(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide (eBook)
416 Seiten
Wiley (Verlag)
978-1-119-90939-2 (ISBN)
The only official study guide for the new CCSP exam objectives effective from 2022-2025
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. In this completely rewritten 3rd Edition, experienced cloud security professionals Mike Chapple and David Seidl use their extensive training and hands on skills to help you prepare for the CCSP exam. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Cloud Concepts, Architecture and Design, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Cloud Security Operations, and Legal, Risk, and Compliance with real-world scenarios to help you apply your skills along the way.
The CCSP credential from (ISC)2 and the Cloud Security Alliance is designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.
- Review 100% of all CCSP exam objectives
- Practice applying essential concepts and skills
- Access the industry-leading online study tool set
- Test your knowledge with bonus practice exams and more
As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification and apply your skills in a real-world setting.
About the Authors
Mike Chapple, PhD, CCSP, CISSP, is a bestselling author and Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame's Mendoza College of Business. He is also the Academic Director of the University's Master of Science in Business Analytics program and holds multiple technical certifications, including the CIPP/US, CySA+, CISM, PenTest+, and Security+.
David Seidl, CISSP, is Vice President for Information Technology and Chief Information Officer at Miami University. He holds multiple technical certifications including GPEN, GCIH, PenTest+, and CySA+ and has written books on security certification and cyberwarfare.
The only official study guide for the new CCSP exam objectives effective from 2022-2025 (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. In this completely rewritten 3rd Edition, experienced cloud security professionals Mike Chapple and David Seidl use their extensive training and hands on skills to help you prepare for the CCSP exam. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Cloud Concepts, Architecture and Design, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Cloud Security Operations, and Legal, Risk, and Compliance with real-world scenarios to help you apply your skills along the way. The CCSP credential from (ISC)2 and the Cloud Security Alliance is designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond. Review 100% of all CCSP exam objectives Practice applying essential concepts and skills Access the industry-leading online study tool set Test your knowledge with bonus practice exams and moreAs organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification and apply your skills in a real-world setting.
About the Authors Mike Chapple, PhD, CCSP, CISSP, is a bestselling author and Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame's Mendoza College of Business. He is also the Academic Director of the University's Master of Science in Business Analytics program and holds multiple technical certifications, including the CIPP/US, CySA+, CISM, PenTest+, and Security+. David Seidl, CISSP, is Vice President for Information Technology and Chief Information Officer at Miami University. He holds multiple technical certifications including GPEN, GCIH, PenTest+, and CySA+ and has written books on security certification and cyberwarfare.
Introduction xxiii
Assessment Test xxxii
Chapter 1 Architectural Concepts 1
Chapter 2 Data Classification 35
Chapter 3 Cloud Data Security 63
Chapter 4 Security in the Cloud 91
Chapter 5 Cloud Platform, Infrastructure, and Operational Security 121
Chapter 6 Cloud Application Security 151
Chapter 7 Operations Elements 191
Chapter 8 Operations Management 215
Chapter 9 Legal and Compliance Issues 245
Chapter 10 Cloud Vendor Management 295
Appendix Answers to the Review Questions 335
Chapter 1: Architectural Concepts 336
Chapter 2: Data Classification 337
Chapter 3: Cloud Data Security 339
Chapter 4: Security in the Cloud 341
Chapter 5: Cloud Platform, Infrastructure, and
Operational Security 343
Chapter 6: Cloud Application Security 345
Chapter 7: Operations Elements 347
Chapter 8: Operations Management 349
Chapter 9: Legal and Compliance Issues 350
Chapter 10: Cloud Vendor Management 352
Index 355
Introduction
The Certified Cloud Security Professional (CCSP) certification satisfies the growing demand for trained and qualified cloud security professionals. It is not easy to earn this credential; the exam is extremely difficult, and the endorsement process is lengthy and detailed.
The CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide offers the cloud professional a solid foundation for taking and passing the Certified Cloud Security Professional (CCSP) exam.
The more information you have at your disposal and the more hands-on experience you gain, the better off you'll be when attempting the exam. This study guide was written with that in mind. The goal was to provide enough information to prepare you for the test, but not so much that you'll be overloaded with information that's outside the scope of the exam.
This book presents the material at an intermediate technical level. Experience with and knowledge of security concepts, operating systems, and application systems will help you get a full understanding of the challenges that you'll face as a security professional.
We've included review questions at the end of each chapter to give you a taste of what it's like to take the exam. If you're already working in the security field, we recommend that you check out these questions first to gauge your level of expertise. You can then use the book mainly to fill in the gaps in your current knowledge. This study guide will help you round out your knowledge base before tackling the exam.
If you can answer 90 percent or more of the review questions correctly for a given chapter, you can feel safe moving on to the next chapter. If you're unable to answer that many correctly, reread the chapter and try the questions again. Your score should improve.
Don't just study the questions and answers! The questions on the actual exam will be different from the practice questions included in this book. The exam is designed to test your knowledge of a concept or objective, so use this book to learn the objectives behind the questions.
