第1页 / 共547页
第2页 / 共547页
第3页 / 共547页
第4页 / 共547页
第5页 / 共547页
第6页 / 共547页
第7页 / 共547页
第8页 / 共547页
CCSP CBK 2nd Edition.pdf
The Official (ISC)2® Guide to the CCSPSM CBK®
About the Author
Credits
Contents
Foreword
Introduction
DOMAIN 1: ARCHITECTURAL CONCEPTS AND DESIGN REQUIREMENTS
Introduction
Drivers for Cloud Computing
Security, Risks, and Benefits
Cloud Computing Definitions
Cloud Computing Roles
Key Cloud Computing Characteristics
Cloud Transition Scenario
Building Blocks
Cloud Computing Functions
Cloud Service Categories
IaaS
PaaS
SaaS
Cloud Deployment Models
The Public Cloud Model
The Private Cloud Model
The Hybrid Cloud Model
The Community Cloud Model
Cloud Cross-Cutting Aspects
Architecture Overview
Key Principles of an Enterprise Architecture
The NIST Cloud Technology Roadmap
Network Security and Perimeter
Cryptography
Encryption
Key Management
IAM and Access Control
Provisioning and Deprovisioning
Centralized Directory Services
Privileged User Management
Authorization and Access Management
Data and Media Sanitization
Vendor Lock-In
Cryptographic Erasure
Data Overwriting
Virtualization Security
The Hypervisor
Security Types
Common Threats
Data Breaches
Data Loss
Account or Service Traffic Hijacking
Insecure Interfaces and APIs
Denial of Service
Malicious Insiders
Abuse of Cloud Services
Insufficient Due Diligence
Shared Technology Vulnerabilities
Security Considerations for Different Cloud Categories
IaaS Security
PaaS Security
SaaS Security
Open Web Application Security Project Top Ten Security Threats
Cloud Secure Data Lifecycle
Information and Data Governance Types
Business Continuity and Disaster Recovery Planning
Business Continuity Elements
Critical Success Factors
Important SLA Components
Cost-Benefit Analysis
Certification Against Criteria
System and Subsystem Product Certification
Summary
Review Questions
Notes
DOMAIN 2: CLOUD DATA SECURITY
Introduction
The Cloud Data Lifecycle Phases
Location and Access of Data
Location
Access
Functions, Actors, and Controls of the Data
Key Data Functions
Controls
Process Overview
Tying It Together
Cloud Services, Products, and Solutions
Data Storage
IaaS
PaaS
SaaS
Threats to Storage Types
Technologies Available to Address Threats
Relevant Data Security Technologies
Data Dispersion in Cloud Storage
DLP
Encryption
Masking, Obfuscation, Anonymization, and Tokenization
Application of Security Strategy Technologies
Emerging Technologies
Bit Splitting
Homomorphic Encryption
Data Discovery
Data Discovery Approaches
Different Data Discovery Techniques
Data Discovery Issues
Challenges with Data Discovery in the Cloud
Data Classification
Data Classification Categories
Challenges with Cloud Data
Data Privacy Acts
Global P&DP Laws in the United States
Global P&DP Laws in the European Union
Global P&DP Laws in APEC
Differences Between Jurisdiction and Applicable Law
Essential Requirements in P&DP Laws
Typical Meanings for Common Privacy Terms
Privacy Roles for Customers and Service Providers
Responsibility Depending on the Type of Cloud Services
Implementation of Data Discovery
Classification of Discovered Sensitive Data
Mapping and Definition of Controls
Privacy Level Agreement
PLA Versus Essential P&DP Requirements Activity
Application of Defined Controls for PII
Cloud Security Alliance Cloud Controls Matrix
Management Control for Privacy and Data-Protection Measures
Data Rights Management Objectives
IRM Cloud Challenges
IRM Solutions
Data-Protection Policies
Data-Retention Policies
Data-Deletion Procedures and Mechanisms
Data-Archiving Procedures and Mechanisms
Events
Event Sources
Identifying Event Attribute Requirements
Storage and Analysis of Data Events
SIEM
Supporting Continuous Operations
Chain of Custody and Nonrepudiation
Summary
Review Questions
Notes
DOMAIN 3: CLOUD PLATFORM AND INFRASTRUCTURE SECURITY
Introduction
The Physical Environment of the Cloud Infrastructure
Data Center Design
Network and Communications in the Cloud
Network Functionality
Software-Defined Networking
The Compute Parameters of a Cloud Server
Virtualization
Scalability
The Hypervisor
Storage Issues in the Cloud
Object Storage
Management Plane
Management of Cloud Computing Risks
Risk Assessment and Analysis
Cloud Attack Vectors
Countermeasure Strategies Across the Cloud
Continuous Uptime
Automation of Controls
Access Controls
Physical and Environmental Protections
Key Regulations
Examples of Controls
Protecting Data Center Facilities
System and Communication Protections
Automation of Configuration
Responsibilities of Protecting the Cloud System
Following the Data Lifecycle
Virtualization Systems Controls
Managing Identification, Authentication, and Authorization in the Cloud Infrastructure
Managing Identification
Managing Authentication
Managing Authorization
Accounting for Resources
Managing Identity and Access Management
Making Access Decisions
The Entitlement Process
The Access Control Decision-Making Process
Risk Audit Mechanisms
The Cloud Security Alliance Cloud Controls Matrix
Cloud Computing Audit Characteristics
Using a VM
Understanding the Cloud Environment Related to BCDR
On-Premises, Cloud as BCDR
Cloud Service Consumer, Primary Provider BCDR
Cloud Service Consumer, Alternative Provider BCDR
BCDR Planning Factors
Relevant Cloud Infrastructure Characteristics
Understanding the Business Requirements Related to BCDR
Understanding the BCDR Risks
BCDR Risks Requiring Protection
BCDR Strategy Risks
Potential Concerns About the BCDR Scenarios
BCDR Strategies
Location
Data Replication
Functionality Replication
Planning, Preparing, and Provisioning
Failover Capability
Returning to Normal
Creating the BCDR Plan
The Scope of the BCDR Plan
Gathering Requirements and Context
Analysis of the Plan
Risk Assessment
Plan Design
Other Plan Considerations
Planning, Exercising, Assessing, and Maintaining the Plan
Test Plan Review
Testing and Acceptance to Production
Summary
Review Questions
Notes
DOMAIN 4: CLOUD APPLICATION SECURITY
Introduction
Determining Data Sensitivity and Importance
Understanding the API Formats
Common Pitfalls of Cloud Security Application Deployment
On-Premises Does Not Always Transfer (and Vice Versa)
Not All Apps Are Cloud Ready
Lack of Training and Awareness
Lack of Documentation and Guidelines
Complexities of Integration
Overarching Challenges
Awareness of Encryption Dependencies
Understanding the Software Development Lifecycle Process for a Cloud Environment
Secure Operations Phase
Disposal Phase
Assessing Common Vulnerabilities
Cloud-Specific Risks
Threat Modeling
STRIDE Threat Model
Approved Application Programming Interfaces
Software Supply Chain (API) Management
Securing Open Source Software
Identity and Access Management
Identity Management
Access Management
Identity Repository and Directory Services
Federated Identity Management
Federation Standards
Federated Identity Providers
Federated SSO
Multifactor Authentication
Supplemental Security Devices
Cryptography
Tokenization
Data Masking
Sandboxing
Application Virtualization
Cloud-Based Functional Data
Cloud-Secure Development Lifecycle
ISO/IEC 27034-1
Organizational Normative Framework
Application Normative Framework
Application Security Management Process
Application Security Testing
Static Application Security Testing
Dynamic Application Security Testing
Runtime Application Self-Protection
Vulnerability Assessments and Penetration Testing
Secure Code Reviews
OWASP Recommendations
Summary
Review Questions
Notes
DOMAIN 5: OPERATIONS
Introduction
Modern Data Centers and Cloud Service Off erings
Factors That Aff ect Data Center Design
Logical Design
Physical Design
Environmental Design Considerations
Multivendor Pathway Connectivity
Implementing Physical Infrastructure for Cloud Environments
Enterprise Operations
Secure Configuration of Hardware: Specific Requirements
Best Practices for Servers
Best Practices for Storage Controllers
Network Controllers Best Practices
Virtual Switches Best Practices
Installation and Configuration of Virtualization Management Tools for the Host
Leading Practices
Running a Physical Infrastructure for Cloud Environments
Configuring Access Control and Secure Kernel-Based Virtual Machine
Securing the Network Configuration
Network Isolation
Protecting VLANs
Using TLS
Using DNS
Using IPSec
Identifying and Understanding Server Threats
Using Standalone Hosts
Using Clustered Hosts
Resource Sharing
Distributed Resource Scheduling/Compute Resource Scheduling
Accounting for Dynamic Operation
Using Storage Clusters
Clustered Storage Architectures
Storage Cluster Goals
Using Maintenance Mode
Providing HA on the Cloud
Measuring System Availability
Achieving HA
The Physical Infrastructure for Cloud Environments
Configuring Access Control for Remote Access
Performing Patch Management
The Patch Management Process
Examples of Automation
Challenges of Patch Management
Performance Monitoring
Outsourcing Monitoring
Hardware Monitoring
Redundant System Architecture
Monitoring Functions
Backing Up and Restoring the Host Configuration
Implementing Network Security Controls: Defense in Depth
Firewalls
Layered Security
Utilizing Honeypots
Conducting Vulnerability Assessments
Log Capture and Log Management
Using Security Information and Event Management
Developing a Management Plan
Maintenance
Orchestration
Building a Logical Infrastructure for Cloud Environments
Logical Design
Physical Design
Secure Configuration of Hardware-Specific Requirements
Running a Logical Infrastructure for Cloud Environments
Building a Secure Network Configuration
OS Hardening via Application Baseline
Availability of a Guest OS
Managing the Logical Infrastructure for Cloud Environments
Access Control for Remote Access
OS Baseline Compliance Monitoring and Remediation
Backing Up and Restoring the Guest OS Configuration
Implementation of Network Security Controls
Log Capture and Analysis
Management Plan Implementation Through the Management Plane
Ensuring Compliance with Regulations and Controls
Using an ITSM Solution
Considerations for Shadow IT
Operations Management
Information Security Management
Configuration Management
Change Management
Incident Management
Problem Management
Release and Deployment Management
Service-Level Management
Availability Management
Capacity Management
Business Continuity Management
Continual Service Improvement Management
How Management Processes Relate to Each Other
Incorporating Management Processes
Managing Risk in Logical and Physical Infrastructures
The Risk-Management Process Overview
Framing Risk
Risk Assessment
Risk Response
Risk Monitoring
Understanding the Collection and Preservation of Digital Evidence
Cloud Forensics Challenges
Data Access Within Service Models
Forensics Readiness
Proper Methodologies for Forensic Collection of Data
The Chain of Custody
Evidence Management
Managing Communications with Relevant Parties
The Five Ws and One H
Communicating with Vendors and Partners
Communicating with Customers
Communicating with Regulators
Communicating with Other Stakeholders
Wrap-Up: Data Breach Example
Summary
Review Questions
Notes
DOMAIN 6: LEGAL AND COMPLIANCE
Introduction
International Legislation Confl icts
Legislative Concepts
Frameworks and Guidelines Relevant to Cloud Computing
ISO/IEC 27017:2015 Information Technology—Security Techniques—Code of Practice for Information Security Controls Based on ISO/IEC 27002 for Cloud Services
Organization for Economic Cooperation and Development—Privacy and Security Guidelines
Asia-Pacific Economic Cooperation Privacy Framework4
EU Data Protection Directive
General Data Protection Regulation
ePrivacy Directive
Beyond Frameworks and Guidelines
Common Legal Requirements
Legal Controls and Cloud Service Providers
e-Discovery
e-Discovery Challenges
Considerations and Responsibilities of e-Discovery
Reducing Risk
Conducting e-Discovery Investigations
Cloud Forensics and ISO/IEC 27050-1
Protecting Personal Information in the Cloud
Differentiating Between Contractual and Regulated PII
Country-Specific Legislation and Regulations Related to PII, Data Privacy, and Data Protection
Auditing in the Cloud
Internal and External Audits
Types of Audit Reports
Impact of Requirement Programs by the Use of Cloud Services
Assuring Challenges of the Cloud and Virtualization
Information Gathering
Audit Scope
Cloud-Auditing Goals
Audit Planning
Standard Privacy Requirements (ISO/IEC 27018)
GAPP
Internal ISMS
The Value of an ISMS
Internal Information Security Controls System: ISO 27001:2013 Domains
Repeatability and Standardization
Implementing Policies
Organizational Policies
Functional Policies
Cloud Computing Policies
Bridging the Policy Gaps
Identifying and Involving the Relevant Stakeholders
Stakeholder Identification Challenges
Governance Challenges
Communication Coordination
Impact of Distributed IT Models
Clear Communications
Coordination and Management of Activities
Governance of Processes and Activities
Coordination Is Key
Security Reporting
Understanding the Implications of the Cloud to Enterprise Risk Management
Risk Profile
Risk Appetite
Difference Between the Data Owner and Controller the Data Custodian and Processor
SLA
Risk Mitigation
Risk-Management Metrics
Different Risk Frameworks
Understanding Outsourcing and Contract Design
Business Requirements
Vendor Management
Understanding Your Risk Exposure
Accountability of Compliance
Common Criteria Assurance Framework
CSA STAR
Cloud Computing Certification
Contract Management
Importance of Identifying Challenges Early
Key Contract Components
Supply Chain Management
Supply Chain Risk
CSA CCM
The ISO 28000:2007 Supply Chain Standard
Summary
Review Questions
Notes
APPENDIX A: ANSWERS TO REVIEW QUESTIONS
Domain 1: Architectural Concepts and Design Requirements
Domain 2: Cloud Data Security
Domain 3: Cloud Platform and Infrastructure Security
Domain 4: Cloud Application Security
Domain 5: Operations
Domain 6: Legal and Compliance Issues
Notes
APPENDIX B: GLOSSARY
APPENDIX C: HELPFUL RESOURCES AND LINKS
Index
EULA
The Official (ISC)2® Guide
to the CCSPSM CBK®
Second Edition
ADAM GORDON
CISSP-ISSAP, CISSP-ISSMP, SSCP, CCSP, CISA,
CRISC, MCSE PRIVATE CLOUD, VCP-CLOUD
The Official (ISC)2® Guide to the CCSPSM CBK®, Second Edition
Published by
John Wiley & Sons, Inc.
10475 Crosspoint Boulevard
Indianapolis, IN 46256
www.wiley.com
Copyright © 2016 by (ISC)2®
Published by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-1-119-27672-2
ISBN: 978-1-119-27673-9 (ebk)
ISBN: 978-1-119-27674-6 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means,
electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108
of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization
through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers,
MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the
Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011,
fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with
respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including
without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or
promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work
is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional
services. If professional assistance is required, the services of a competent professional person should be sought. Neither
the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or website is
referred to in this work as a citation and/or a potential source of further information does not mean that the author or
the publisher endorses the information the organization or website may provide or recommendations it may make.
Further, readers should be aware that Internet websites listed in this work may have changed or disappeared between
when this work was written and when it is read.
For general information on our other products and services please contact our Customer Care Department within the
United States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with
standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media
such as a CD or DVD that is not included in the version you purchased, you may download this material at
http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2016935632
Trademarks: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons,
Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission.
(ISC)2, CCSP, and CBK are service marks or registered trademarks of Information System Security Certification Con-
sortium, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated
with any product or vendor mentioned in this book.
About the Author
With more than 25 years of experience as both an educator and an IT
professional, Adam Gordon holds numerous professional IT certifications,
including CISSP, CISA, CRISC, CHFI, CEH, SCNA, VCP, and VCI.
He is the author of several books and has earned numerous awards,
including EC-Council Instructor of Excellence, 2006 -2007 and Top
Technical Instructor Worldwide, 2002 -2003. Adam holds his bachelor’s
degree in international relations and his master’s degree in international political affairs from
Florida International University.
Adam has held a number of positions during his professional career, including CISO,
CTO, consultant, and solutions architect. He has worked on many large implementations
involving multiple customer program teams for delivery.
Adam has been invited to lead projects for companies such as Microsoft, Citrix, Lloyds
Bank TSB, Campus Management, US Southern Command (SOUTHCOM), Amadeus, World
Fuel Services, and Seaboard Marine.
Credits
Project Editors
Gill Editorial Services
Kelly Talbot
Technical Editor
Rob Shimonski
Production Manager
Kathleen Wisor
Copy Editor
Kezia Endsley
Manager of Content Development &
Assembly
Mary Beth Wakefield
Marketing Manager
Carrie Sherrill
Professional Technology & Strategy
Director
Barry Pruett
Business Manager
Amy Knies
Executive Editor
Jim Minatel
Project Coordinator, Cover
Brent Savage
Proofreader
Kim Wimpsett
Indexer
Johnna VanHoose Dinse
Cover Designer
Mike Trent
Cover Image
Mike Trent
Contents
Foreword
Introduction
Domain 1: architectural concepts anD
Design requirements
Introduction
Drivers for Cloud Computing
Security, Risks, and Benefits
Cloud Computing Definitions
Cloud Computing Roles
Key Cloud Computing Characteristics
Cloud Transition Scenario
Building Blocks
Cloud Computing Functions
Cloud Service Categories
IaaS
PaaS
SaaS
Cloud Deployment Models
The Public Cloud Model
The Private Cloud Model
The Hybrid Cloud Model
The Community Cloud Model
Cloud Cross‐Cutting Aspects
Architecture Overview
Key Principles of an Enterprise Architecture
The NIST Cloud Technology Roadmap
Network Security and Perimeter
Cryptography
Encryption
Key Management
xvii
xix
1
3
4
5
7
12
12
14
16
16
18
18
19
21
23
23
23
24
25
25
25
27
28
32
33
33
35
v
IAM and Access Control
Provisioning and Deprovisioning
Centralized Directory Services
Privileged User Management
Authorization and Access Management
Data and Media Sanitization
Vendor Lock‐In
Cryptographic Erasure
Data Overwriting
Virtualization Security
The Hypervisor
Security Types
Common Threats
Data Breaches
Data Loss
Account or Service Traffic Hijacking
Insecure Interfaces and APIs
Denial of Service
Malicious Insiders
Abuse of Cloud Services
Insufficient Due Diligence
Shared Technology Vulnerabilities
Security Considerations for Different Cloud Categories
IaaS Security
PaaS Security
SaaS Security
Open Web Application Security Project Top Ten Security Threats
Cloud Secure Data Lifecycle
Information and Data Governance Types
Business Continuity and Disaster Recovery Planning
Business Continuity Elements
Critical Success Factors
Important SLA Components
Cost‐Benefit Analysis
Certification Against Criteria
System and Subsystem Product Certification
Summary
Review Questions
Notes
vi
Contents
37
37
38
38
39
40
40
41
41
42
42
43
43
43
44
45
45
46
46
46
47
47
48
48
50
52
54
55
56
57
57
58
59
60
62
69
72
73
77
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
