(ISC)2 Certified Cloud Security Professional (CCSP)

(CCSP.AE2) / ISBN : 978-1-64459-407-0
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Get A Free Trial

About This Course

Skills You’ll Get

1

Introduction

  • CCSP Certification
  • Taking the CCSP Exam
  • Computer-Based Testing Environment
  • Exam Retake Policy
  • Work Experience Requirement
  • Recertification Requirements
  • What Does This Course Cover?
  • CCSP Exam Objectives
  • CCSP Certification Exam Objective Map
2

Architectural Concepts

  • Cloud Characteristics
  • Business Requirements
  • Cloud Computing Service Categories
  • Cloud Deployment Models
  • Multitenancy
  • Cloud Computing Roles and Responsibilities
  • Cloud Computing Reference Architecture
  • Virtualization
  • Cloud Shared Considerations
  • Emerging Technologies
  • Summary
  • Exam Essentials
3

Data Classification

  • Data Inventory and Discovery
  • Information Rights Management
  • Data Control
  • Summary
  • Exam Essentials
4

Cloud Data Security

  • Cloud Data Lifecycle
  • Cloud Storage Architectures
  • Threats to Cloud Storage
  • Designing and Applying Security Strategies for Storage
  • Summary
  • Exam Essentials
5

Security in the Cloud

  • Shared Cloud Platform Risks and Responsibilities
  • Cloud Computing Risks by Deployment Model
  • Cloud Computing Risks by Service Model
  • Virtualization
  • Disaster Recovery (DR) and Business Continuity (BC)
  • Cloud Design Patterns
  • Summary
  • Exam Essentials
6

Cloud Platform, Infrastructure, and Operational Security

  • Foundations of Managed Services
  • Shared Responsibilities by Service Type
  • Securing Communications and Infrastructure
  • Securing Hardware and Compute
  • Securing Software
  • Managing Virtual Systems
  • Assessing Vulnerabilities
  • Securing the Management Plane
  • Auditing Your Environment and Provider
  • Summary
  • Exam Essentials
7

Cloud Application Security

  • Developing Software for the Cloud
  • Cloud Application Architecture
  • Cloud-Secure Software Development Lifecycle (SDLC)
  • Cloud Application Assurance and Validation
  • Identity and Access Management
  • Summary
  • Exam Essentials
8

Operations Elements

  • Designing a Secure Data Center
  • Managing Security Operations
  • Summary
  • Exam Essentials
9

Operations Management

  • Monitoring, Capacity, and Maintenance
  • Change and Configuration Management
  • Problem and Incident Management
  • IT Service Management and Continual Service Improvement
  • Business Continuity and Disaster Recovery
  • Summary
  • Exam Essentials
10

Legal and Compliance Issues

  • Legal Requirements and Unique Risks in the Cloud Environment
  • Analyzing a Law
  • Legal Liability
  • Torts and Negligence
  • U.S. Privacy and Security Laws
  • International Laws
  • Laws, Regulations, and Standards
  • Information Security Management Systems
  • Privacy in the Cloud
  • Cloud Forensics
  • Audit Processes, Methodologies, and Cloud Adaptations
  • Summary
  • Exam Essentials
11

Cloud Vendor Management

  • The Impact of Diverse Geographical Locations and Legal Jurisdictions
  • Security Policy Framework
  • Enterprise Risk Management
  • Risk Treatment and Response
  • Risk Analysis
  • Cloud Contract Design
  • Government Cloud Standards
  • Manage Communication with Relevant Parties
  • Summary
  • Exam Essentials

1

Architectural Concepts

  • Creating a Virtual Machine
2

Data Classification

  • Displaying Metadata Information
  • Capturing Network Traffic
3

Cloud Data Security

  • Taking an Incremental Backup
  • Taking a Full Backup
  • Creating an Amazon S3 Glacier Vault
  • Observing an MD5-Generated Hash Value
  • Observing an SHA256-Generated Hash Value
  • Creating a CloudWatch Dashboard and Adding a Metric to it
4

Security in the Cloud

  • Performing a MITM Attack
  • Using Social Engineering Techniques to Plan an Attack
5

Cloud Platform, Infrastructure, and Operational Security

  • Configuring a Firewall for Inbound Rules
  • Setting up a Honeypot on Kali Linux
  • Enabling an Access Control List
  • Creating a VPC
  • Creating a Network ACL
  • Configuring Outbound Rules for a Firewall
  • Creating an Elastic Load Balancer
  • Creating a NAT Gateway
6

Cloud Application Security

  • Configuring a Proxy Server
  • Conducting IP Spoofing
  • Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Attacking a Website Using Cross-Site Scripting (XSS) Injection
7

Legal and Compliance Issues

  • Completing the Chain of Custody
8

Cloud Vendor Management

  • Simulating the DDoS Attack
scroll to top