CCSP Certified Cloud Security Professional Preparation

Video description

The complete Certified Cloud Security Professional video course with CCSK extras by Dean Bushmiller

Domain 1 Cloud Concepts, Architecture and Design

1.1 Understand cloud computing concepts

Cloud computing definitions

Cloud computing roles and responsibilities

Key cloud computing characteristics

Building block technologies

1.2 Describe cloud reference architecture

Cloud computing activities

Cloud service capabilities

Cloud …

CCSP Certified Cloud Security Professional Preparation

Video description

The complete Certified Cloud Security Professional video course with CCSK extras by Dean Bushmiller

Domain 1 Cloud Concepts, Architecture and Design

1.1 Understand cloud computing concepts

Cloud computing definitions

Cloud computing roles and responsibilities

Key cloud computing characteristics

Building block technologies

1.2 Describe cloud reference architecture

Cloud computing activities

Cloud service capabilities

Cloud service categories IaaS, PaaS, SaaS

Cloud deployment models

Cloud shared considerations , auditability, regulatory, outsourcing

1.3 Understand security concepts relevant to cloud computing

Cryptography and key management

Identity and access control

Data and media sanitization

Network security

Virtualization security

Common threats

Security hygiene

1.4 Understand design principles of secure cloud computing

Cloud secure data lifecycle

Cloud-based business continuity and disaster recovery plan

Business impact analysis

Functional security requirements

Security considerations and responsibilities for different cloud categories

Cloud design patterns Enterprise Architecture

DevOps security

1.5 Evaluate cloud service providers

Verification against criteria

System/subsystem product certifications

Domain 2 Cloud Data Security

2.1 Describe cloud data concepts

Cloud data life cycle phases

Data dispersion

Data flows

2.2 Design and implement cloud data storage architectures

Storage types

Threats to storage types

2.3 Design and apply data security technologies and strategies

Encryption and key management

Hashing

Data obfuscation

Tokenization

Data loss prevention

Keys, secrets and certificates management

2.4 Implement data discovery

Structured data

Unstructured data

Semi-structured data

Data location

2.5 Plan and implement data classification

Data classification policies

Data mapping

Data labeling

2.6 Design and implement Information Rights Management

Legal hold

2.7 Design and implement auditability, traceability and accountability of data events

Definition of event sources and requirement of event attributes address, geolocation

Logging, storage and analysis of data events

Chain of custody and non repudiation

Domain 3 Cloud Platform and Infrastructure Security

3.1 Comprehend cloud infrastructure and platform components

Physical environment

Network and communications

Compute

Virtualization

Storage

Management plane

3.2 Design a secure data center

Logical design

Physical design

Environmental design

Design resilient

3.3 Analyze risks associated with cloud infrastructure and platforms

Risk assessment

Cloud vulnerabilities, threats and attacks

Risk mitigation strategies

3.4 Plan and implementation of security controls

Physical and environmental protection

System, storage and communication protection

Identification, authentication and authorization in cloud environments

Audit mechanisms correlation, packet capture

3.5 Plan business continuity and disaster recovery

Business continuity and disaster recovery strategies

Business requirements , Recovery Point Objective

Creation, implementation and testing of plan

Domain 4 Cloud Application Security

4.1 Advocate training and awareness for application security

Cloud development basics

Common pitfalls

Common cloud vulnerabilities OWASP Top 10

4.2 Describe the Secure Software Development Life Cycle process

Business requirements

Phases and methodologies

4.3 Apply the Secure Software Development Life Cycle

Cloud specific risks

Threat modeling STRIDE and DREAD

Avoid common vulnerabilities during development

Secure coding Application Security Verification Standard

Software configuration management and versioning

4.4 Apply cloud software assurance and validation

Functional and non functional testing

Security testing methodologies SAST DAST

Quality assurance

Abuse case testing

4.5 Use verified secure software

Securing application programming interfaces

Supply chain management

Third party software management

Validated open source software

4.6 Comprehend the specifics of cloud application architecture

Supplemental security components , Database Activity Monitoring, Extensible Markup Language firewalls, application programming interface gateway

Cryptography

Sandboxing

Application virtualization and orchestration

4.7 Design appropriate identity and access management solutions

Federated identity

Identity providers

Single sign on

Multi factor authentication

Cloud access security broker

Secrets management

Domain 5 Cloud Security Operations

5.1 Build and implement physical and logical infrastructure for cloud environment

Hardware specific security configuration requirements and Trusted Platform Module

