O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide

Book Description

The only official study guide for the new CCSP exam

CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP is the latest credential from (ISC)2 and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.

  • Review 100% of all CCSP exam objectives
  • Practice applying essential concepts and skills
  • Access the industry-leading online study tool set
  • Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.

Table of Contents

  1. Acknowledgments
  2. About the Authors
  3. About the Technical Editors
  4. Introduction
    1. Overview of the CCSP Exam
    2. Notes on This Book’s Organization
    3. What Is Included with the Additional Study Tools
  5. Assessment Test
    1. Answers to Assessment Test
  6. Chapter 1 Architectural Concepts
    1. Business Requirements
    2. Cloud Evolution, Vernacular, and Definitions
    3. Cloud Computing Roles and Responsibilities
    4. Cloud Computing Definitions
    5. Foundational Concepts of Cloud Computing
    6. Summary
    7. Exam Essentials
    8. Written Labs
    9. Review Questions
  7. Chapter 2 Design Requirements
    1. Business Requirements Analysis
    2. Boundaries of Cloud Models
    3. Design Principles for Protecting Sensitive Data
    4. Summary
    5. Exam Essentials
    6. Written Labs
    7. Review Questions
  8. Chapter 3 Data Classification
    1. Data Inventory and Discovery
    2. Jurisdictional Requirements
    3. Data Rights Management
    4. Data Control
    5. Summary
    6. Exam Essentials
    7. Written Labs
    8. Review Questions
  9. Chapter 4 Cloud Data Security
    1. Cloud Data Life Cycle
    2. Cloud Storage Architectures
    3. Cloud Data Security Foundational Strategies
    4. Summary
    5. Exam Essentials
    6. Written Labs
    7. Review Questions
  10. Chapter 5 Security in the Cloud
    1. Shared Cloud Platform Risks and Responsibilities
    2. Cloud Computing Risks by Deployment and Service Model
    3. Virtualization
    4. Cloud Attack Surface
    5. Disaster Recovery (DR) and Business Continuity Management (BCM)
    6. Summary
    7. Exam Essentials
    8. Written Labs
    9. Review Questions
  11. Chapter 6 Responsibilities in the Cloud
    1. Foundations of Managed Services
    2. Business Requirements
    3. Shared Responsibilities by Service Type
    4. Shared Administration of OS, Middleware, or Applications
    5. Share Responsibilities: Data Access
    6. Lack of Physical Access
    7. Summary
    8. Exam Essentials
    9. Written Labs
    10. Review Questions
  12. Chapter 7 Cloud Application Security
    1. Training and Awareness
    2. Cloud-Secure Software Development Life Cycle (SDLC)
    3. ISO/IEC 27034-1 Standards for Secure Application Development
    4. Identity and Access Management (IAM)
    5. Cloud Application Architecture
    6. Cloud Application Assurance and Validation
    7. Summary
    8. Exam Essentials
    9. Written Labs
    10. Review Questions
  13. Chapter 8 Operations Elements
    1. Physical/Logical Operations
    2. Security Training and Awareness
    3. Basic Operational Application Security
    4. Summary
    5. Exam Essentials
    6. Written Labs
    7. Review Questions
  14. Chapter 9 Operations Management
    1. Monitoring, Capacity, and Maintenance
    2. Change and Configuration Management (CM)
    3. Business Continuity and Disaster Recovery (BC/DR)
    4. Summary
    5. Exam Essentials
    6. Written Labs
    7. Review Questions
  15. Chapter 10 Legal and Compliance Part 1
    1. Legal Requirements and Unique Risks in the Cloud Environment
    2. Potential Personal and Data Privacy Issues in the Cloud Environment
    3. Audit Processes, Methodologies, and Cloud Adaptations
    4. Summary
    5. Exam Essentials
    6. Written Labs
    7. Review Questions
  16. Chapter 11 Legal and Compliance Part 2
    1. The Impact of Diverse Geographical Locations and Legal Jurisdictions
    2. Business Requirements
    3. Cloud Contract Design and Management for Outsourcing
    4. Identifying Appropriate Supply Chain and Vendor Management Processes
    5. Summary
    6. Exam Essentials
    7. Written Labs
    8. Review Questions
  17. Appendix A Answers to the Review Questions
    1. Chapter 1: Architectural Concepts
    2. Chapter 2: Design Requirements
    3. Chapter 3: Data Classification
    4. Chapter 4: Cloud Data Security
    5. Chapter 5: Security in the Cloud
    6. Chapter 6: Responsibilities in the Cloud
    7. Chapter 7: Cloud Application Security
    8. Chapter 8: Operations Elements
    9. Chapter 9: Operations Management
    10. Chapter 10: Legal and Compliance Part 1
    11. Chapter 11: Legal and Compliance Part 2
  18. Appendix B Answers to the Written Labs
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
  19. Eula