Final Exam: Network Security Specialist

WHAT YOU WILL LEARN

• 

  Describe key legal considerations when moving to the cloud
  

  list the importance of performing a cost-benefit analysis
  

  list requirements for business continuity strategy
  

  recognize factors that can impact confidentiality, integrity, and availability of cloud data
  

  describe challenges introduced by different types of cloud platforms such as public, private, hybrid, and community
  

  differentiate between physical and logical infrastructure for cloud operations
  

  recognize challenges of cloud service such as iaas, paas, saas
  

  describe common cryptographic protocols
  

  describe virtualization technologies
  

  define shared responsibility
  

  configure stateful firewalls in the cloud
  

  describe the three-tier design model
  

  describe common cloud vulnerabilities such as negligence, cyber threats, and system vulnerabilities
  

  define the basics of risk management
  

  use audit processes and methodologies in the cloud
  

  list network security concepts such data and media sanitization
  

  list common clouds infrastructure components such as network, virtualization, and computer
  

  describe the saas cloud service model
  

  describe web application firewalls
  

  secure management access
  

  define object storage security
  

  define file and database security
  

  design and plan security controls
  

  describe cloud computing definitions and roles
  

  describe considerations when using the paas cloud service model
  

  classify key management services
  

  use verified secure software
  

  describe common development lifecycles
  

  describe software assurance and validation
  

  compare client and server-side encryption
• 

  list data security strategies such as encryption and key management
  

  define training and awareness security
  

  list potential threats against cloud computing infrastructure
  

  differentiate between data ownership and data custody
  

  describe the benefits of cloud offerings such as aws and azure
  

  apply the secure software development lifecycle
  

  list specifics about cloud application architecture such as supplementary security components, cryptography, and sandboxing
  

  recognize considerations related to cloud management
  

  differentiate between cloud computing roles such as cloud service customer, cloud service architect, and cloud auditor
  

  differentiate between on-premise and cloud implementations
  

  describe the common deployment and migration strategies
  

  describe compute technologies
  

  provide an overview of the iaas cloud service model
  

  list virtualization security concepts such as hypervisor and container security
  

  recognize considerations when moving applications to the cloud
  

  define iam roles
  

  describe storage technologies
  

  recognize key access control considerations
  

  ensure compliance with regulations and controls, like itil and iso/iec 20000-1
  

  describe key cloud characteristics
  

  recognize how to implement operational controls and standards
  

  recognize different privacy concerns such as private data and jurisdictional concerns
  

  specify cloud benefits, components, and service models
  

  secure the root account
  

  manage compliance with regulations and controls
  

  describe the six key stages in the data lifecycle - create, store, use, share, archive, and destroy
  

  describe considerations when evaluating cloud service providers
  

  recognize requirements for disaster recovery strategy
  

  define privacy issues and jurisdiction
  

  describe legal requirements and risks