Course Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
10
Video Transcription
00:06
>> Welcome to the final module in
00:06
the CCSK exam preparation course.
00:06
This is the last lec.
00:06
You have made it almost through the entire journey.
00:06
To close things out, we're going to do an overview of
00:06
specific highlights and takeaways
00:06
for the different domains.
00:06
I'm not going to go each domain one-by-one,
00:06
rather we're going to do groupings of domains
00:06
focused on the introduction to cloud computing,
00:06
infrastructure security for cloud,
00:06
managing cloud security and risk,
00:06
data security for cloud,
00:06
securing cloud applications, user,
00:06
and related technologies, and
00:06
>> cloud security operations.
00:06
>> Then we're going to close out walking
00:06
through how to register for the exam,
00:06
and I'll cover some tips and tricks for you to
00:06
use when preparing for the exam.
00:06
Remainder of this video is going to be
00:06
focused on the domain 1
00:06
takeaways regarding
00:06
cloud computing concepts and architectures.
00:06
You're going to want to have a strong and firm grasp and
00:06
understanding of the definition of cloud computing.
00:06
It is open book so you don't need a word
00:06
by word of memorization but
00:06
really understanding how NIST defines cloud computing,
00:06
the core attributes, as well as how the
00:06
ISO definition for cloud computing works.
00:06
Here I'm showing a diagram that
00:06
we've looked at previously.
00:06
It expands on the definitions,
00:06
provides a little more clarity on
00:06
the different facets of what cloud computing means,
00:06
especially in the NIST model.
00:06
It all starts from the characteristics
00:06
perspective with resource pooling.
00:06
From there you have the other characteristics,
00:06
broad network access, rapid elasticity, scaling up,
00:06
scaling down, measured service,
00:06
also referred to as metered service,
00:06
on-demand self-service.
00:06
This is the cloud management plane,
00:06
being able to provision, modify,
00:06
and tune the configuration of
00:06
the Cloud service yourself as
00:06
a power user as opposed to having to call the company
00:06
and have them take a variety of actions on your behalf.
00:06
Then you have the service models, SaaS,
00:06
PaaS, IaaS we've covered those quite a bit.
00:06
The deployment model, public,
00:06
private, hybrid, and community.
00:06
Having a good understanding of
00:06
all these things, characteristics,
00:06
service models, deployment models
00:06
is going to be very important.
00:06
While you can look at this diagram during the test,
00:06
you need to understand what these things are,
00:06
what are the different implications?
00:06
We've hit on it time and time
00:06
again throughout this course.
00:06
Throughout the course, we covered
00:06
certain tools from the CSA,
00:06
such as the CCM and CAIQ.
00:06
Really understanding that this CCM is
00:06
used to assess and document the security and
00:06
compliance controls letting you
00:06
know who's responsible for what and
00:06
which controls fit with
00:06
which different compliance standards.
00:06
Then understanding that the CAIQ
00:06
is a questionnaire you're going to use to
00:06
evaluate how do the cloud providers
00:06
fulfill the CCM controls?
00:06
Having that, the basic understanding
00:06
is going be very fundamental.
00:06
During the course, you're going to have
00:06
the CCM up and ready and running.
00:06
I've got a reference here.
00:06
Take a moment to look through the CCM yourself.
00:06
Download it, examine the different columns,
00:06
the different natures, understanding,
00:06
you can clearly see where's the architectural relevance?
00:06
Is it in the physical layer,
00:06
the network layer, the compute layer,
00:06
which deployment model did
00:06
these different controls applied to SaaS, PaaS and IaaS?
00:06
Is there a responsibility of the service provider,
00:06
responsibility of the consumer?
00:06
Is it a shared responsibility?
00:06
Then it also brings in those mappings,
00:06
those far right columns which continues to go on well
00:06
beyond the screenshot here to define.
00:06
Of all these different controls that the CCM outlines,
00:06
how do those aligned with
00:06
the different controls expected of
00:06
more generalized standards such as a sock 2 report,
00:06
ISO 27,001, HIPAA compliance,
00:06
FedRAMP, and countless other different standards
00:06
that are documented in the CCM?
00:06
Then here, I have the CAIQ.
00:06
Again, it's the questionnaire.
00:06
It has each one of those controls
00:06
that we noticed on the CCM.
00:06
The rows there are outlined,
00:06
but then it breaks down the specifics about
00:06
that control specification and
00:06
formulates it in a questionnaire manner.
00:06
Questions that you can ask your cloud provider,
00:06
questions that you can ask yourself to assess how
00:06
well are you fulfilling the need for that control.
00:06
In wrapping up this video and
00:06
about the concepts in the introductory section,
00:06
it was very important that you have
00:06
a good security process model
00:06
where you define what you're looking for,
00:06
you evaluate the deployment
00:06
and service models that are available,
00:06
you evaluate the cloud providers,
00:06
you define the architecture of what you're going after,
00:06
then you assess specific providers.
00:06
The contrary controls that are in place,
00:06
the ones you need to take care of,
00:06
the ones that the provider will take care of,
00:06
identifying the gaps in those controls,
00:06
implementing additional controls if
00:06
things aren't already taken care of,
00:06
and then continuing an ongoing management of changes.
00:06
Then continuing an ongoing management of changes
00:06
in the infrastructure changes to
00:06
your requirements and so on.
00:06
That wraps up this summary video.
00:06
We're going to continue to summarize batches
00:06
of domains in the next few videos.
Up Next