Logical Infrastructure for Cloud Environment 182

Hardware- Specific Security Configuration Requirements 182

Installation and Configuration of Virtualization Management Tools 185

Virtual Hardware–Specific Security Configuration Requirements 186

Installation of Guest Operating System Virtualization Toolsets 188

Operate Physical and Logical Infrastructure for Cloud Environment 188

Configure Access Control for Local and Remote Access 188

Secure Network Configuration 190

Operating System Hardening through the Application of Baselines 195

Availability of Stand- Alone Hosts 196

Availability of Clustered Hosts 197

Availability of Guest Operating Systems 199

Manage Physical and Logical Infrastructure for Cloud Environment 200

Access Controls for Remote Access 201

Operating System Baseline Compliance Monitoring and Remediation 202

Patch Management 203

Performance and Capacity Monitoring 205

Hardware Monitoring 206

Configuration of Host and Guest Operating System Backup and Restore Functions 207

Network Security Controls 208

Management Plane 212

Implement Operational Controls and Standards 212

Change Management 213

Continuity Management 214

Information Security Management 216

Continual Service Improvement Management 217

Incident Management 218

Problem Management 221

Release Management 221

Deployment Management 222

Configuration Management 224

Service Level Management 225

Availability Management 226

Capacity Management 227

Support Digital Forensics 228

Forensic Data Collection Methodologies 228

Evidence Management 230

Collect, Acquire, and Preserve Digital Evidence 231

Manage Communication with Relevant Parties 234

Vendors 235

Customers 236

Partners 238

Regulators 238

Other Stakeholders 239

Manage Security Operations 239

Security Operations Center 240

Monitoring of Security Controls 244

Log Capture and Analysis 245

Incident Management 248

Summary 253

Chapter 6 Legal, Risk, and Compliance 255

Articulating Legal Requirements and Unique Risks within the Cloud Environment 256

Conflicting International Legislation 256

Evaluation of Legal Risks Specific to Cloud Computing 258

Legal Frameworks and Guidelines 258

eDiscovery 265

Forensics Requirements 267

Understand Privacy Issues 267

Difference between Contractual and Regulated Private Data 268

Country- Specific Legislation Related to Private Data 272

Jurisdictional Differences in Data Privacy 277

Standard Privacy Requirements 278

Privacy Impact Assessments 280

Understanding Audit Process, Methodologies, and Required Adaptations for a Cloud Environment 281

Internal and External Audit Controls 282

Impact of Audit Requirements 283

Identify Assurance Challenges of Virtualization and Cloud 284

Types of Audit Reports 285

Restrictions of Audit Scope Statements 288

Gap Analysis 289

Audit Planning 290

Internal Information Security Management System 291

Internal Information Security Controls System 292

Policies 293

Identification and Involvement of Relevant Stakeholders 296

Specialized Compliance Requirements for Highly Regulated Industries 297

Impact of Distributed Information Technology Model 298

Understand Implications of Cloud to Enterprise Risk Management 299

Assess Providers Risk Management Programs 300

Differences between Data Owner/Controller vs. Data Custodian/Processor 301

Regulatory Transparency Requirements 302

Risk Treatment 303

Risk Frameworks 304

Metrics for Risk Management 307

Assessment of Risk Environment 307

Understand Outsourcing and Cloud Contract Design 309

Business Requirements 309

Vendor Management 311

Contract Management 312

Supply Chain Management 314

Summary 316

Index 317

The Official ISC2 CCSP CBK Reference

Product form

£48.75

Includes FREE delivery

RRP £65.00 – you save £16.25 (25%)

Order before 4pm today for delivery by Mon 22 Dec 2025.

A Hardback by Aaron Kraus

15 in stock


    View other formats and editions of The Official ISC2 CCSP CBK Reference by Aaron Kraus

    Publisher: John Wiley & Sons Inc
    Publication Date: 17/11/2022
    ISBN13: 9781119909019, 978-1119909019
    ISBN10: 1119909015
    Also in:
    Cloud computing Computer security Electronics and communications engineering

