Certified Cloud Security Professional (CCSP)

Certified Cloud Security Professional (CCSP)

by Michael J. Shannon
Released May 2023
Publisher(s): Cisco Press
ISBN: 0138170622

Watch it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

11 hours of video instruction to learn everything you need to know about the Certified Cloud Security Professional (CCSP) certification exam.

Overview

Certified Cloud Security Professional (CCSP) Complete Video Course provides 11 hours of comprehensive video that teaches you the six domains covered on the ISC(2) CCSP exam. ISC(2) established the Certified Cloud Security Professional (CCSP) credential to provide a path for cloud security professionals to display mastery of the necessary knowledge, skills, and abilities in cloud security design, implementation, architecture, management, controls, and compliance with regulatory frameworks. This professional competency is compared to a globally recognized CCSP Common Body of Knowledge (CBK) to ensure relevancy across all disciplines in the field of cloud security.

This video course covers every objective in the CCSP certification exam so you can use it as a complete study tool to prepare for and pass the test, including the updates in the latest exam release, along with the knowledge and skills you need to advance your cybersecurity career.

About the Instructor

Michael J. Shannon began his IT career when he transitioned from recording studio engineer to network technician for a major telecommunications company in the early 1990s. He soon began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. Throughout his 30 years in IT he has worked as an employee, contractor, and consultant for numerous companies, including Platinum Technologies, Fujitsu, IBM, State Farm, MindSharp, CBT Nuggets, Pearson, and Skillsoft. His hobbies are producing and publishing music, collecting vinyl records, and playing golf. He resides in San Angelo, Texas, with his wife.

Topics include

  • Cloud concepts, architecture and design
  • Cloud data security
  • Cloud platform and infrastructure security
  • Cloud application security
  • Cloud security operations
  • Legal, risk and compliance

Skill Level

Advanced

What You Will Learn

  • Manage the security of an on-premises private cloud
  • Supervise the security of a cloud provider SOC
  • Pass the (ISC)2 Certified Cloud Security Professional exam

Who Should Take This Course

The target audience for this course consists of systems/network/application security professionals who are preparing for the CCSP exam. A secondary audience consists of any IT professional who wants a deeper knowledge of cloud security.

Course Requirements

There are no prerequisites for this course, although fundamental networking knowledge is recommended.

About LiveLessons Video Training

The LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons on InformIT at http://www.informit.com/livelessons.