Installation and configuration of management tools

Virtual hardware specific security configuration requirements , Hypervisor types

Installation of guest operating system virtualization toolsets

5.2 Operate and maintain physical and logical infrastructure for cloud environment

Access controls for local and remote access , secure terminal access, Secure Shell, console based access mechanisms, jumpboxes, virtual client

Secure network configuration , Transport Layer Security, Dynamic Host Configuration Protocol, Domain Name System Security Extensions, virtual private network

Network security controls , intrusion prevention systems, honeypots, vulnerability assessments, network security groups, bastion host

Operating system hardening through the application of baselines, monitoring and remediation

Patch management

Infrastructure as Code strategy

Availability of clustered hosts

Availability of guest operating system

Performance and capacity monitoring

Hardware monitoring

Configuration of host and guest operating system backup and restore functions

Management plane

5.3 Implement operational controls and standards

Change management

Continuity management

Information security management

Continual service improvement management

Incident management

Problem management

Release management

Deployment management

Configuration management

Service level management

Availability management

Capacity management

5.4 Support digital forensics

Forensic data collection methodologies

Evidence management

Collect, acquire, and preserve digital evidence

5.5 Manage communication with relevant parties

Vendors

Customers

Partners

Regulators

Other stakeholders

5.6 Manage security operations

Security operations center

Intelligent monitoring of security controls , intrusion prevention systems, honeypots, network security groups, artificial intelligence

Log capture and analysis , log management

Incident management

Vulnerability assessments

Domain 6 Legal, Risk and Compliance

6.1 Articulate legal requirements and unique risks within the cloud environment

Conflicting international legislation

Evaluation of legal risks specific to cloud computing

Legal framework and guidelines

eDiscovery

Forensics requirements

6.2 Understand privacy issues

Difference between contractual and regulated private data , personally identifiable information

Country specific legislation related to private data , personally identifiable information

Jurisdictional differences in data privacy

Standard privacy requirements

Privacy Impact Assessments

6.3 Understand audit process, methodologies, and required adaptations for a cloud environment

Internal and external audit controls

Impact of audit requirements

Identify assurance challenges of virtualization and cloud

Types of audit reports

Restrictions of audit scope statements

Gap analysis

Audit planning

Internal information security management system

Internal information security controls system

Policies

Identification and involvement of relevant stakeholders

Specialized compliance requirements for highly regulated industries

Impact of distributed information technology model

6.4 Understand implications of cloud to enterprise risk management

Assess providers risk management programs

Difference between data owner/controller vs. data custodian/processor

Regulatory transparency requirements , General Data Protection Regulation

Risk treatment

Different risk frameworks

Metrics for risk management

Assessment of risk environment

6.5 Understand outsourcing and cloud contract design

Business requirements , master service agreement, statement of work

Vendor management

Contract management

Supply chain management

Meta Material 0 Preparation for all topics

Welcome

Mindmaps

Notecards Activity

Readings

Cloud lab or NOT Choose a Cloud Management Platform

Cloud+, CCSK, CCSP

CCSP Exam Overview

Core Cloud Concepts

Core Cloud Concepts Introduction

Storage, Networking, CPU, RAM

Metal Enterprise computing before cloud

Virtualization of everything but not cloud yet

Concepts reference architecture

Vendor component names

From Containers to Serverless

Architecture

Governance

Data security

Data security Introduction

Data storage architectures

Security technologies and strategies

Data discovery

Information rights management

Data retention

Auditability

Platform and infrastructure security

Platform and infrastructure security Introduction

Infrastructure and platform components

Risks of infrastructure and platform

Infrastructure and platform security controls

Business Continuity and Disaster Recovery

Application security

Application security Introduction

Training and awareness for application security

Secure software development life cycle SDLC process

Software assurance and validation

Verify secure software

Application architecture

Identity and Access Management

Operations security

Operations security Introduction

Build and implement infrastructure

Operate and maintain infrastructure

Digital forensics

Manage security operations

Legal, risk, compliance, audit

Legal, risk, compliance, audit Introduction

Legal requirements unique to cloud

Privacy issues

Audit process methodologies

Cloud enterprise risk management

Cloud Security Alliance Security as a Service

Security as a Service Introduction

Identity and Access Management

Data Loss Prevention

Web Security

Email Security

Security Assessments

Intrusion Management

Security Information and Event Management

Encryption

BCP and DR

Network Security

Start your Free Trial

Self paced

Go to the Course
We have partnered with providers to bring you collection of courses, When you buy through links on our site, we may earn an affiliate commission from provider.