    Description

    Book Synopsis


    Table of Contents

    Foreword to the Fourth Edition xxi

    Introduction xix

    Chapter 1 Cloud Concepts, Architecture, and Design 1

    Understand Cloud Computing Concepts 2

    Cloud Computing Definitions 2

    Cloud Computing Roles and Responsibilities 3

    Key Cloud Computing Characteristics 7

    Building Block Technologies 11

    Describe Cloud Reference Architecture 14

    Cloud Computing Activities 14

    Cloud Service Capabilities 15

    Cloud Service Categories 17

    Cloud Deployment Models 18

    Cloud Shared Considerations 21

    Impact of Related Technologies 27

    Understand Security Concepts Relevant to Cloud Computing 33

    Cryptography and Key Management 33

    Identity and Access Control 34

    Data and Media Sanitization 36

    Network Security 37

    Virtualization Security 39

    Common Threats 41

    Security Hygiene 41

    Understand Design Principles of Secure Cloud Computing 43

    Cloud Secure Data Lifecycle 43

    Cloud- Based Business Continuity and Disaster Recovery Plan 44

    Business Impact Analysis 45

    Functional Security Requirements 46

    Security Considerations for Different Cloud Categories 48

    Cloud Design Patterns 49

    DevOps Security 51

    Evaluate Cloud Service Providers 51

    Verification against Criteria 52

    System/Subsystem Product Certifications 54

    Summary 56

    Chapter 2 Cloud Data Security 57

    Describe Cloud Data Concepts 58

    Cloud Data Lifecycle Phases 58

    Data Dispersion 61

    Data Flows 62

    Design and Implement Cloud Data Storage Architectures 63

    Storage Types 63

    Threats to Storage Types 66

    Design and Apply Data Security Technologies and Strategies 67

    Encryption and Key Management 67

    Hashing 70

    Data Obfuscation 71

    Tokenization 73

    Data Loss Prevention 74

    Keys, Secrets, and Certificates Management 77

    Implement Data Discovery 78

    Structured Data 79

    Unstructured Data 80

    Semi- structured Data 81

    Data Location 82

    Implement Data Classification 82

    Data Classification Policies 83

    Mapping 85

    Labeling 86

    Design and Implement Information Rights Management 87

    Objectives 88

    Appropriate Tools 89

    Plan and Implement Data Retention, Deletion, and Archiving Policies 89

    Data Retention Policies 90

    Data Deletion Procedures and Mechanisms 93

    Data Archiving Procedures and Mechanisms 94

    Legal Hold 95

    Design and Implement Auditability, Traceability, and Accountability of Data Events 96

