filmov
tv
Domain 1: Cloud Computing Concepts and Architecture - Deployment Models, Security Architecture
Показать описание
Domain 1: Cloud Computing Concepts and Architecture - Deployment Models, Security Architecture
NIST:
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Cloud is:
Transformative
Disruptive
Exponential growth
Agility (move fast)
Resiliency (reduce downtime)
Economy (save money)
Cloud User / Client
Cloud Provider
Concepts: Abstraction and Orchestration
Note: Traditional virtualization lacks orchestration
Multi tenancy
Service Models:
PAAS
SAAS
IAAS
Deployment Model
Public
Community
Private
Hybrid
Cloud Logical Model and security
Infrastructure → infrastructure security
Metastructure → management plane (not present in traditional on-prem env)
Infostructure → data security
Applistructure → application security
Cloud Reference Model:
Abstraction
Orchestration
API / REST
Cloud Management Plane
Extremely important to protect your management plane in terms of security
IAAS - Computer, Network, Storage
PAAS - Azure SQL, App Engine
SAAS - Microsoft 365, Azure AD
Types of Cloud Security Models:
Conceptual models or frameworks -CSA logical model
Controls models or frameworks - CSA CCM
Reference architectures - can be detailed
Design patterns are - reusable solutions
The CSA Enterprise Architecture
The CSA Cloud Controls Matrix
ISO/IEC FDIS 27017 Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services.
CSA - Areas of Critical Focus - 13 domains
Governance and Enterprise Risk Management
Legal Issues: Contracts and Electronic Discovery
Compliance and Audit Management
Information Governance
Management Plane and Business Continuity
Infrastructure Security
Virtualization and Containers
Incident Response, Notification and Remediation
Application Security
Data Security and Encryption
Identity, Entitlement, and Access Management
Security as a Service
Related Technologies
Recommendations:
Cloud providers: clearly document internal security controls and customer security features
Consensus Assessment Initiative Questionnaire (CAIQ) v3.1
Cloud users: build a responsibilities matrix to document responsible parties implementing various controls
Cloud Controls Matrix v4
NIST:
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Cloud is:
Transformative
Disruptive
Exponential growth
Agility (move fast)
Resiliency (reduce downtime)
Economy (save money)
Cloud User / Client
Cloud Provider
Concepts: Abstraction and Orchestration
Note: Traditional virtualization lacks orchestration
Multi tenancy
Service Models:
PAAS
SAAS
IAAS
Deployment Model
Public
Community
Private
Hybrid
Cloud Logical Model and security
Infrastructure → infrastructure security
Metastructure → management plane (not present in traditional on-prem env)
Infostructure → data security
Applistructure → application security
Cloud Reference Model:
Abstraction
Orchestration
API / REST
Cloud Management Plane
Extremely important to protect your management plane in terms of security
IAAS - Computer, Network, Storage
PAAS - Azure SQL, App Engine
SAAS - Microsoft 365, Azure AD
Types of Cloud Security Models:
Conceptual models or frameworks -CSA logical model
Controls models or frameworks - CSA CCM
Reference architectures - can be detailed
Design patterns are - reusable solutions
The CSA Enterprise Architecture
The CSA Cloud Controls Matrix
ISO/IEC FDIS 27017 Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services.
CSA - Areas of Critical Focus - 13 domains
Governance and Enterprise Risk Management
Legal Issues: Contracts and Electronic Discovery
Compliance and Audit Management
Information Governance
Management Plane and Business Continuity
Infrastructure Security
Virtualization and Containers
Incident Response, Notification and Remediation
Application Security
Data Security and Encryption
Identity, Entitlement, and Access Management
Security as a Service
Related Technologies
Recommendations:
Cloud providers: clearly document internal security controls and customer security features
Consensus Assessment Initiative Questionnaire (CAIQ) v3.1
Cloud users: build a responsibilities matrix to document responsible parties implementing various controls
Cloud Controls Matrix v4
0:41:31
CCSP Domains 1 Cloud Concepts, Architecture and Design
0:24:56
CCSP Deep Dive Podcast | Episode 1 - Cloud Computing Concepts | Domain 1
0:44:13
Domain 1: Cloud Computing Concepts and Architecture - Deployment Models, Security Architecture
0:21:10
CCSK Domain 1 Cloud Computing Concepts and Architecture
0:12:45
CCSP Deep Dive Podcast - Episode 1 | Domain 1 | 1.1 - Understand cloud computing concepts | Part 1
0:30:54
CCSP Domain 1 | 1.1Cloud Computing Concepts | Definitions, Roles, Characteristics, Building Block
0:06:22
CCSP Exam Preparation | Domain 1 | 1.1 - Understand cloud computing concepts | Part 1
0:06:24
Cloud Computing In 6 Minutes | What Is Cloud Computing? | Cloud Computing Explained | Simplilearn
0:39:56
CCSP Deep Dive Podcast | Episode 4 - Cloud Reference Architecture | Domain 1
0:13:00
CCSP Exam Questions | Domain 1 | 1.1 - Understand cloud computing concepts | Part 1
0:17:37
AWS Cloud Practitioner Exam - Domain 1: Cloud Concepts
0:13:39
CCSP Exam Practice Questions | Domain 1. Cloud Concepts, Architecture and Design | Part 1
0:48:59
AWS Certified Cloud Practitioner: Domain 1: Cloud Concepts - part 1
0:24:38
Cloud Computing For Beginners | What is Cloud Computing | Cloud Computing Explained | Simplilearn
0:22:10
ISC2 CCSP Domain 1 | Part 1 of 5 | Cloud Concepts, Architecture and Design | Training | Easy Concept
1:00:59
CCSP Domain 1 : Cloud Concepts, Architecture, and Design | InfosecTrain
0:03:14
AWS Cloud computing models | AWS Certified Cloud Practitioner 2020| Domain 1 Cloud Concepts
0:15:14
CCSP Exam Practice Questions | Domain 1. Cloud Concepts, Architecture and Design | Part 2
0:01:57
What is Cloud Computing - AWS Certified Cloud Practitioner Course || Domain 1 Cloud Concepts
1:07:38
Your Complete Guide to CCSP Domain 1: Exam Prep Made Easy
0:09:21
Cloud Computing Definitions CCSP Domain 1.1-1
0:04:45
(Module 1)32 Domain 1 Summary CCSP 2023
0:34:43
CCSP Domain 1 Quick Review/Recap |Cloud Concepts, Architecture and Design| CCSP Full Crash Course
0:12:20
CCSP Deep Dive Podcast | Episode 2 - Cloud Computing Fundamentals | Domain 1
Комментарии