The First Domain of CCSP: Cloud Concepts, Architecture and Design

1
The First Domain of CCSP Cloud Concepts,
Architecture and Design
www.infosectrain.com sales_at_infosectrain.com
2
The Certified Cloud Security Professional
Certification or CCSP, is a credential offered by
(ISC)2 and the Cloud Security Alliance (CSA) in
collaboration. For information security
practitioners who wish to specialise in cloud
computing security, the CCSP is an excellent
credential to obtain. It was created by (ISC)2 to
ensure that cloud security professionals have the
necessary expertise, skills, and abilities in
cloud security design, implementation,
architecture, operations, controls, and
regulatory framework enforcement. A CCSP
demonstrates excellence in cloud security
architecture, design, operations, and service
orchestration by applying information security
expertise to a cloud computing environment. This
professional expertise is assessed against a body
of information that is universally accepted.
www.infosectrain.com sales_at_infosectrain.com
3
www.infosectrain.com sales_at_infosectrain.com
4

• The topics covered by the CCSP Common Body of
  Knowledge (CBK) ensure its applicability across
  all cloud security disciplines. The CCSP exam
  comprises of six domains
• Domain 1 Cloud Concepts, Architecture and Design
  (17)
• Domain 2 Cloud Data Security (19)
• Domain 3 Cloud Platform Infrastructure
  Security (17)
• Domain 4 Cloud Application Security (17)
• Domain 5 Cloud Security Operations (17)
• Domain 6 Legal, Risk and Compliance (13)
• This blog will cover the CCSP Domain 1 Cloud
  concepts, Cloud architecture and design and what
  candidates preparing for this exam should expect
  in this domain.

www.infosectrain.com sales_at_infosectrain.com
5

• Cloud Concepts, Architecture, and Design
• The Cloud Concepts, Architecture, and Design
  domain lays the foundation for a strong
  understanding of cloud computings fundamentals.
  The ISO/IEC 17788 standard serves as the
  foundation for these building blocks. The domain
  defines various and significant roles that
  individuals and other organisations play within a
  cloud implementation, from the standpoint of both
  the cloud service provider and the cloud service
  customer. It holds 17 weightage and covers the
  following
• Understand Basics of Cloud Computing
• Explain the Cloud Reference Architecture
• Understand Cloud Computing Security Concepts
• Understand Secure Cloud Computing Design
  Principles
• Evaluate Cloud Service Providers

www.infosectrain.com sales_at_infosectrain.com
6
Understand Basics of Cloud Computing This
subsection provides an overview of the basic
cloud computing definitions and terminologies,
and cloud computing roles. It covers the key
characteristics of cloud computing, including
on-demand self-service, broad network access,
multitenancy, rapid elasticity and scalability,
resource pooling, and measured service. It also
covers the fundamentals of cloud computing, such
as virtualization, storage, networks, and the
underlying infrastructure that host and manage
them. The primary goal of this domain is to see
if the candidate understands the basic components
of cloud computing.




www.infosectrain.com sales_at_infosectrain.com
7
Explain the Cloud Reference Architecture The
Cloud Computing Architecture is covered in this
section, which introduces cloud computing
operations, cloud service capabilities, cloud
service types, cloud deployment models, and
cross-cutting aspects of cloud computing that
affect all aspects of cloud implementations and
deployments. The main roles of the cloud service
provider, cloud service customer, and cloud
service partner, as well as the broad range of
sub-roles encapsulated under each, are included
in the ISO/IEC 17789 standard for cloud computing
activities. The key cloud service capabilities
are introduced and described, including
application, infrastructure, and platform service
capabilities, as they are the backbone of many of
the widely used and understood cloud structures
and models. Infrastructure as a Service (IaaS),
Platform as a Service (PaaS), and Software as a
Service (SaaS) are among the major cloud service
categories discussed in this section which are
deployed on a public, private, hybrid and
community cloud. The final component is a set of
cloud computings cross-cutting aspects that
apply to all cloud environments, regardless of
service category or deployment model. It includes
interoperability, portability, reversibility,
availability, security, privacy, resiliency,
performance, governance, maintenance and
versioning, service levels and Service Level
Agreements (SLA), auditability, and regulatory.
It also discusses the impact of related
technologies such as machine learning, artificial
intelligence, blockchain, containers, Internet of
Things (IoT), and quantum computing.




www.infosectrain.com sales_at_infosectrain.com
8

• Understand Cloud Computing Security Concepts
• Cloud computing has its own set of security
  concepts. On the CCSP certification exam, the
  following security concepts are likely to be
  covered
• Cryptography and Key Management
• Access Control
• Data and Media Sanitization
• Network Security
• Virtualization Security
• Common Threats
• All of these are somewhat close to a traditional
  data centre model, except in a cloud environment
  with multi tenancy, the value of cryptography is
  substantially higher, since many customers share
  the same pool of resources, rather than being
  isolated in a traditional data centre. This is
  also true for the particular challenges of access
  control, data and media sanitization, network
  security, virtualization security, and common
  threats.

www.infosectrain.com sales_at_infosectrain.com
9

• Understand Secure Cloud Computing Design
  Principles
• This subsection describes the specific design
  requirements for secure cloud computing. Although
  certain aspects of a cloud environment are
  similar to those of a conventional data centre,
  some aspects of a cloud environment involve
  special requirements or methodologies. These
  includes
• Cloud Secure Data Lifecycle
• Cloud based Disaster Recovery (DR) and Business
  Continuity (BC) planning
• Cost Benefit Analysis
• Functional Security Requirements
• Security Considerations for different Cloud
  categories

www.infosectrain.com sales_at_infosectrain.com
10

• Evaluate Cloud Service Providers
• Since cloud customers do not host and monitor the
  entire cloud environment, they must rely on other
  methods to verify a cloud providers security
  posture and operations. One simple and reliable
  method is to examine independently verified and
  confirmed certifications. These certifications
  are focused on universally available and
  well-understood criteria and specifications, and
  they serve as a way to trust a cloud providers
  security posture and controls, as well as to
  compare various providers. It includes
• Verification Against Criteria (e.g.,
  International Organization for Standardization/Int
  ernational Electrotechnical Commission (ISO/IEC)
  27017, Payment Card Industry Data Security
  Standard (PCI DSS))
• System/subsystem Product Certifications (e.g.,
  Common Criteria (CC), Federal Information
  Processing Standard (FIPS) 140-2)

www.infosectrain.com sales_at_infosectrain.com
11
CCSP with Infosec Train Earning the
internationally recognised CCSP cloud security
certification is a proven way to advance your
career while also enhancing the security of
sensitive cloud resources. InfosecTrains Certifie
d Cloud Security Professional (CCSP)
training course will assist candidates in
updating and refreshing their skills as well as
recognizing areas in which they need to study
while preparing for the CCSP exam. We are one of
the most well-known training providers. Our
accredited instructors have years of experience
in the industry, which they impart during
training. This course will provide you with
in-depth knowledge of fundamentals of cloud
architecture, cloud architecture design, types of
cloud architecture, cloud computing security
concepts, etc.




www.infosectrain.com sales_at_infosectrain.com
12
About InfosecTrain

• Established in 2016, we are one of the finest
  Security and Technology Training and Consulting
  company
• Wide range of professional training programs,
  certifications consulting services in the IT
  and Cyber Security domain
• High-quality technical services, certifications
  or customized training programs curated with
  professionals of over 15 years of combined
  experience in the domain

www.infosectrain.com sales_at_infosectrain.com
13
Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
14
Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
15
Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
16
(No Transcript)
17
Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com