Certified Cloud Security Professional (CCSP): Cloud Concepts, Architecture, and Design Competency (Intermediate Level)

  • 30m
  • 30 questions
The Cloud Concepts, Architecture, and Design Competency (Intermediate Level) benchmark measures your knowledge of secure cloud computing concepts, architecture, and design principles. You will be evaluated on your recognition of service and deployment models, cloud reference architecture, security principles and requirements, cloud security models, and design principles. A learner who scores high on this benchmark demonstrates competency in many areas of the cloud computing conceptual discipline and has had some working exposure to CCSP cloud concepts, architecture, and design principles and practices for secure cloud computing.

Topics covered

  • compare common cloud threats
  • compare functional security requirements
  • compare network security controls including firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), honeypots, vulnerability assessments, network security groups, and bastion hosts
  • compare the different cloud deployment models
  • describe hardware-specific security configuration requirements including hardware security modules (HSM) and trusted platform module (TPM)
  • describe operating system (OS) hardening through the application of baselines, monitoring, and remediation such as Windows, Linux, and VMware
  • describe secure network configuration including VLAN, transport layer security (TLS), dynamic host configuration protocol (DHCP), DNS Security Extensions (DNSSEC), and VPN
  • describe the availability of clustered hosts and guests including distributed resource scheduling, dynamic optimization, storage clusters, maintenance mode, and high availability (HA) operating systems
  • describe the configuration of host and guest OS backup and restore functions
  • identify cloud-based business continuity and disaster recovery plans
  • identify cloud shared considerations
  • identify details of network and virtualization security
  • identify key characteristics of cloud computing
  • implement software-defined security (SDS) to transition from hardware to a software-defined security solution and outline best practices for securing storage area networks
  • install and configure management tools
  • install guest operating system virtualization tools
  • list cloud design patterns
  • list the phases of the cloud secure data lifecycle
  • name building block technologies
  • outline cloud computing activities and capabilities
  • outline cloud security hygiene
  • outline cryptography and key management
  • outline details of DevOps security
  • outline patch management and Infrastructure as code (IaC) strategies
  • outline performance and capacity monitoring including network, compute, storage, and response time, and hardware monitoring such as disk, CPU, fan speed, and temperature
  • recall details of identity and access control
  • recognize roles and responsibilities in cloud computing
  • recognize security considerations and responsibilities for different cloud categories
  • recognize the cloud service categories
  • recognize the impact of cloud and related technologies