Certified Cloud Security Professional (CCSP): Cloud Concepts, Architecture, and Design Competency (Intermediate Level)

Topics covered

• compare common cloud threats
• compare functional security requirements
• compare network security controls including firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), honeypots, vulnerability assessments, network security groups, and bastion hosts
• compare the different cloud deployment models
• describe hardware-specific security configuration requirements including hardware security modules (HSM) and trusted platform module (TPM)
• describe operating system (OS) hardening through the application of baselines, monitoring, and remediation such as Windows, Linux, and VMware
• describe secure network configuration including VLAN, transport layer security (TLS), dynamic host configuration protocol (DHCP), DNS Security Extensions (DNSSEC), and VPN
• describe the availability of clustered hosts and guests including distributed resource scheduling, dynamic optimization, storage clusters, maintenance mode, and high availability (HA) operating systems
• describe the configuration of host and guest OS backup and restore functions
• identify cloud-based business continuity and disaster recovery plans
• identify cloud shared considerations
• identify details of network and virtualization security
• identify key characteristics of cloud computing
• implement software-defined security (SDS) to transition from hardware to a software-defined security solution and outline best practices for securing storage area networks
• install and configure management tools
• install guest operating system virtualization tools
• list cloud design patterns
• list the phases of the cloud secure data lifecycle
• name building block technologies
• outline cloud computing activities and capabilities
• outline cloud security hygiene
• outline cryptography and key management
• outline details of DevOps security
• outline patch management and Infrastructure as code (IaC) strategies
• outline performance and capacity monitoring including network, compute, storage, and response time, and hardware monitoring such as disk, CPU, fan speed, and temperature
• recall details of identity and access control
• recognize roles and responsibilities in cloud computing
• recognize security considerations and responsibilities for different cloud categories
• recognize the cloud service categories
• recognize the impact of cloud and related technologies