Читать книгу (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests - Sean Murphy, Ben Malisow - Страница 12

In addition to this book, I recommend the CCSP (ISC)² Certified Cloud Security Professional Official Study Guide, Second Edition, also from Wiley (2019). There is, as stated in this introduction, no magic formula for passing the exam. No single particular book or source with all the answers to the exam exists. If someone claims to be able to provide you with such a product, realize that they are mistaken or, worse, misleading you.

However, you can augment your studying by reviewing a significant portion of the likely sources used by the professionals who created the test. The following is a just a sampling of the possible professional resources the cloud practitioner should be familiar with:

 The Cloud Security Alliance’s Notorious Ninehttps://downloads.cloudsecurityalliance.org/initiatives/top_threats/ The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

 The OWASP’s Top 10www.owasp.org/index.php/Top_10_2013-Top_10

 The OWASP’s XSS (Cross-Site Scripting) Prevention Cheat Sheetwww.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

 The OWASP’s Testing Guide (v4)www.owasp.org/images/1/19/OTGv4.pdf

 NIST SP 500-292, NIST Cloud Computing Reference Architecturehttp://ws680.nist.gov/publication/get_pdf.cfm?pub_id=909505

 The CSA’s Security Guidance v4.0:https://cloudsecurityalliance.org/research/guidance

 ENISA’s Cloud Computing Risk Assessment:www.enisa.europa.eu/publications/cloud-computing-risk-assessment

 The Uptime Institute’s Tier Standard: Topology and Tier Standard: Operational Sustainability (the linked page includes download options for the documents)https://uptimeinstitute.com/publications