CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide

(0) Erste Bewertung abgeben
CHF 40.50
Download steht sofort bereit
E-Book (epub)
Informationen zu E-Books
E-Books eignen sich auch für mobile Geräte (sehen Sie dazu die Anleitungen).
E-Books von Ex Libris sind mit Adobe DRM kopiergeschützt: Erfahren Sie mehr.
Weitere Informationen finden Sie hier.


The only official study guide for the new CCSP exam

(ISC)² CCSP Certified Cloud Security Professional Official Study Guide is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)², this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP is the latest credential from (ISC)² and the Cloud Security Alliance, designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.
* Review 100% of all CCSP exam objectives
* Practice applying essential concepts and skills
* Access the industry-leading online study tool set
* Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)² CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification, and apply your skills in a real-world setting.



Ben Malisow, CCSP, CISSP, SSCP, CISM, Security+, has worked with INFOSEC and education for more than 20 years. He has taught computer classes to students from grade 6 through university level and crafted and delivered the CISSP prep course (among others) for Carnegie-Mellon University's CERT/SEU. In addition, Malisow built and ran DARPA's internal INFOSEC training program, was the ISSM for the FBI's most-classified counterterror intelligence-sharing network and was a security architect for TSA. He also teaches exam prep courses for (ISC)2. You can find more of his writings at his blog:


Includes interactive online learning environment and study tools with:

  • Two complete custom practice exams
  • Over 100 electronic flashcards
  • Searchable glossary of terms

Your Official Study Guide for the Certified Cloud Security Professional (CCSP) Exam

Organizations increasingly rely on cloud-based services, making cloud data security more vital than ever. The (ISC)2 Certified Cloud Security Professional (CCSP) credential proves your expertise in every aspect of essential cloud security, and this Sybex Study Guide is the only official Study Guide reviewed and endorsed by (ISC)2. Covering 100% of CCSP exam objectives, this book helps you prepare with assessment tests that check exam readiness, objective maps, exercises, chapter review questions, and an industry-leading online study tool set. Along with plenty of practice in applying critical concepts and skills, you'll have online access to two complete practice exams, a searchable glossary of essential terms, and more than 100 electronic flash cards to help you review. It's the smartest, most effective way to prepare for the exam and further your career.

Coverage of all exam objectives in this Study Guide means you'll be ready for:

  • Cloud Concepts, Architecture, and Design
  • Cloud Data Security
  • Cloud Platform and Infrastructure Security
  • Cloud Application Security
  • Cloud Security Operations
  • Legal, Risk, and Compliance

Interactive Learning Environment

Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit, register your book to receive your unique PIN, and instantly gain access to:

  • Interactive test bank with two custom practice exams to help you identify where you need additional study. Get more than 90% of the answers correct, and you're ready to take the certification exam. More than 475 questions total!
  • More than 100 electronic flash cards to reinforce learning and last-minute prep before the exam.
  • Comprehensive glossary in PDF format gives you instant access to the terms and definitions so you are fully prepared.


The CCSP is the premier cloud security certification from (ISC)??. This vendor-neutral certification validates IT and information security professionals' knowledge and competency to apply best practices to cloud security architecture, design, operations and service orchestration. It shows you're on the forefront of cloud security. (ISC)?? is a global nonprofit organization that maintains the Common Body of Knowledge for information security professionals. Candidates must have experience, adhere to the (ISC)?? Code of Ethics and maintain continuing education requirements or recertify every three years. Visit to learn more.


Introduction xxi

Assessment Test xxviii

Chapter 1 Architectural Concepts 1

Cloud Characteristics 2

Business Requirements 4

Existing State 5

Quantifying Benefits and Opportunity Cost 6

Intended Impact 8

Cloud Evolution, Vernacular, and Models 9

New Technology, New Options 9

Cloud Computing Service Models 10

Cloud Deployment Models 12

Cloud Computing Roles and Responsibilities 13

Cloud Computing Definitions 14

Foundational Concepts of Cloud Computing 16

Sensitive Data 16

Virtualization 16

Encryption 16

Auditing and Compliance 17

Cloud Service Provider Contracts 17

Related and Emerging Technologies 18

Summary 19

Exam Essentials 19

Written Labs 20

Review Questions 21

Chapter 2 Design Requirements 25

Business Requirements Analysis 26

Inventory of Assets 26

Valuation of Assets 27

Determination of Criticality 27

Risk Appetite 29

Security Considerations for Different Cloud Categories 31

IaaS Considerations 32

PaaS Considerations 32

SaaS Considerations 32

General Considerations 33

Design Principles for Protecting Sensitive Data 33

Hardening Devices 33

Encryption 35

Layered Defenses 35

Summary 36

Exam Essentials 37

Written Labs 37

Review Questions 38

Chapter 3 Data Classification 43

Data Inventory and Discovery 45

Data Ownership 45

The Data Lifecycle 46

Data Discovery Methods 50

Jurisdictional Requirements 51

Information Rights Management (IRM) 53

Intellectual Property Protections 53

IRM Tool Traits 57

Data Control 59

Data Retention 60

Data Audit 61

Data Destruction/Disposal 63

Summary 65

Exam Essentials 65

Written Labs 66

Review Questions 67

Chapter 4 Cloud Data Security 71

Cloud Data Lifecycle 73

Create 74

Store 75

Use 75

Share 75

Archive 76

Destroy 77

Cloud Storage Architectures 78

Volume Storage: File-Based Storage and Block Storage 78

Object-Based Storage 78

Databases 79

Content Delivery Network (CDN) 79

Cloud Data Security Foundational Strategies 79

Encryption 79

Masking, Obfuscation, Anonymization, and Tokenization 81

Security Information and Event Management 84

Egress Monitoring (DLP) 85

Summary 86

Exam Essentials 86

Written Labs 87

Review Questions 88

Chapter 5 Security in the Cloud 93

Shared Cloud Platform Risks and Responsibilities 95

Cloud Computing Risks by Deployment Model 97

Private Cloud 98

Community Cloud 98

Public Cloud 100

Hybrid Cloud 104

Cloud Computing Risks by Service Model 104

Infrastructure as a Service (IaaS) 104

Platform as a Service (PaaS) 105

Software as a Service (SaaS) 106

Virtualization 106

Threats 107

Countermeasure Methodology 109

Disaster Recovery (DR) and Business Continuity (BC) 112

Cloud-Specific BIA Concerns 112

Customer/Provider Shared BC/DR Responsibilities 113

Summary 116

Exam Essentials 116

Written Labs 117

Review Questions 118

Chapter 6 Responsibilities in the Cloud 123

Foundations of Managed Services 126

Business Requirements 127

Business Requirements: The...

Mehr anzeigen


CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide
E-Book (epub)
Datenkommunikation, Netzwerke
Digitaler Kopierschutz
1.12 MB
Anzahl Seiten
Mehr anzeigen
Andere Kunden kauften auch