    Definition of Event Sources and Requirement of Event Attribution 97

    Logging, Storage, and Analysis of Data Events 99

    Chain of Custody and Nonrepudiation 100

    Summary 101

    Chapter 3 Cloud Platform and Infrastructure Security 103

    Comprehend Cloud Infrastructure and Platform Components 104

    Physical Environment 104

    Network and Communications 106

    Compute 107

    Virtualization 108

    Storage 110

    Management Plane 111

    Design a Secure Data Center 113

    Logical Design 114

    Physical Design 116

    Environmental Design 117

    Analyze Risks Associated with Cloud Infrastructure and Platforms 119

    Risk Assessment 119

    Cloud Vulnerabilities, Threats, and Attacks 122

    Risk Mitigation Strategies 123

    Plan and Implementation of Security Controls 124

    Physical and Environmental Protection 124

    System, Storage, and Communication Protection 125

    Identification, Authentication, and Authorization in Cloud Environments 127

    Audit Mechanisms 128

    Plan Disaster Recovery and Business Continuity 131

    Business Continuity/Disaster Recovery Strategy 131

    Business Requirements 132

    Creation, Implementation, and Testing of Plan 134

    Summary 138

    Chapter 4 Cloud Application Security 139

    Advocate Training and Awareness for Application Security 140

    Cloud Development Basics 140

    Common Pitfalls 141

    Common Cloud Vulnerabilities 142

    Describe the Secure Software Development Life Cycle Process 144

    NIST Secure Software Development Framework 145

    OWASP Software Assurance Maturity Model 145

    Business Requirements 145

    Phases and Methodologies 146

    Apply the Secure Software Development Life Cycle 149

    Cloud- Specific Risks 149

    Threat Modeling 153

    Avoid Common Vulnerabilities during Development 156

    Secure Coding 156

    Software Configuration Management and Versioning 157

    Apply Cloud Software Assurance and Validation 158

    Functional and Non- functional Testing 159

    Security Testing Methodologies 160

    Quality Assurance 164

    Abuse Case Testing 164

    Use Verified Secure Software 165

    Securing Application Programming Interfaces 165

    Supply- Chain Management 166

    Third- Party Software Management 166

    Validated Open- Source Software 167

    Comprehend the Specifics of Cloud Application Architecture 168

    Supplemental Security Components 169

    Cryptography 171

    Sandboxing 172

    Application Virtualization and Orchestration 173

    Design Appropriate Identity and Access Management Solutions 174

    Federated Identity 175

    Identity Providers 175

    Single Sign- on 176

    Multifactor Authentication 176

    Cloud Access Security Broker 178

    Summary 179

    Chapter 5 Cloud Security Operations 181

    Build and Implement Physical and Logical Infrastructure for Cloud Environment 182

    Hardware- Specific Security Configuration Requirements 182

    Installation and Configuration of Virtualization Management Tools 185

    Virtual Hardware–Specific Security Configuration Requirements 186

    Installation of Guest Operating System Virtualization Toolsets 188

    Operate Physical and Logical Infrastructure for Cloud Environment 188

    Configure Access Control for Local and Remote Access 188

    Secure Network Configuration 190

    Operating System Hardening through the Application of Baselines 195

    Availability of Stand- Alone Hosts 196

    Availability of Clustered Hosts 197

    Availability of Guest Operating Systems 199

    Manage Physical and Logical Infrastructure for Cloud Environment 200

    Access Controls for Remote Access 201

    Operating System Baseline Compliance Monitoring and Remediation 202

    Patch Management 203

    Performance and Capacity Monitoring 205

    Hardware Monitoring 206

    Configuration of Host and Guest Operating System Backup and Restore Functions 207

    Network Security Controls 208

    Management Plane 212

    Implement Operational Controls and Standards 212

    Change Management 213

    Continuity Management 214

    Information Security Management 216

    Continual Service Improvement Management 217

    Incident Management 218

    Problem Management 221

    Release Management 221

    Deployment Management 222

    Configuration Management 224

    Service Level Management 225

    Availability Management 226

    Capacity Management 227

    Support Digital Forensics 228

    Forensic Data Collection Methodologies 228

    Evidence Management 230

    Collect, Acquire, and Preserve Digital Evidence 231

    Manage Communication with Relevant Parties 234

    Vendors 235

    Customers 236

    Partners 238

    Regulators 238

    Other Stakeholders 239

    Manage Security Operations 239

    Security Operations Center 240

    Monitoring of Security Controls 244

    Log Capture and Analysis 245

    Incident Management 248

    Summary 253

    Chapter 6 Legal, Risk, and Compliance 255

    Articulating Legal Requirements and Unique Risks within the Cloud Environment 256

    Conflicting International Legislation 256

    Evaluation of Legal Risks Specific to Cloud Computing 258

    Legal Frameworks and Guidelines 258

    eDiscovery 265

    Forensics Requirements 267

    Understand Privacy Issues 267

    Difference between Contractual and Regulated Private Data 268

    Country- Specific Legislation Related to Private Data 272

    Jurisdictional Differences in Data Privacy 277

    Standard Privacy Requirements 278

    Privacy Impact Assessments 280

    Understanding Audit Process, Methodologies, and Required Adaptations for a Cloud Environment 281

    Internal and External Audit Controls 282

    Impact of Audit Requirements 283

    Identify Assurance Challenges of Virtualization and Cloud 284

    Types of Audit Reports 285

    Restrictions of Audit Scope Statements 288

    Gap Analysis 289

    Audit Planning 290

    Internal Information Security Management System 291

    Internal Information Security Controls System 292

    Policies 293

    Identification and Involvement of Relevant Stakeholders 296

    Specialized Compliance Requirements for Highly Regulated Industries 297

    Impact of Distributed Information Technology Model 298

    Understand Implications of Cloud to Enterprise Risk Management 299

    Assess Providers Risk Management Programs 300

    Differences between Data Owner/Controller vs. Data Custodian/Processor 301

    Regulatory Transparency Requirements 302

    Risk Treatment 303

    Risk Frameworks 304

    Metrics for Risk Management 307

    Assessment of Risk Environment 307

    Understand Outsourcing and Cloud Contract Design 309

    Business Requirements 309

    Vendor Management 311

    Contract Management 312

    Supply Chain Management 314

    Summary 316

    Index 317

    Recently viewed products

    © 2025 Book Curl

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account