Domain 2 Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Here we are, the end of Domain 2.
00:00
I hope you learned a tremendous amount
00:00
about securing and protecting
00:00
>> data in Cloud environments.
00:00
>> In this lesson, we're going to just
00:00
review many of the topics we've covered in Domain 2.
00:00
Talk about the importance of many of
00:00
these concepts and then also
00:00
how Domain 2 relates to Domain 1.
00:00
In Domain 1, we covered all
00:00
>> of the major models that are
00:00
>> related to Cloud and Cloud environments.
00:00
But now we really focused on
00:00
a granular level, on the information,
00:00
the data inside those environments,
00:00
and what methods can be used to protect them.
00:00
First and foremost, we talked about how you can
00:00
discover and identify data in your environments.
00:00
How different classification schemes to ensure that
00:00
that data receives
00:00
the proper security protections that it should.
00:00
Then when it came to the data itself,
00:00
we talked about many of
00:00
these aspects of the data lifecycle and
00:00
each of the security considerations that come into
00:00
play when you are creating data,
00:00
securing it, archiving it,
00:00
and ultimately destroying it.
00:00
We talked about the states of data
00:00
involved at different Cloud processes.
00:00
We talked about data in transit,
00:00
data in use, and data in storage.
00:00
Then we talked about many of the security
00:00
strategies that can be
00:00
employed to protect data such as encryption,
00:00
hardening and many of
00:00
the obfuscation techniques that we reviewed.
00:00
We talked about how systems can
00:00
be monitored and audited to ensure that
00:00
our Cloud security controls when it comes to
00:00
data are being implemented and working effectively.
00:00
Then we touched base on privacy,
00:00
what considerations we should make on how
00:00
user data is used within our environments,
00:00
the limitations of that,
00:00
and other considerations regarding
00:00
least privilege and how
00:00
information should be accessed within environments.
00:00
We also talked about information rights management,
00:00
as well as different intellectual property protections
00:00
that are applicable within the United States.
00:00
In short, we covered
00:00
a tremendous amount of material here,
00:00
and I hope you see how this complements
00:00
many of the ideas we've talked
00:00
about architecturally in the first domain.
00:00
Now you understand how,
00:00
what the model you might be using
00:00
or the services you might be using.
00:00
Now this should provide another lens to
00:00
think about where's the information flowing,
00:00
what is it and how should it be properly
00:00
protected in my Cloud environment?
00:00
Let's reflect a moment.
00:00
What data classification scheme
00:00
does your organization use?
00:00
How is data labeled protected and
00:00
monitored within your organization?
00:00
What does the data lifecycle look
00:00
like at your organization?
00:00
These are all the important considerations
00:00
for how data should be
00:00
protected within your organization,
00:00
and I hope this module has really gotten you
00:00
thinking about for data protection in a new light.
00:00
In summary, we talked about the topics covered in
00:00
Domain 2, data protection.
00:00
We talked about the importance of that.
00:00
That data is really
00:00
the most valuable asset the organization has,
00:00
and you have to understand how that value
00:00
is dispersed amongst the different data that you use,
00:00
and then what protections are appropriate for that
00:00
given the data's step of the lifecycle as well
00:00
as the state of that data when it's
00:00
using your Cloud environment.
00:00
Then I really want you to think at the end,
00:00
how did these concepts affect my organization?
00:00
How aware am I of how you protect data
00:00
especially different aspects of data such as
00:00
privacy and intellectual property.
00:00
Well, I will see you in Module 3.
Up Next