Table of contents

  1. Introduction
    1. Certified Cloud Security Professional (CCSP): Introduction
  2. Module 1: Cloud Concepts, Architecture, and Design
    1. Module introduction
  3. Lesson 1: Concepts and Architectures of Cloud Computing
    1. Learning objectives
    2. 1.1 Key Cloud Computing Definitions
    3. 1.2 Roles and Responsibilities in Cloud Computing
    4. 1.3 Core Cloud Computing Characteristics
    5. 1.4 Cloud Building Block Technologies
    6. 1.5 Cloud Computing Activities and Capabilities
    7. 1.6 Categories of Cloud Services
    8. 1.7 Cloud Deployment Models
    9. 1.8 Shared Considerations for the Cloud
    10. 1.9 Impact of Cloud and Related Technologies
  4. Lesson 2: Cloud Security Concepts and Design Principles
    1. Learning objectives
    2. 2.1 Cryptography and Key Management
    3. 2.2 Identity and Access Control
    4. 2.3 Network and Virtualization Security
    5. 2.4 Common Cloud Threats
    6. 2.5 Cloud Security Hygiene
    7. 2.6 Cloud Business Continuity and Disaster Recovery
    8. 2.7 Functional Security Requirements in the Cloud
    9. 2.8 Security Considerations for Cloud Service Types
    10. 2.9 Cloud Design Patterns
    11. 2.10 DevOps Security
  5. Module 2: Cloud Data Security
    1. Module introduction
  6. Lesson 3: The Cloud Data Lifecycle
    1. Learning objectives
    2. 3.1 Phase 1: Create
    3. 3.2 Phase 2: Store
    4. 3.3 Phase 3: Use
    5. 3.4 Phase 4: Share
    6. 3.5 Phase 5: Archive
    7. 3.6 Phase 6: Destroy
    8. 3.7 Cloud Data Flows
  7. Lesson 4: Cloud Data Security
    1. Learning objectives
    2. 4.1 Concepts of Cloud Data Security
    3. 4.2 Data Obfuscation
    4. 4.3 Information Rights Management
    5. 4.4 Keys, Secrets, and Certificate Management
    6. 4.5 Data Discovery
    7. 4.6 Data Classification and Policy
    8. 4.7 Auditability, Traceability, and Accountability
  8. Lesson 4: Cloud Data Security
    1. Module introduction
  9. Lesson 5: Cloud Infrastructure and Platform Components
    1. Learning objectives
    2. 5.1 Physical Cloud Environments
    3. 5.2 Network Cloud Environments
    4. 5.3 Cloud Communications
    5. 5.4 Core Cloud Compute Resources
    6. 5.5 Cloud Virtualization Resources
    7. 5.6 Core Cloud Storage Components
    8. 5.7 Management Plane Cloud Solutions
  10. Lesson 6: Data Center Design and Risk Analysis
    1. Learning objectives
    2. 6.1 Secure Data Center Logical Design
    3. 6.2 Physical Data Center Design
    4. 6.3 Data Center Environmental Design
    5. 6.4 Design Resilient Environments
    6. 6.5 Cloud Infrastructure Risk Assessment
    7. 6.6 Cloud Vulnerabilities, Threats, and Attacks
    8. 6.7 Cloud Infrastructure Risk Mitigation Strategies
  11. Lesson 7: Cloud Business Continuity Planning
    1. Learning objectives
    2. 7.1 Business Continuity Planning
    3. 7.2 Business Impact Analysis
    4. 7.3 Backup and Restore Policies
    5. 7.4 Disaster Recovery Planning
    6. 7.5 Disaster Recovery Plan Testing Strategies
  12. Module 4: Cloud Application Security
    1. Module introduction
  13. Lesson 8: Application Security Awareness and Life Cycles
    1. Learning objectives
    2. 8.1 Cloud Application Architecture Elements
    3. 8.2 Cloud Development
    4. 8.3 SDLC Business Requirements and Phases
    5. 8.4 Common Software Vulnerabilities
    6. 8.5 Software Threat Modeling Methods
    7. 8.6 Secure Coding Methodologies
    8. 8.7 Software Configuration Management and Versioning
  14. Lesson 9: Software Assurance and Validation
    1. Learning objectives
    2. 9.1 Functional vs. Non-functional Testing
    3. 9.2 Security Testing Methodologies
    4. 9.3 Abuse Case Testing
    5. 9.4 OWASP API Security
    6. 9.5 Supply Chain Management
    7. 9.6 Third-party Software Management
  15. Lesson 10: Identity and Access Management Solutions
    1. Learning objectives
    2. 10.1 Cloud IAM Services
    3. 10.2 Federated Identity
    4. 10.3 Identity Providers
    5. 10.4 Single Sign-on
    6. 10.5 Multi-factor Authentication
    7. 10.6 Cloud Access Security Brokers
    8. 10.7 Managed Security Service Providers
  16. Module 5: Cloud Security Operations
    1. Module introduction
  17. Lesson 11: Build and Implement a Physical and Logical Cloud Infrastructure
    1. Learning objectives
    2. 11.1 Hardware-specific Security Configuration
    3. 11.2 Installation and Configuration of Management Tools
    4. 11.3 SDS and Securing Storage Area Networks
    5. 11.4 Installation of Guest OS Virtualization Tools
    6. 11.5 Secure Network Configuration
    7. 11.6 Network Security Controls
    8. 11.7 Operating System Hardening
    9. 11.8 Patch Management and Infrastructure as Code (IaC)
    10. 11.9 Clustered Host Availability
    11. 11.10 Performance and Capacity Monitoring
  18. Lesson 12: Operational Controls and Standards
    1. Learning objectives
    2. 12.1 Configuration and Change Management
    3. 12.2 Continuity Management
    4. 12.3 Information Security Management
    5. 12.4 Service Level Management
    6. 12.5 Incident and Problem Management
    7. 12.6 Release and Deployment Management
    8. 12.7 Availability Management
    9. 12.8 Capacity Management
    10. 12.9 Security Operations Centers (SOC)
    11. 12.10 Intelligent Security Control Monitoring
    12. 12.11 Vulnerability Assessment
  19. Module 6: Legal, Risk, and Compliance
    1. Module introduction
  20. Lesson 13: Legal Requirements, Privacy Issues, and Risk Management in the Cloud
    1. Learning objectives
    2. 13.1 Conflicting International Legislation
    3. 13.2 eDiscovery and Forensics
    4. 13.3 Issues with PHI and PII in the Cloud
    5. 13.4 Standard Privacy Requirements
    6. 13.5 Privacy Impact Assessments (PIAs)
    7. 13.6 Risk Treatment
    8. 13.7 Provider Risk Assessment Programs
    9. 13.8 Regulatory Transparency Requirements
  21. Lesson 14: Cloud Audits, Methodologies, and Contracts
    1. Learning objectives
    2. 14.1 Audit Controls, Reports, and Their Impact
    3. 14.2 Gap Analysis and Internal InfoSec Management Systems
    4. 14.3 Policies and Stakeholder Involvement
    5. 14.4 Specialized Compliance Requirements
    6. 14.5 The Impact of Distributed IT
    7. 14.6 Business Agreement Requirements
    8. 14.7 Supply Chain Management
  22. Summary
    1. Certified Cloud Security Professional (CCSP): Summary

Product information

  • Title: Certified Cloud Security Professional (CCSP)
  • Author(s): Michael J. Shannon
  • Release date: May 2023
  • Publisher(s): Cisco Press
  • ISBN: 0138170622