9 hours 29 minutes

Video Transcription

welcome to the final module in the CCS K exam. Preparation course. This is the last leg you have made it almost through the entire journey. To close things out, we're going to do an overview of specific highlights and takeaways for the different domains. I'm not gonna go each domain one by one.
Whether we're going to do groupings of domains focused on the introduction,
the cloud computing infrastructure, security for cloud managing cloud security and risk data security for cloud securing cloud applications, user and related technologies and cloud security operations that we're gonna close out walking through how to register for the exam.
I'll cover some tips and tricks for you to use when preparing for the exam.
Remainder of this video is going to be focused on the domain one takeaways regarding cloud computing concepts and architectures.
You're gonna wanna have a strong and firm grasp and understanding of the definition of cloud computing. It is open book, so you don't need a word by word of memorization. But really understanding how missed defines cloud computing the core attributes as well as how the ice oh, definition for cloud computing works
here. I'm showing a diagram that we've looked at previously. It expands on the definitions, provides a little more clarity on the different facets of what cloud computing means, especially in the NIST model. It all starts from the characteristics perspective with resource pooling. From there you have the other characteristics. Broad network access,
rapid elasticity, scaling up, scaling down
measured service also referred to his metered service on demand Self service. This is the cloud management plane being able to provisioned, modify and tune the configuration of the cloud. Service yourself as a power user, as opposed to having toe call the company and have them take a variety of actions on your behalf.
Then you have the service model SAS past. I asked. We've covered those quite a bit
and the deployment model public, private hybrid and community. So having a good understanding of all these things characteristics, service models, deployment models is going to be very important and why you can look at this diagram during the test.
You need to understand what these things are, what are the different implications and we've hit on a time and time again. Throughout this course and throughout the course, we covered certain tools from the C s. A. Such as the CCM in cake, Really understanding that this CCM is used to assess and document the security and compliance controls,
letting you know who was responsible for what and which controls
fit with which different compliance standards, and then understanding that the cake is a questionnaire you're going to use to evaluate. How do the cloud providers fulfill the CCM controls? Having that basic understanding is going to be very fundamental. During the course, you're gonna have the CCM up and ready and running. I've got a reference here.
Take a moment to to look through the CCM yourself downloaded
Examine the different columns, the different natures understanding you can clearly see. Where is the architectural relevance? Is it in the physical layer of the network layer the compute layer which applique which diploma model do these different controls apply to Sass Pass and I asked, is a responsibility of the service provider
responsibility of the consumer? Is it a shared responsibility?
And then it also brings in those mapping Zoe's far right columns, which continues to go on well beyond the screenshot here. Teoh define of all these different controls that the Ciencia em outlines. How did those align with the different controls expected of more generalized standards, such as a stock to report
I so 27,001
HIPPA compliance fed ramp and countless other different standards that are documented in the CCM? And then here I have the cake again. It's the questionnaire, so it has each one of those controls that we noticed on the CCM. The rose there are outlined,
but then breaks down the specifics about that control specifications and
formulates it in a questionnaire manner. Questions. You can ask your cloud provider questions that you can ask yourself to assess. How well are you fulfilling the need for that control? And in wrapping up this video and about the concepts in the introductory section, it was very important that you have a good security process model where you define what you're looking for.
You evaluate the deployment and service models that are available,
evaluate the cloud providers. You define the architecture of what you're going after. Then you assess specific providers, and the contrary, he controls that air in place ones. You need to take care of the ones that the provider will take care of identifying the gaps in those controls, implementing additional controls if things aren't already taken care of,
and then continuing an ongoing management of changes
and the continuing an ongoing management of changes in the infrastructure changes to your requirements and so on that wraps up this summary video. We're going to continue to summarize batches of domains in the next few videos.

Up Next


This course prepares you to take the CCSK exam certification by covering material included in the exam. It explains how the exam can be taken and how the certification process works.

Instructed By

Instructor Profile Image
James Leone
Cloud, IoT & DevSecOps at Abbott