(ISC)²

SEC588: Cloud Security

(DV-SEC588.AE1)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Architectural Concepts

  • Cloud Characteristics
  • Business Requirements
  • Cloud Computing Service Categories
  • Cloud Deployment Models
  • Multitenancy
  • Cloud Computing Roles and Responsibilities
  • Cloud Computing Reference Architecture
  • Virtualization
  • Cloud Shared Considerations
  • Emerging Technologies
2

Data Classification

  • Data Inventory and Discovery
  • Information Rights Management
  • Data Control
3

Cloud Data Security

  • Cloud Data Lifecycle
  • Cloud Storage Architectures
  • Threats to Cloud Storage
  • Designing and Applying Security Strategies for Storage
4

Security in the Cloud

  • Shared Cloud Platform Risks and Responsibilities
  • Cloud Computing Risks by Deployment Model
  • Cloud Computing Risks by Service Model
  • Virtualization
  • Disaster Recovery (DR) and Business Continuity (BC)
  • Cloud Design Patterns
5

Cloud Platform, Infrastructure, and Operational Security

  • Foundations of Managed Services
  • Shared Responsibilities by Service Type
  • Securing Communications and Infrastructure
  • Securing Hardware and Compute
  • Securing Software
  • Managing Virtual Systems
  • Assessing Vulnerabilities
  • Securing the Management Plane
  • Auditing Your Environment and Provider
6

Cloud Application Security

  • Developing Software for the Cloud
  • Cloud Application Architecture
  • Cloud-Secure Software Development Lifecycle (SDLC)
  • Cloud Application Assurance and Validation
  • Identity and Access Management
7

Operations Elements

  • Designing a Secure Data Center
  • Managing Security Operations
8

Operations Management

  • Monitoring, Capacity, and Maintenance
  • Change and Configuration Management
  • Problem and Incident Management
  • IT Service Management and Continual Service Improvement
  • Business Continuity and Disaster Recovery
9

Legal and Compliance Issues

  • Legal Requirements and Unique Risks in the Cloud Environment
  • Analyzing a Law
  • Legal Liability
  • Torts and Negligence
  • U.S. Privacy and Security Laws
  • International Laws
  • Laws, Regulations, and Standards
  • Information Security Management Systems
  • Privacy in the Cloud
  • Cloud Forensics
  • Audit Processes, Methodologies, and Cloud Adaptations
10

Cloud Vendor Management

  • The Impact of Diverse Geographical Locations and Legal Jurisdictions
  • Security Policy Framework
  • Enterprise Risk Management
  • Risk Treatment and Response
  • Risk Analysis
  • Cloud Contract Design
  • Government Cloud Standards
  • Manage Communication with Relevant Parties
11

ISC2 CCSP Certification

  • CCSP Certification
  • Taking the CCSP Exam
  • Computer-Based Testing Environment
  • Exam Retake Policy
  • Work Experience Requirement
  • Recertification Requirements
  • What Does This Course Cover?
  • CCSP Exam Objectives
  • CCSP Certification Exam Objective Map