14 Domains of Security Guidance of CCSKv4
Continuing our discussion on CCSK exam, in this article we will see in detail about the domains of Security Guidance CCSKv4 in more depth
Domains of CCSKv4
CCSK exam has 14 domains and these 14 domains cover the Cloud security in 360 degrees.
Let’s have a detailed look at these 14 domains.
Domain 1 – Cloud Computing Concepts and Architecture
This domain mainly covers the fundamentals of Cloud such as its definition, Logical Models, architectures and its reference models. This domain also covers cloud security and compliance scope, responsibilities
Domain 2 – Governance and Enterprise Risk Management
This Domain covers Governance & its tools. It also covers the concept of Enterprise risk management & effects of the service model and deployment model on it. Cloud risk management tradeoffs and tools for Cloud risk management
Domain 3 – Legal Issues, Contracts and Electronic Discovery
This domain can be divided into two sections first covering the Legal part and second cover the Electronic discovery.
First, part covers Legal frameworks Governing Data protection and privacy, Required security measures, Restrictions on cross-border data transfers with examples. This part also covers Contracts and Provider selection using concepts of Internal/external Due Diligence, Monitoring, Testing & Upgrading, and Contract Negotiations and Reliance on Third-party Audits and attestations
The second part of this domain covers Electronic Discovery with details on Possession, Custody, and control, Relevant Cloud Applications and Environment, Searchability and E-Discovery tools, Preservation, Data retention laws and record keeping obligations. This also covers the electronic Collection, Direct Access, Native Production, Authentication, Cooperation between provider and client in E-Discovery and Response to a subpoena or search warrant
DOMAIN 4 – Compliance and Audit Management
This domain covers concept of Compliance and the impact of cloud on compliance this domain also covers Audit Management and impact of cloud on audit management
DOMAIN 5 – Information Governance
This domain covers Cloud Information Governance, Data Security Lifecycle with details on Locations and Entitlements, Functions, Actors, and Controls
DOMAIN 6 – Management Plane and Business Continuity
This domain covers the BCP concepts of Cloud with Business Continuity and Disaster Recovery in details. This covers the management plane security and business continuity with the cloud provider, loss of cloud provider and for private cloud.
DOMAIN 7 – Infrastructure Security
This domain covers cloud network virtualization, challenges and its benefits and security changes with cloud networking. This also covers Cloud Compute and Workload Security and impact of cloud on it covering VAPT, Storage, Security monitoring and logging.
DOMAIN 8 – Virtualization and Containers
This domain covers Major Virtualization Categories Relevant to Cloud Computing, Network, storage, and containers.
DOMAIN 9 – Incident Response
This domain covers Incident Response Lifecycle and How the Cloud Impacts IR covering Preparation, Detection and Analysis, Containment, Eradication
DOMAIN 10 – Application Security
This domain provides an Introduction to the Secure Software Development Lifecycle and Cloud Computing with insight on Secure Design and Development, Secure Deployment, Secure Operations and How Cloud Impacts Application Design and Architectures
DOMAIN 11 – Data Security and Encryption
This domain provides information on Data Security Controls, Data Storage Types, Managing Data Migrations, Securing Data, Data Security Architectures and Monitoring, Auditing, Alerting and Additional Data Security Controls
DOMAIN 12 – Identity, Entitlement, and Access Management
This domain covers the IAM Standards for Cloud Computing Managing Users and Identities for Cloud Computing, Authentication and Credentials, Entitlement and Access Management, Privileged User Management
DOMAIN 13 – Security as a Service
This domain covers Benefits and Concerns of SecaaS, Categories of Security as a Service Offerings such as Identity, Entitlement, and Access Management Services, Cloud Security Gateways, Web Security, Email Security, Security Assessment, Web Application Firewalls, IDS/IPS, SIEM, Encryption and Key Management
DOMAIN 14 – Related Technologies
This domain gives summarized knowledge on Big Data, Internet of Things (IoT), Mobile and Serverless Computing
With this, we are closing this article and will bring a new article for covering Domain 1 of CCSK…..