The Official (ISC)2 CCSP CBK Reference, 3rd Edition

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Book description

The only official body of knowledge for CCSP—the most popular cloud security credential—fully revised and updated.

Certified Cloud Security Professional (CCSP) certification validates the advanced technical skills needed to design, manage, and secure data, applications, and infrastructure in the cloud. This highly sought-after global credential has been updated with revised objectives. The new third edition of The Official (ISC)2 Guide to the CCSP CBK is the authoritative, vendor-neutral common body of knowledge for cloud security professionals.

This comprehensive resource provides cloud security professionals with an indispensable working reference to each of the six CCSP domains: Cloud Concepts, Architecture, and Design; Cloud Data Security; Cloud Platform and Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk, and Compliance. Detailed, in-depth chapters contain the accurate information required to prepare for and achieve CCSP certification. Every essential area of cloud security is covered, including implementation, architecture, operations, controls, and immediate and long-term responses.

Developed by (ISC)2, the world leader in professional cybersecurity certification and training, this indispensable guide:

• Covers the six CCSP domains and over 150 detailed objectives
• Provides guidance on real-world best practices and techniques
• Includes illustrated examples, tables, diagrams and sample questions

The Official (ISC)2 Guide to the CCSP CBK is a vital ongoing resource for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration.

Table of contents

1. Cover
2. Title Page
3. Copyright
4. Acknowledgments
5. About the Authors
6. About the Technical Editor
7. Foreword to the Third Edition
8. Introduction
9. Domain 1: Cloud Concepts, Architecture, and Design
   1. UNDERSTAND CLOUD COMPUTING CONCEPTS
   2. DESCRIBE CLOUD REFERENCE ARCHITECTURE
   3. UNDERSTAND SECURITY CONCEPTS RELEVANT TO CLOUD COMPUTING
   4. UNDERSTAND DESIGN PRINCIPLES OF SECURE CLOUD COMPUTING
   5. EVALUATE CLOUD SERVICE PROVIDERS
   1. DESCRIBE CLOUD DATA CONCEPTS
   2. DESIGN AND IMPLEMENT CLOUD DATA STORAGE ARCHITECTURES
   3. DESIGN AND APPLY DATA SECURITY TECHNOLOGIES AND STRATEGIES
   4. IMPLEMENT DATA DISCOVERY
   5. IMPLEMENT DATA CLASSIFICATION
   6. DESIGN AND IMPLEMENT INFORMATION RIGHTS MANAGEMENT
   7. PLAN AND IMPLEMENT DATA RETENTION, DELETION, AND ARCHIVING POLICIES
   8. DESIGN AND IMPLEMENT AUDITABILITY, TRACEABILITY, AND ACCOUNTABILITY OF DATA EVENTS
   9. SUMMARY
   1. COMPREHEND CLOUD INFRASTRUCTURE COMPONENTS
   2. DESIGN A SECURE DATA CENTER
   3. ANALYZE RISKS ASSOCIATED WITH CLOUD INFRASTRUCTURE
   4. DESIGN AND PLAN SECURITY CONTROLS
   5. PLAN DISASTER RECOVERY AND BUSINESS CONTINUITY
   6. SUMMARY
   1. ADVOCATE TRAINING AND AWARENESS FOR APPLICATION SECURITY
   2. DESCRIBE THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE PROCESS
   3. APPLY THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE
   4. APPLY CLOUD SOFTWARE ASSURANCE AND VALIDATION
   5. USE VERIFIED SECURE SOFTWARE
   6. COMPREHEND THE SPECIFICS OF CLOUD APPLICATION ARCHITECTURE
   7. DESIGN APPROPRIATE IDENTITY AND ACCESS MANAGEMENT SOLUTIONS
   8. SUMMARY
   1. IMPLEMENT AND BUILD PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT
   2. OPERATE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT
   3. MANAGE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT
   4. IMPLEMENT OPERATIONAL CONTROLS AND STANDARDS
   5. SUPPORT DIGITAL FORENSICS
   6. MANAGE COMMUNICATION WITH RELEVANT PARTIES
   7. MANAGE SECURITY OPERATIONS
   8. SUMMARY
   1. ARTICULATING LEGAL REQUIREMENTS AND UNIQUE RISKS WITHIN THE CLOUD ENVIRONMENT
   2. UNDERSTANDING PRIVACY ISSUES
   3. UNDERSTANDING AUDIT PROCESS, METHODOLOGIES, AND REQUIRED ADAPTATIONS FOR A CLOUD ENVIRONMENT
   4. UNDERSTAND IMPLICATIONS OF CLOUD TO ENTERPRISE RISK MANAGEMENT
   5. UNDERSTANDING OUTSOURCING AND CLOUD CONTRACT DESIGN
   6. SUMMARY
   Show and hide more

   Product information

   • Title: The Official (ISC)2 CCSP CBK Reference, 3rd Edition
   • Author(s): Leslie Fife, Aaron Kraus, Bryan Lewis
   • Release date: July 2021
   • Publisher(s): Sybex
   • ISBN: 9781119603436

   You might also like

   Check it out now on O’Reilly

   Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.