Home > Computing and Information Technology > Computer certification > The Official (ISC)2 CCSP CBK Reference
49%
The Official (ISC)2 CCSP CBK Reference

The Official (ISC)2 CCSP CBK Reference

5       |  1 Reviews 
5
4
3
2
1

International Edition


Premium quality
Premium quality
Bookswagon upholds the quality by delivering untarnished books. Quality, services and satisfaction are everything for us!
Easy Return
Easy return
Not satisfied with this product! Keep it in original condition and packaging to avail easy return policy.
Certified product
Certified product
First impression is the last impression! Address the book’s certification page, ISBN, publisher’s name, copyright page and print quality.
Secure Checkout
Secure checkout
Security at its finest! Login, browse, purchase and pay, every step is safe and secured.
Money back guarantee
Money-back guarantee:
It’s all about customers! For any kind of bad experience with the product, get your actual amount back after returning the product.
On time delivery
On-time delivery
At your doorstep on time! Get this book delivered without any delay.
Quantity:
Add to Wishlist

About the Book

The only official body of knowledge for CCSP—the most popular cloud security credential—fully revised and updated. Certified Cloud Security Professional (CCSP) certification validates the advanced technical skills needed to design, manage, and secure data, applications, and infrastructure in the cloud. This highly sought-after global credential has been updated with revised objectives. The new third edition of The Official (ISC)2 Guide to the CCSP CBK is the authoritative, vendor-neutral common body of knowledge for cloud security professionals. This comprehensive resource provides cloud security professionals with an indispensable working reference to each of the six CCSP domains: Cloud Concepts, Architecture and Design; Cloud Data Security; Cloud Platform and Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk and Compliance. Detailed, in-depth chapters contain the accurate information required to prepare for and achieve CCSP certification. Every essential area of cloud security is covered, including implementation, architecture, operations, controls, and immediate and long-term responses. Developed by (ISC)2, the world leader in professional cybersecurity certification and training, this indispensable guide: Covers the six CCSP domains and over 150 detailed objectives Provides guidance on real-world best practices and techniques Includes illustrated examples, tables, and diagrams The Official (ISC)2 Guide to the CCSP CBK is a vital ongoing resource for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration.

