Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
CCSP (ISC)2 Certified Cloud Security Professional Exam Guide

You're reading from   CCSP (ISC)2 Certified Cloud Security Professional Exam Guide Build your knowledge to pass the CCSP exam with expert guidance

Arrow left icon
Product type Paperback
Published in Jun 2024
Publisher Packt
ISBN-13 9781838987664
Length 560 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Omar A. Turner Omar A. Turner
Author Profile Icon Omar A. Turner
Omar A. Turner
Ms. Navya Lakshmana Ms. Navya Lakshmana
Author Profile Icon Ms. Navya Lakshmana
Ms. Navya Lakshmana
Arrow right icon
View More author details
Toc

Table of Contents (27) Chapters Close

Preface 1. Chapter 1: Core Cloud Concepts 2. Chapter 2: Cloud Reference Architecture FREE CHAPTER 3. Chapter 3: Top Threats and Essential Cloud Security Concepts and Controls 4. Chapter 4: Design Principles for Secure Cloud Computing 5. Chapter 5: How to Evaluate Your Cloud Service Provider 6. Chapter 6: Cloud Data Security Concepts and Architectures 7. Chapter 7: Data Governance Essentials 8. Chapter 8: Essential Infrastructure and Platform Components for a Secure Data Center 9. Chapter 9: Analyzing Risks 10. Chapter 10: Security Control Implementation 11. Chapter 11: Planning for the Worst-Case Scenario – Business Continuity and Disaster Recovery 12. Chapter 12: Application Security 13. Chapter 13: Secure Software Development Life Cycle 14. Chapter 14: Assurance, Validation, and Verification in Security 15. Chapter 15: Application-Centric Cloud Architecture 16. Chapter 16: IAM Design 17. Chapter 17: Cloud Physical and Logical Infrastructure (Operationalization and Maintenance) 18. Chapter 18: International Operational Controls and Standards 19. Chapter 19: Digital Forensics 20. Chapter 20: Managing Communications 21. Chapter 21: Security Operations Center Management 22. Chapter 22: Legal Challenges and the Cloud 23. Chapter 23: Privacy and the Cloud 24. Chapter 24: Cloud Audit Processes and Methodologies 25. Chapter 25: Accessing the Online Practice Resources 26. Other Books You May Enjoy

Summary

In this chapter, you grasped the methodologies that enable writing secure code, which is essential to how modern cloud-native applications are written. You came to know the phases of the SDLC and elements of the STRIDE threat model from an exam’s perspective. You also learned that to design software code that is largely free of security flaws, it is essential to adopt a comprehensive strategy that includes the following:

  • Adopting the SSDLC and threat modeling techniques, such as PASTA or STRIDE, to identify and mitigate potential security issues throughout the development process.
  • Using the DevSecOps approach to ensure that security is an inherent component of the software development process—from development to deployment—by integrating security considerations into the CI/CD pipeline.
  • Implementing access control and encryption to safeguard critical pipeline data, such as access keys and passwords.
  • Using secrets management to store,...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime