ISBN-13: 9781119909019 / Angielski / Miękka / 2022 / 320 str.
ISBN-13: 9781119909019 / Angielski / Miękka / 2022 / 320 str.
Foreword to the Fourth Edition xixIntroduction xxiChapter 1 Cloud Concepts, Architecture, and Design 1Understand Cloud Computing Concepts 2Cloud Computing Definitions 2Cloud Computing Roles and Responsibilities 3Key Cloud Computing Characteristics 7Building Block Technologies 11Describe Cloud Reference Architecture 14Cloud Computing Activities 14Cloud Service Capabilities 15Cloud Service Categories 17Cloud Deployment Models 18Cloud Shared Considerations 21Impact of Related Technologies 27Understand Security Concepts Relevant to Cloud Computing 33Cryptography and Key Management 33Identity and Access Control 34Data and Media Sanitization 36Network Security 37Virtualization Security 39Common Threats 41Security Hygiene 41Understand Design Principles of Secure Cloud Computing 43Cloud Secure Data Lifecycle 43Cloud-BasedBusiness Continuity and Disaster Recovery Plan 44Business Impact Analysis 45Functional Security Requirements 46Security Considerations for Different Cloud Categories 48Cloud Design Patterns 49DevOps Security 51Evaluate Cloud Service Providers 51Verification against Criteria 52System/Subsystem Product Certifications 54Summary 56Chapter 2 Cloud Data Security 57Describe Cloud Data Concepts 58Cloud Data Lifecycle Phases 58Data Dispersion 61Data Flows 62Design and Implement Cloud Data Storage Architectures 63Storage Types 63Threats to Storage Types 66Design and Apply Data Security Technologies and Strategies 67Encryption and Key Management 67Hashing 70Data Obfuscation 71Tokenization 73Data Loss Prevention 74Keys, Secrets, and Certificates Management 77Implement Data Discovery 78Structured Data 79Unstructured Data 80Semi-structuredData 81Data Location 82Implement Data Classification 82Data Classification Policies 83Mapping 85Labeling 86Design and Implement Information Rights Management 87Objectives 88Appropriate Tools 89Plan and Implement Data Retention, Deletion, and Archiving Policies 89Data Retention Policies 90Data Deletion Procedures and Mechanisms 93Data Archiving Procedures and Mechanisms 94Legal Hold 95Design and Implement Auditability, Traceability, and Accountability of Data Events 96Definition of Event Sources and Requirement of Event Attribution 97Logging, Storage, and Analysis of Data Events 99Chain of Custody and Nonrepudiation 100Summary 101Chapter 3 Cloud Platform and Infrastructure Security 103Comprehend Cloud Infrastructure and Platform Components 104Physical Environment 104Network and Communications 106Compute 107Virtualization 108Storage 110Management Plane 111Design a Secure Data Center 113Logical Design 114Physical Design 116Environmental Design 117Analyze Risks Associated with Cloud Infrastructure and Platforms 119Risk Assessment 119Cloud Vulnerabilities, Threats, and Attacks 122Risk Mitigation Strategies 123Plan and Implementation of Security Controls 124Physical and Environmental Protection 124System, Storage, and Communication Protection 125Identification, Authentication, and Authorization in Cloud Environments 127Audit Mechanisms 128Plan Disaster Recovery and Business Continuity 131Business Continuity/Disaster Recovery Strategy 131Business Requirements 132Creation, Implementation, and Testing of Plan 134Summary 138Chapter 4 Cloud Application Security 139Advocate Training and Awareness for Application Security 140Cloud Development Basics 140Common Pitfalls 141Common Cloud Vulnerabilities 142Describe the Secure Software Development Life Cycle Process 144NIST Secure Software Development Framework 145OWASP Software Assurance Maturity Model 145Business Requirements 145Phases and Methodologies 146Apply the Secure Software Development Life Cycle 149Cloud-Specific Risks 149Threat Modeling 153Avoid Common Vulnerabilities during Development 156Secure Coding 156Software Configuration Management and Versioning 157Apply Cloud Software Assurance and Validation 158Functional and Non-functional Testing 159Security Testing Methodologies 160Quality Assurance 164Abuse Case Testing 164Use Verified Secure Software 165Securing Application Programming Interfaces 165Supply-Chain Management 166Third-Party Software Management 166Validated Open-Source Software 167Comprehend the Specifics of Cloud Application Architecture 168Supplemental Security Components 169Cryptography 171Sandboxing 172Application Virtualization and Orchestration 173Design Appropriate Identity and Access Management Solutions 174Federated Identity 175Identity Providers 175Single Sign-on 176Multifactor Authentication 176Cloud Access Security Broker 178Summary 179Chapter 5 Cloud Security Operations 181Build and Implement Physical and Logical Infrastructure for Cloud Environment 182Hardware-Specific Security Configuration Requirements 182Installation and Configuration of Virtualization Management Tools 185Virtual Hardware-Specific Security Configuration Requirements 186Installation of Guest Operating System Virtualization Toolsets 188Operate Physical and Logical Infrastructure for Cloud Environment 188Configure Access Control for Local and Remote Access 188Secure Network Configuration 190Operating System Hardening through the Application of Baselines 195Availability of Stand-Alone Hosts 196Availability of Clustered Hosts 197Availability of Guest Operating Systems 199Manage Physical and Logical Infrastructure for Cloud Environment 200Access Controls for Remote Access 201Operating System Baseline Compliance Monitoring and Remediation 202Patch Management 203Performance and Capacity Monitoring 205Hardware Monitoring 206Configuration of Host and Guest Operating System Backup and Restore Functions 207Network Security Controls 208Management Plane 212Implement Operational Controls and Standards 212Change Management 213Continuity Management 214Information Security Management 216Continual Service Improvement Management 217Incident Management 218Problem Management 221Release Management 221Deployment Management 222Configuration Management 224Service Level Management 225Availability Management 226Capacity Management 227Support Digital Forensics 228Forensic Data Collection Methodologies 228Evidence Management 230Collect, Acquire, and Preserve Digital Evidence 231Manage Communication with Relevant Parties 234Vendors 235Customers 236Partners 238Regulators 238Other Stakeholders 239Manage Security Operations 239Security Operations Center 240Monitoring of Security Controls 244Log Capture and Analysis 245Incident Management 248Summary 253Chapter 6 Legal, Risk, and Compliance 255Articulating Legal Requirements and Unique Risks within the Cloud Environment 256Conflicting International Legislation 256Evaluation of Legal Risks Specific to Cloud Computing 258Legal Frameworks and Guidelines 258eDiscovery 265Forensics Requirements 267Understand Privacy Issues 267Difference between Contractual and Regulated Private Data 268Country-Specific Legislation Related to Private Data 272Jurisdictional Differences in Data Privacy 277Standard Privacy Requirements 278Privacy Impact Assessments 280Understanding Audit Process, Methodologies, and Required Adaptations for a Cloud Environment 281Internal and External Audit Controls 282Impact of Audit Requirements 283Identify Assurance Challenges of Virtualization and Cloud 284Types of Audit Reports 285Restrictions of Audit Scope Statements 288Gap Analysis 289Audit Planning 290Internal Information Security Management System 291Internal Information Security Controls System 292Policies 293Identification and Involvement of Relevant Stakeholders 296Specialized Compliance Requirements for Highly Regulated Industries 297Impact of Distributed Information Technology Model 298Understand Implications of Cloud to Enterprise Risk Management 299Assess Providers Risk Management Programs 300Differences between Data Owner/Controller vs. Data Custodian/Processor 301Regulatory Transparency Requirements 302Risk Treatment 303Risk Frameworks 304Metrics for Risk Management 307Assessment of Risk Environment 307Understand Outsourcing and Cloud Contract Design 309Business Requirements 309Vendor Management 311Contract Management 312Supply Chain Management 314Summary 316Index 317
1997-2024 DolnySlask.com Agencja Internetowa