Table of Contents:
Foreword to the Fourth Edition xxi Introduction xix Chapter 1 Cloud Concepts, Architecture, and Design 1 Understand Cloud Computing Concepts 2 Cloud Computing Definitions 2 Cloud Computing Roles and Responsibilities 3 Key Cloud Computing Characteristics 7 Building Block Technologies 11 Describe Cloud Reference Architecture 14 Cloud Computing Activities 14 Cloud Service Capabilities 15 Cloud Service Categories 17 Cloud Deployment Models 18 Cloud Shared Considerations 21 Impact of Related Technologies 27 Understand Security Concepts Relevant to Cloud Computing 33 Cryptography and Key Management 33 Identity and Access Control 34 Data and Media Sanitization 36 Network Security 37 Virtualization Security 39 Common Threats 41 Security Hygiene 41 Understand Design Principles of Secure Cloud Computing 43 Cloud Secure Data Lifecycle 43 Cloud- Based Business Continuity and Disaster Recovery Plan 44 Business Impact Analysis 45 Functional Security Requirements 46 Security Considerations for Different Cloud Categories 48 Cloud Design Patterns 49 DevOps Security 51 Evaluate Cloud Service Providers 51 Verification against Criteria 52 System/Subsystem Product Certifications 54 Summary 56 Chapter 2 Cloud Data Security 57 Describe Cloud Data Concepts 58 Cloud Data Lifecycle Phases 58 Data Dispersion 61 Data Flows 62 Design and Implement Cloud Data Storage Architectures 63 Storage Types 63 Threats to Storage Types 66 Design and Apply Data Security Technologies and Strategies 67 Encryption and Key Management 67 Hashing 70 Data Obfuscation 71 Tokenization 73 Data Loss Prevention 74 Keys, Secrets, and Certificates Management 77 Implement Data Discovery 78 Structured Data 79 Unstructured Data 80 Semi- structured Data 81 Data Location 82 Implement Data Classification 82 Data Classification Policies 83 Mapping 85 Labeling 86 Design and Implement Information Rights Management 87 Objectives 88 Appropriate Tools 89 Plan and Implement Data Retention, Deletion, and Archiving Policies 89 Data Retention Policies 90 Data Deletion Procedures and Mechanisms 93 Data Archiving Procedures and Mechanisms 94 Legal Hold 95 Design and Implement Auditability, Traceability, and Accountability of Data Events 96 Definition of Event Sources and Requirement of Event Attribution 97 Logging, Storage, and Analysis of Data Events 99 Chain of Custody and Nonrepudiation 100 Summary 101 Chapter 3 Cloud Platform and Infrastructure Security 103 Comprehend Cloud Infrastructure and Platform Components 104 Physical Environment 104 Network and Communications 106 Compute 107 Virtualization 108 Storage 110 Management Plane 111 Design a Secure Data Center 113 Logical Design 114 Physical Design 116 Environmental Design 117 Analyze Risks Associated with Cloud Infrastructure and Platforms 119 Risk Assessment 119 Cloud Vulnerabilities, Threats, and Attacks 122 Risk Mitigation Strategies 123 Plan and Implementation of Security Controls 124 Physical and Environmental Protection 124 System, Storage, and Communication Protection 125 Identification, Authentication, and Authorization in Cloud Environments 127 Audit Mechanisms 128 Plan Disaster Recovery and Business Continuity 131 Business Continuity/Disaster Recovery Strategy 131 Business Requirements 132 Creation, Implementation, and Testing of Plan 134 Summary 138 Chapter 4 Cloud Application Security 139 Advocate Training and Awareness for Application Security 140 Cloud Development Basics 140 Common Pitfalls 141 Common Cloud Vulnerabilities 142 Describe the Secure Software Development Life Cycle Process 144 NIST Secure Software Development Framework 145 OWASP Software Assurance Maturity Model 145 Business Requirements 145 Phases and Methodologies 146 Apply the Secure Software Development Life Cycle 149 Cloud- Specific Risks 149 Threat Modeling 153 Avoid Common Vulnerabilities during Development 156 Secure Coding 156 Software Configuration Management and Versioning 157 Apply Cloud Software Assurance and Validation 158 Functional and Non- functional Testing 159 Security Testing Methodologies 160 Quality Assurance 164 Abuse Case Testing 164 Use Verified Secure Software 165 Securing Application Programming Interfaces 165 Supply- Chain Management 166 Third- Party Software Management 166 Validated Open- Source Software 167 Comprehend the Specifics of Cloud Application Architecture 168 Supplemental Security Components 169 Cryptography 171 Sandboxing 172 Application Virtualization and Orchestration 173 Design Appropriate Identity and Access Management Solutions 174 Federated Identity 175 Identity Providers 175 Single Sign- on 176 Multifactor Authentication 176 Cloud Access Security Broker 178 Summary 179 Chapter 5 Cloud Security Operations 181 Build and Implement Physical and Logical Infrastructure for Cloud Environment 182 Hardware- Specific Security Configuration Requirements 182 Installation and Configuration of Virtualization Management Tools 185 Virtual Hardware–Specific Security Configuration Requirements 186 Installation of Guest Operating System Virtualization Toolsets 188 Operate Physical and Logical Infrastructure for Cloud Environment 188 Configure Access Control for Local and Remote Access 188 Secure Network Configuration 190 Operating System Hardening through the Application of Baselines 195 Availability of Stand- Alone Hosts 196 Availability of Clustered Hosts 197 Availability of Guest Operating Systems 199 Manage Physical and Logical Infrastructure for Cloud Environment 200 Access Controls for Remote Access 201 Operating System Baseline Compliance Monitoring and Remediation 202 Patch Management 203 Performance and Capacity Monitoring 205 Hardware Monitoring 206 Configuration of Host and Guest Operating System Backup and Restore Functions 207 Network Security Controls 208 Management Plane 212 Implement Operational Controls and Standards 212 Change Management 213 Continuity Management 214 Information Security Management 216 Continual Service Improvement Management 217 Incident Management 218 Problem Management 221 Release Management 221 Deployment Management 222 Configuration Management 224 Service Level Management 225 Availability Management 226 Capacity Management 227 Support Digital Forensics 228 Forensic Data Collection Methodologies 228 Evidence Management 230 Collect, Acquire, and Preserve Digital Evidence 231 Manage Communication with Relevant Parties 234 Vendors 235 Customers 236 Partners 238 Regulators 238 Other Stakeholders 239 Manage Security Operations 239 Security Operations Center 240 Monitoring of Security Controls 244 Log Capture and Analysis 245 Incident Management 248 Summary 253 Chapter 6 Legal, Risk, and Compliance 255 Articulating Legal Requirements and Unique Risks within the Cloud Environment 256 Conflicting International Legislation 256 Evaluation of Legal Risks Specific to Cloud Computing 258 Legal Frameworks and Guidelines 258 eDiscovery 265 Forensics Requirements 267 Understand Privacy Issues 267 Difference between Contractual and Regulated Private Data 268 Country- Specific Legislation Related to Private Data 272 Jurisdictional Differences in Data Privacy 277 Standard Privacy Requirements 278 Privacy Impact Assessments 280 Understanding Audit Process, Methodologies, and Required Adaptations for a Cloud Environment 281 Internal and External Audit Controls 282 Impact of Audit Requirements 283 Identify Assurance Challenges of Virtualization and Cloud 284 Types of Audit Reports 285 Restrictions of Audit Scope Statements 288 Gap Analysis 289 Audit Planning 290 Internal Information Security Management System 291 Internal Information Security Controls System 292 Policies 293 Identification and Involvement of Relevant Stakeholders 296 Specialized Compliance Requirements for Highly Regulated Industries 297 Impact of Distributed Information Technology Model 298 Understand Implications of Cloud to Enterprise Risk Management 299 Assess Providers Risk Management Programs 300 Differences between Data Owner/Controller vs. Data Custodian/Processor 301 Regulatory Transparency Requirements 302 Risk Treatment 303 Risk Frameworks 304 Metrics for Risk Management 307 Assessment of Risk Environment 307 Understand Outsourcing and Cloud Contract Design 309 Business Requirements 309 Vendor Management 311 Contract Management 312 Supply Chain Management 314 Summary 316 Index 317


Best Sellers


Product Details
  • ISBN-13: 9781119909019
  • Publisher: John Wiley & Sons Inc
  • Publisher Imprint: Sybex Inc.,U.S.
  • Height: 234 mm
  • No of Pages: 352
  • Spine Width: 25 mm
  • Width: 193 mm
  • ISBN-10: 1119909015
  • Publisher Date: 17 Nov 2022
  • Binding: Hardback
  • Language: English
  • Returnable: N
  • Weight: 806 gr


Similar Products

How would you rate your experience shopping for books on Bookswagon?

Add Photo
Add Photo

Customer Reviews

5       |  1 Reviews 
out of (%) reviewers recommend this product
Top Reviews
Rating Snapshot
Select a row below to filter reviews.
5
4
3
2
1
Average Customer Ratings
5       |  1 Reviews 
00 of 0 Reviews
Sort by :
Active Filters

00 of 0 Reviews
SEARCH RESULTS
1–2 of 2 Reviews
    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!

    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!


Sample text
Photo of
    Media Viewer

    Sample text
    Reviews
    Reader Type:
    BoxerLover2
    00 of 0 review

    Your review was submitted!
    The Official (ISC)2 CCSP CBK Reference
    John Wiley & Sons Inc -
    The Official (ISC)2 CCSP CBK Reference
    Writing guidlines
    We want to publish your review, so please:
    • keep your review on the product. Review's that defame author's character will be rejected.
    • Keep your review focused on the product.
    • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
    • Refrain from mentioning competitors or the specific price you paid for the product.
    • Do not include any personally identifiable information, such as full names.

    The Official (ISC)2 CCSP CBK Reference

    Required fields are marked with *

    Review Title*
    Review
      Add Photo Add up to 6 photos
      Would you recommend this product to a friend?
      Tag this Book
      Read more
      Does your review contain spoilers?
      What type of reader best describes you?
      I agree to the terms & conditions
      You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

      CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

      These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


      By submitting any content to Bookswagon, you guarantee that:
      • You are the sole author and owner of the intellectual property rights in the content;
      • All "moral rights" that you may have in such content have been voluntarily waived by you;
      • All content that you post is accurate;
      • You are at least 13 years old;
      • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
      You further agree that you may not submit any content:
      • That is known by you to be false, inaccurate or misleading;
      • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
      • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
      • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
      • For which you were compensated or granted any consideration by any unapproved third party;
      • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
      • That contains any computer viruses, worms or other potentially damaging computer programs or files.
      You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


      For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


      All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

      Accept

      New Arrivals


      Inspired by your browsing history


      Your review has been submitted!

      You've already reviewed this product!
      ASK VIDYA