Menu

Cloud Concepts, Architecture, and Design

  1. Understand Cloud Computing Concepts
    • Cloud Computing Definitions
    • Cloud Computing Roles (e.g., cloud service customer, cloud service provider, cloud service partner, cloud service broker)
    • Key Cloud Computing Characteristics (e.g., on-demand self-service, broad network access, multi-tenancy, rapid elasticity and scalability, resource pooling, measured service)
    • Building Block Technologies (e.g., virtualization, storage, networking, databases, orchestration)
  2. Describe Cloud Reference Architecture
    • Cloud Computing Activities
    • Cloud Service Capabilities (e.g., application capability types, platform capability types, infrastructure capability types)
    • Cloud Service Categories (e.g., Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS))
    • Cloud Deployment Models (e.g., public, private, hybrid, community)
    • Cloud Shared Considerations (e.g., interoperability, portability, reversibility, availability, security, privacy, resiliency, performance, governance, maintenance and versioning, service levels and Service Level Agreements (SLA), auditability, regulatory)
    • Impact of Related Technologies (e.g., machine learning, artificial intelligence, blockchain, Internet of Things (IoT), containers, quantum computing)
  3. Understand Security Concepts Relevant to Cloud Computing
    • Cryptography and Key Management
    • Access Control
    • Data and Media Sanitization (e.g., overwriting, cryptographic erase)
    • Network Security (e.g., network security groups)
    • Virtualization Security (e.g., hypervisor security, container security)
    • Common Threats
  4. Understand Design Principles of Secure Cloud Computing
    • Cloud Secure Data Lifecycle
    • Cloud based Disaster Recovery (DR) and Business Continuity (BC) planning
    • Cost Benefit Analysis
    • Functional Security Requirements (e.g., portability, interoperability, vendor lock-in)
    • Security Considerations for Different Cloud Categories (e.g., Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS))
  5. Evaluate Cloud Service Providers
    • Verification Against Criteria (e.g., International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27017, Payment Card Industry Data Security Standard (PCI DSS))
    • System/subsystem Product Certifications (e.g., Common Criteria (CC), Federal Information Processing Standard (FIPS) 140-2)

CCSP

  1. Cloud Concepts, Architecture, and Design
  2. Cloud Data Security
  3. Cloud Platform and Infrastructure Security
  4. Cloud Application Security
  5. Cloud Security Operations
  6. Legal, Risk, and Compliance