Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
CCSP (ISC)2 Certified Cloud Security Professional Exam Guide

You're reading from   CCSP (ISC)2 Certified Cloud Security Professional Exam Guide Build your knowledge to pass the CCSP exam with expert guidance

Arrow left icon
Product type Paperback
Published in Jun 2024
Publisher Packt
ISBN-13 9781838987664
Length 560 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Omar A. Turner Omar A. Turner
Author Profile Icon Omar A. Turner
Omar A. Turner
Ms. Navya Lakshmana Ms. Navya Lakshmana
Author Profile Icon Ms. Navya Lakshmana
Ms. Navya Lakshmana
Arrow right icon
View More author details
Toc

Table of Contents (27) Chapters Close

Preface 1. Chapter 1: Core Cloud Concepts FREE CHAPTER 2. Chapter 2: Cloud Reference Architecture 3. Chapter 3: Top Threats and Essential Cloud Security Concepts and Controls 4. Chapter 4: Design Principles for Secure Cloud Computing 5. Chapter 5: How to Evaluate Your Cloud Service Provider 6. Chapter 6: Cloud Data Security Concepts and Architectures 7. Chapter 7: Data Governance Essentials 8. Chapter 8: Essential Infrastructure and Platform Components for a Secure Data Center 9. Chapter 9: Analyzing Risks 10. Chapter 10: Security Control Implementation 11. Chapter 11: Planning for the Worst-Case Scenario – Business Continuity and Disaster Recovery 12. Chapter 12: Application Security 13. Chapter 13: Secure Software Development Life Cycle 14. Chapter 14: Assurance, Validation, and Verification in Security 15. Chapter 15: Application-Centric Cloud Architecture 16. Chapter 16: IAM Design 17. Chapter 17: Cloud Physical and Logical Infrastructure (Operationalization and Maintenance) 18. Chapter 18: International Operational Controls and Standards 19. Chapter 19: Digital Forensics 20. Chapter 20: Managing Communications 21. Chapter 21: Security Operations Center Management 22. Chapter 22: Legal Challenges and the Cloud 23. Chapter 23: Privacy and the Cloud 24. Chapter 24: Cloud Audit Processes and Methodologies 25. Chapter 25: Accessing the Online Practice Resources 26. Other Books You May Enjoy

Key Cloud Computing Technologies and Building Blocks

Cloud computing technologies enable on-demand, scalable, and adaptable computing resources and services. These hardware, software, and networking components enable enterprises to upgrade their IT infrastructures, reduce costs, and quickly adjust according to changing business demands. The fundamental elements that comprise cloud computing technology are as follows:

  • Compute resources: Cloud computing relies on compute resources for the execution of applications, services, and workloads. These can be virtualized to provide multiple VMs or containers running on one physical server, providing efficient hardware usage and flexible resource allocation.
  • Storage resources: Storage resources are essential for storing and managing cloud-based data. They offer various storage solutions, such as block storage, file storage, and object storage, to meet various data types, access patterns, and performance demands. On-demand scalability of cloud storage capacity ensures cost-effective and efficient solutions.
  • Networking resources: Networking resources provide connectivity between cloud users and services, allowing communication between cloud components. These include virtual networks, routers, load balancers, and firewalls that ensure secure, dependable data transfer inside and across cloud environments.
  • Middleware and runtime: Middleware and runtime components provide the platform and environment required to deliver, manage, and execute cloud applications and services. This consists of application servers, databases, as well as other platform-level elements that facilitate the creation of applications based on various programming languages and frameworks.
  • Cloud management and orchestration: Management and orchestration technologies are essential for automating the management and control of cloud resources, services, and applications. They aid in the provisioning, monitoring, scalability, and optimization of these resources to ensure optimal resource allocation and use. Moreover, these solutions offer resource life cycle management – guaranteeing resources are available when needed and relinquished when no longer necessary – thus providing optimal resource life cycle management.
  • Security and privacy: Securing cloud-based data, applications, and infrastructure requires security and privacy components. To safeguard these resources from potential threats or vulnerabilities, they include encryption, identity and access management, intrusion detection systems, and secure data transmission methods.
  • Service models: Cloud computing offers three basic service models that define the customer’s control scope and level – IaaS, PaaS, and SaaS. Each model isolates different levels of the underlying infrastructure, allowing customers to focus on core business needs while taking advantage of cloud technology benefits.
  • Deployment models: Deployment models refer to how cloud resources are organized and made accessible to users. The public cloud, private cloud, hybrid cloud, and community cloud are the four primary deployment options. Each offers varying degrees of control, security, and scalability to meet the unique demands and expectations of organizations.
  • Billing and metering: Billing and metering components enable the tracking and reporting of cloud resource usage, enabling consumption-based pricing so that users only pay for what they use. This pay-as-you-go model offers a flexible yet cost-effective method to access and manage cloud resources.

Although this knowledge may appear basic, it is essential for CCSP candidates to comprehend the fundamental principles of cloud computing. To effectively secure cloud environments, they must possess an in-depth understanding of cloud technologies such as compute resources, storage resources, networking resources, middleware, and runtime, as well as service and deployment patterns. Having this understanding allows them to detect and address potential security risks or vulnerabilities within cloud infrastructures.

Candidates taking the CCSP exam must also be able to evaluate CSPs and suppliers to confirm whether their products meet organizational security and compliance requirements. An understanding of cloud computing building blocks and reference designs such as NIST SP 500-292 can assist in selecting and managing cloud services effectively.

You have been reading a chapter from
CCSP (ISC)2 Certified Cloud Security Professional Exam Guide
Published in: Jun 2024
Publisher: Packt
ISBN-13: 9781838987664
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image