Читать книгу The Official (ISC)2 CCSP CBK Reference - Leslie Fife, Aaron Kraus - Страница 2

Оглавление

Table of Contents

Cover

Title Page

Copyright

Acknowledgments

About the Authors

About the Technical Editor

Foreword to the Third Edition

Introduction

Domain 1: Cloud Concepts, Architecture, and Design UNDERSTAND CLOUD COMPUTING CONCEPTS DESCRIBE CLOUD REFERENCE ARCHITECTURE UNDERSTAND SECURITY CONCEPTS RELEVANT TO CLOUD COMPUTING UNDERSTAND DESIGN PRINCIPLES OF SECURE CLOUD COMPUTING EVALUATE CLOUD SERVICE PROVIDERS

10  Domain 2: Cloud Data Security DESCRIBE CLOUD DATA CONCEPTS DESIGN AND IMPLEMENT CLOUD DATA STORAGE ARCHITECTURES DESIGN AND APPLY DATA SECURITY TECHNOLOGIES AND STRATEGIES IMPLEMENT DATA DISCOVERY IMPLEMENT DATA CLASSIFICATION DESIGN AND IMPLEMENT INFORMATION RIGHTS MANAGEMENT PLAN AND IMPLEMENT DATA RETENTION, DELETION, AND ARCHIVING POLICIES DESIGN AND IMPLEMENT AUDITABILITY, TRACEABILITY, AND ACCOUNTABILITY OF DATA EVENTS SUMMARY

11  Domain 3: Cloud Platform and Infrastructure Security COMPREHEND CLOUD INFRASTRUCTURE COMPONENTS DESIGN A SECURE DATA CENTER ANALYZE RISKS ASSOCIATED WITH CLOUD INFRASTRUCTURE DESIGN AND PLAN SECURITY CONTROLS PLAN DISASTER RECOVERY AND BUSINESS CONTINUITY SUMMARY

12  Domain 4: Cloud Application Security ADVOCATE TRAINING AND AWARENESS FOR APPLICATION SECURITY DESCRIBE THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE PROCESS APPLY THE SECURE SOFTWARE DEVELOPMENT LIFECYCLE APPLY CLOUD SOFTWARE ASSURANCE AND VALIDATION USE VERIFIED SECURE SOFTWARE COMPREHEND THE SPECIFICS OF CLOUD APPLICATION ARCHITECTURE DESIGN APPROPRIATE IDENTITY AND ACCESS MANAGEMENT SOLUTIONS SUMMARY

13  Domain 5: Cloud Security Operations IMPLEMENT AND BUILD PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT OPERATE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT MANAGE PHYSICAL AND LOGICAL INFRASTRUCTURE FOR CLOUD ENVIRONMENT IMPLEMENT OPERATIONAL CONTROLS AND STANDARDS SUPPORT DIGITAL FORENSICS MANAGE COMMUNICATION WITH RELEVANT PARTIES MANAGE SECURITY OPERATIONS SUMMARY

14  Domain 6: Legal, Risk, and Compliance ARTICULATING LEGAL REQUIREMENTS AND UNIQUE RISKS WITHIN THE CLOUD ENVIRONMENT UNDERSTANDING PRIVACY ISSUES UNDERSTANDING AUDIT PROCESS, METHODOLOGIES, AND REQUIRED ADAPTATIONS FOR A CLOUD ENVIRONMENT UNDERSTAND IMPLICATIONS OF CLOUD TO ENTERPRISE RISK MANAGEMENT UNDERSTANDING OUTSOURCING AND CLOUD CONTRACT DESIGN SUMMARY

15  Index

16  End User License Agreement

List of Tables

1 Chapter 4TABLE 4.1 The STRIDE Model

2 Chapter 5TABLE 5.1 Cloud Shared Responsibility Model

3 Chapter 6TABLE 6.1 Types of Regulated DataTABLE 6.2 AICPA Service Organization Control Reports

List of Illustrations

1 Chapter 2FIGURE 2.1 The secure data lifecycle

2 Chapter 5FIGURE 5.1 NIST incident response lifecycle phases

3 Chapter 6FIGURE 6.1 Four phases of an auditFIGURE 6.2 NIST 800-37 rev 2 Risk Management FrameworkFIGURE 6.3 Risk registerFIGURE 6.4 CSA CCSM online tool

Guide

Cover

2 Table of Contents

Begin Reading

Pages

iii

iv

v

vii

viii

ix

xxi

xxii

xxiii

10  xxiv

11  xxv

12  xxvi

13  xxvii

14  1

15  2

16  3

17  4

18  5

19  6

20  7

21  8

22  9

23  10

24  11

25  12

26 13

27  14

28  15

29  16

30  17

31  18

32  19

33  20

34  21

35  22

36  23

37  24

38  25

39  26

40  27

41  28

42  29

43  30

44  31

45  32

46  33

47  34

48  35

49  36

50  37

51  38

52  39

53  40

54  41

55  43

56  44

57 45

58 46

59 47

60  48

61 49

62  50

63  51

64 52

65  53

66  54

67 55

68  56

69  57

70  58

71 59

72  60

73 61

74  62

75 63

76 64

77  65

78 66

79  67

80  68

81 69

82  70

83 71

84  72

85 73

86  74

87  75

88  76

89 77

90  78

91  79

92  80

93  81

94 82

95 83

96  84

97  85

98  87

99  88

100  89

101  90

102  91

103  92

104  93

105  94

106  95

107  96

108  97

109  98

110  99

111  100

112  101

113  102

114  103

115 104

116  105

117  106

118  107

119  108

120  109

121  110

122  111

123  112

124  113

125  114

126  115

127  116

128  117

129  118

130  119

131  120

132  121

133  122

134  123

135 124

136  125

137  126

138  127

139 128

140  129

141  130

142 131

143 132

144  133

145  134

146  135

147  136

148  137

149  138

150  139

151  140

152  141

153  142

154  143

155  145

156  146

157 147

158  148

159 149

160 150

161  151

162  152

163  153

164  154

165  155

166  156

167 157

168  158

169  159

170  160

171  161

172 162

173  163

174  164

175  165

176 166

177  167

178 168

179 169

180 170

181 171

182 172

183 173

184 174

185 175

186  176

187 177

188  178

189  179

190  180

191  181

192 182

193 183

194  184

195 185

196  186

197 187

198  188

199  189

200  190

201  191

202  192

203  193

204  194

205  195

206  196

207  197

208  198

209 199

210  200

211  201

212  202

213 203

214 204

215  205

216  206

217 207

218 208

219  209

220 210

221  211

222 212

223 213

224 214

225  215

226  216

227  217

228 218

229  219

230  220

231 221

232  222

233 223

234 224

235  225

236 226

237  227

238  228

239  229

240  230

241 231

242 232

243  233

244  234

245  235

246  236

247  237

248  238

249  239

250  240

251  241

252 242

253  243

254  244

255  245

256 246

257  247

258  248

259 249

260 250

261  251

262  252

263  253

264 254

265  255

266 256

267 257

268 258

269  259

270 260

271  261

272  262

273  263

274  264

275  265

276  266

277  267

278  268

279  269

280  270

281  271

282 272

283 273

284  274

285  275

286  276

287  277

288  278

289 279

290 280

291  281

292  282

293  283

294 284

295 285

296 286

297 287

298 288

299 289

300 290

301 291

302  292

The Official (ISC)2 CCSP CBK Reference

Подняться наверх