CCSP Certification
The CCSP certification is offered by the International Information System Security Certification Consortium, or (ISC)2, a global nonprofit organization. The mission of (ISC)2 is to support and provide members and constituents with credentials, resources, and leadership to address cybersecurity as well as information, software, and infrastructure security to deliver value to society. (ISC)2 achieves this mission by delivering the world's leading information security certification program. The CCSP is the cloud-focused credential in this series and is accompanied by several other (ISC)2 programs:
- Certified Information Systems Security Professional (CISSP)
- Systems Security Certified Practitioner (SSCP)
- Certified Authorization Professional (CAP)
- Certified Secure Software Lifecycle Professional (CSSLP)
- HealthCare Information Security and Privacy Practitioner (HCISPP)
The CCSP certification covers six domains of cloud security knowledge. These domains are meant to serve as the broad knowledge foundation required to succeed in cloud security roles:
- Cloud Concepts, Architecture, and Design
- Cloud Data Security
- Cloud Platform and Infrastructure Security
- Cloud Application Security
- Cloud Security Operations
- Legal, Risk, and Compliance
The CCSP domains are periodically updated by (ISC)2. The most recent revision in August 2022 slightly modified the weighting for Cloud Data Security from 19 to 20 percent while changing the focus on Cloud Security Operations from 17 to 16 percent. It also added or expanded coverage of emerging topics in cloud security.
Complete details on the CCSP Common Body of Knowledge (CBK) are contained in the Exam Outline (Candidate Information Bulletin). It includes a full outline of exam topics and can be found on the (ISC)2 website at www.isc2.org
.
Taking the CCSP Exam
The CCSP exam is administered in English, Chinese, German, Japanese, Korean, and Spanish using a computer-based testing format. Your exam will contain 150 questions and have a four-hour time limit. You will not have the opportunity to skip back and forth as you take the exam: you only have one chance to answer each question correctly, so be careful!
Passing the CCSP exam requires achieving a score of at least 700 out of 1,000 points. It's important to understand that this is a scaled score, meaning that not every question is worth the same number of points. Questions of differing difficulty may factor into your score more or less heavily, and adaptive exams adjust to the test taker.
That said, as you work through the practice exams included in this book, you might want to use 70 percent as a goal to help you get a sense of whether you're ready to sit for the actual exam. When you're ready, you can schedule an exam at a location near you through the (ISC)2 website.
Questions on the CCSP exam use a standard multiple-choice format where you are presented with a question and four possible answer choices, one of which is correct. Remember to read the full question and all of the answer options very carefully. Some of those questions can get tricky!
Computer-Based Testing Environment
The CCSP exam is administered in a computer-based testing (CBT) format. You'll register for the exam through the Pearson Vue website and may take the exam in the language of your choice.
You'll take the exam in a computer-based testing center located near your home or office. The centers administer many different exams, so you may find yourself sitting in the same room as a student taking a school entrance examination and a healthcare professional earning a medical certification. If you'd like to become more familiar with the testing environment, the Pearson Vue website offers a virtual tour of a testing center:
https://home.pearsonvue.com/test-taker/Pearson-Professional-Center-Tour.aspx
When you take the exam, you'll be seated at a computer that has the exam software already loaded and running. It's a pretty straightforward interface that allows you to navigate through the exam. You can download a practice exam and tutorial from the Pearson Vue website:
Exam policies can change from time to time. We highly recommend that you check both the (ISC)2 and Pearson VUE sites for the most up-to-date information when you begin your preparing, when you register, and again a few days before your scheduled exam date.
Exam Retake Policy
If you don't pass the CCSP exam, you shouldn't panic. Many individuals don't reach the bar on their first attempt but gain valuable experience that helps them succeed the second time around. When you retake the exam, you'll have the benefit of familiarity with the CBT environment and the CCSP exam format. You'll also have time to study the areas where you felt less confident.
After your first exam attempt, you must wait 30 days before retaking the computer-based exam. If you're not successful on that attempt, you must then wait 60 days before your third attempt and 90 days before your fourth attempt. You may not take the exam more than four times in any 12-month period.
Work Experience Requirement
Candidates who want to earn the CCSP credential must not only pass the exam but also demonstrate that they have at least five years of work experience in the information technology field. Your work experience must include three years of information security experience and one year of experience in one or more of the six CCSP domains.
Candidates who hold the CISSP certification may substitute that certification for the entire CCSP experience requirement. Candidates with the Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance (CSA) may substitute that certification for one year of experience in the CCSP domains.
If you haven't yet completed your work experience requirement, you may still attempt the CCSP exam. An individual who passes the exam is a designated Associate of (ISC)2 and has six years to complete the work experience requirement.
Recertification Requirements
Once you've earned your CCSP credential, you'll need to maintain your certification by paying maintenance fees and participating in continuing professional education (CPE). As long as you maintain your certification in good standing, you will not need to retake the CCSP exam.
Currently, the annual maintenance fees for the CCSP credential are $125 per year. This fee covers the renewal for all (ISC)2 certifications held by an individual.
The CCSP CPE requirement mandates earning at least 90 CPE credits during each three-year renewal cycle. Associates of (ISC)2 must earn at least 15 CPE credits each year. (ISC)2 provides an online portal where certificate holders may submit CPE completion for review and approval. The portal also tracks annual maintenance fee payments and progress toward recertification.
What Does This Book Cover?
This book covers everything you need to know to pass the CCSP exam:
Erscheint lt. Verlag | 2.9.2022 |
---|---|
Reihe/Serie | Sybex Study Guide |
Sprache | englisch |
Themenwelt | Mathematik / Informatik ► Informatik ► Netzwerke |
Sozialwissenschaften ► Pädagogik | |
Schlagworte | CCSP • Certification (MSCE, Novell, etc.) • Computer Science • Informatik • Networking / Security • Netzwerke / Sicherheit • Prüfungsvorbereitung • Test Prep • Zertifizierung f. MSCE u. Novell |
ISBN-10 | 1-119-90939-2 / 1119909392 |
ISBN-13 | 978-1-119-90939-2 / 9781119909392 |
Haben Sie eine Frage zum Produkt? |
Größe: 4,7 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich