HOME > 상세정보

상세정보

CCSP® (ISC)2® certified cloud security professional : official study guide

CCSP® (ISC)2® certified cloud security professional : official study guide

자료유형
단행본
개인저자
O'Hara, Brian T. Malisow, Ben.
서명 / 저자사항
CCSP® (ISC)2® certified cloud security professional : official study guide / Brian T. O'Hara Ben Malisow.
발행사항
Hoboken :   Sybex, a Wiley Brand,   c2017.  
형태사항
xxxi, 352 p. : ill. ; 24 cm.
총서사항
(ISC)2 official study guide
ISBN
9781119277415 (pbk.) 9781119277422 (ebk.) 9781119277439 (ebk.)
일반주기
Includes index.  
일반주제명
Electronic Data Processing --Distributed Processing. Computer Security.
000 00000nam u2200205 a 4500
001 000045977995
005 20190401170317
008 190329s2017 njua 001 0 eng d
020 ▼a 9781119277415 (pbk.)
020 ▼a 9781119277422 (ebk.)
020 ▼a 9781119277439 (ebk.)
040 ▼a 211009 ▼c 211009 ▼d 211009
082 0 4 ▼a 004.6782 ▼2 23
084 ▼a 004.6782 ▼2 DDCK
090 ▼a 004.6782 ▼b O36c
100 1 ▼a O'Hara, Brian T.
245 1 0 ▼a CCSP® (ISC)2® certified cloud security professional : ▼b official study guide / ▼c Brian T. O'Hara Ben Malisow.
246 3 ▼a CCSP (ISC)2 certified cloud security professional
260 ▼a Hoboken : ▼b Sybex, a Wiley Brand, ▼c c2017.
300 ▼a xxxi, 352 p. : ▼b ill. ; ▼c 24 cm.
490 1 ▼a (ISC)2 official study guide
500 ▼a Includes index.
650 0 ▼a Electronic Data Processing ▼x Distributed Processing.
650 0 ▼a Computer Security.
700 1 ▼a Malisow, Ben.
830 0 ▼a (ISC)2 official study guide.
945 ▼a KLPA

소장정보

No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 중앙도서관/서고6층/ 청구기호 004.6782 O36c 등록번호 111807158 도서상태 대출가능 반납예정일 예약 서비스 B M

컨텐츠정보

저자소개

Wiley(지은이)

정보제공 : Aladin

목차

Cover -- Title Page -- Copyright -- Acknowledgments -- About the Authors -- About the Technical Editors -- Contents at a Glance -- Contents -- Introduction -- Assessment Test -- Answers to Assessment Test -- Chapter 1 Architectural Concepts -- Business Requirements -- Existing State -- Quantifying Benefits and Opportunity Cost -- Intended Impact -- Cloud Evolution, Vernacular, and Definitions -- New Technology, New Options -- Cloud Computing Service Models -- Cloud Deployment Models -- Cloud Computing Roles and Responsibilities -- Cloud Computing Definitions -- Foundational Concepts of Cloud Computing -- Sensitive Data -- Virtualization -- Encryption -- Auditing and Compliance -- Cloud Service Provider Contracts -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 2 Design Requirements -- Business Requirements Analysis -- Inventory of Assets -- Valuation of Assets -- Determination of Criticality -- Risk Appetite -- Boundaries of Cloud Models -- IaaS Boundaries -- PaaS Boundaries -- SaaS Boundaries -- Design Principles for Protecting Sensitive Data -- Hardening Devices -- Encryption -- Layered Defenses -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 3 Data Classification -- Data Inventory and Discovery -- Data Ownership -- The Data Life Cycle -- Data Discovery Methods -- Jurisdictional Requirements -- Data Rights Management -- Intellectual Property Protections -- DRM Tool Traits -- Data Control -- Data Retention -- Data Audit -- Data Destruction/Disposal -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 4 Cloud Data Security -- Cloud Data Life Cycle -- Create -- Store -- Use -- Share -- Archive -- Destroy -- Cloud Storage Architectures -- Volume Storage: File-Based Storage and Block Storage -- Object-Based Storage -- Databases -- Content Delivery Network (CDN) -- Cloud Data Security Foundational Strategies -- Encryption -- Masking, Obfuscation, Anonymization, and Tokenization -- Security Information and Event Management -- Egress Monitoring (DLP) -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 5 Security in the Cloud -- Shared Cloud Platform Risks and Responsibilities -- Cloud Computing Risks by Deployment and Service Model -- Private Cloud -- Community Cloud -- Public Cloud -- Hybrid Cloud -- IaaS (Infrastructure as a Service) -- PaaS (Platform as a Service) -- SaaS (Software as a Service) -- Virtualization -- Cloud Attack Surface -- Threats by Deployment Model -- Countermeasure Methodology -- Disaster Recovery (DR) and Business Continuity Management (BCM) -- Cloud-Specific BIA Concerns -- Customer/Provider Shared BC/DR Responsibilities -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 6 Responsibilities in the Cloud -- Foundations of Managed Services -- Business Requirements -- Business Requirements: The Cloud Provider Perspective -- Shared Responsibilities by Service Type -- IaaS -- PaaS -- SaaS -- Shared Admin.
istration of OS, Middleware, or Applications -- Operating System Baseline Configuration and Management -- Share Responsibilities: Data Access -- Customer Directly Administers Access -- Provider Administers Access on Behalf of the Customer -- Third-Party (CASB) Administers Access on Behalf of the Customer -- Lack of Physical Access -- Audits -- Shared Policy -- Shared Monitoring and Testing -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 7 Cloud Application Security -- Training and Awareness -- Common Cloud Application Deployment Pitfalls -- Cloud-Secure Software Development Life Cycle (SDLC) -- ISO/IEC 27034-1 Standards for Secure Application Development -- Identity and Access Management (IAM) -- Identity Repositories and Directory Services -- Single Sign-On (SSO) -- Federated Identity Management -- Federation Standards -- Multifactor Authentication -- Supplemental Security Devices -- Cloud Application Architecture -- Application Programming Interfaces -- Tenancy Separation -- Cryptography -- Sandboxing -- Application Virtualization -- Cloud Application Assurance and Validation -- Threat Modeling -- Quality of Service -- Software Security Testing -- Approved APIs -- Software Supply Chain (API) Management -- Securing Open Source Software -- Runtime Application Self-Protection (RASP) -- Secure Code Reviews -- OWASP Top 9 Coding Flaws -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 8 Operations Elements -- Physical/Logical Operations -- Facilities and Redundancy -- Virtualization Operations -- Storage Operations -- Physical and Logical Isolation -- Security Training and Awareness -- Training Program Categories -- Additional Training Insights -- Basic Operational Application Security -- Threat Modeling -- Application Testing Methods -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 9 Operations Management -- Monitoring, Capacity, and Maintenance -- Monitoring -- Maintenance -- Change and Configuration Management (CM) -- Baselines -- Deviations and Exceptions -- Roles and Process -- Business Continuity and Disaster Recovery (BC/DR) -- Primary Focus -- Continuity of Operations -- The BC/DR Plan -- The BC/DR Kit -- Relocation -- Power -- Testing -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 10 Legal and Compliance Part 1 -- Legal Requirements and Unique Risks in the Cloud Environment -- Legal Concepts -- U.S. Laws -- International Laws -- Laws, Frameworks, and Standards Around the World -- The Difference Between Laws, Regulations and Standards -- Potential Personal and Data Privacy Issues in the Cloud Environment -- eDiscovery -- Forensic Requirements -- International Conflict Resolution -- Cloud Forensic Challenges -- Contractual and Regulated PII -- Direct and Indirect Identifiers -- Audit Processes, Methodologies, and Cloud Adaptations -- Virtualization -- Scope -- Gap Analysis -- Information Security Management Systems (ISMSs) -- The R.
ight to Audit in Managed Services -- Audit Scope Statements -- Policies -- Different Types of Audit Reports -- Auditor Independence -- AICPA Reports and Standards -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Chapter 11 Legal and Compliance Part 2 -- The Impact of Diverse Geographical Locations and Legal Jurisdictions -- Policies -- Implications of the Cloud for Enterprise Risk Management -- Choices Involved in Managing Risk -- Risk Management Frameworks -- Risk Management Metrics -- Contracts and Service-Level Agreements (SLAs) -- Business Requirements -- Cloud Contract Design and Management for Outsourcing -- Identifying Appropriate Supply Chain and Vendor Management Processes -- Common Criteria Assurance Framework (ISO/IEC 15408-1:2009) -- Cloud Computing Certification -- CSA Security, Trust, and Assurance Registry (STAR) -- Supply Chain Risk -- Summary -- Exam Essentials -- Written Labs -- Review Questions -- Appendix A Answers to the Review Questions -- Chapter 1: Architectural Concepts -- Chapter 2: Design Requirements -- Chapter 3: Data Classification -- Chapter 4: Cloud Data Security -- Chapter 5: Security in the Cloud -- Chapter 6: Responsibilities in the Cloud -- Chapter 7: Cloud Application Security -- Chapter 8: Operations Elements -- Chapter 9: Operations Management -- Chapter 10: Legal and Compliance Part 1 -- Chapter 11: Legal and Compliance Part 2 -- Appendix B Answers to the Written Labs -- Chapter 1 -- Chapter 2 -- Chapter 3 -- Chapter 4 -- Chapter 5 -- Chapter 6 -- Chapter 7 -- Chapter 8 -- Chapter 9 -- Chapter 10 -- Chapter 11 -- Index -- EULA -- .

관련분야 신착자료

김자미 (2021)