CCSP Domain 1: Architectural Concepts & Design Requirements - Security Boulevard

SBN CCSP Domain 1: Architectural Concepts & Design Requirements


The Certified Cloud Security Professional certification, or CCSP, is a certification hosted by the joint effort of (ISC)2 and the Cloud Security Alliance (CSA). This exciting credential is designed for cloud-based information security professionals and ensures that the certification holder has acquired the requisite skills, knowledge and abilities in cloud implementation, security design, controls, operations and compliance with applicable regulations.

The CCSP certification exam comprises six domains: Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Operations, Cloud Application Security and Legal and Compliance. This article will detail the Architectural Concepts and Design Requirements of the CCSP exam and what candidates preparing for the CCSP certification can expect on the exam with regard to this domain.

The Architectural Concepts and Design Requirements domain of CCSP currently accounts for 19% of the material covered by the CCSP certification exam.

Below, you will find an exploration of the different subsections of this domain and what information you can expect to be covered on the CCSP certification exam.

1.1 Understand Cloud Computing Concepts

For this subsection, you will be responsible for basic cloud computing concepts and definitions that can be found in the international standards laid out in ISO/IEC 17788:2014 cloud computing standards.

In ISO/IEC 17788:2014 you will find explanations of basic concepts and definitions of terms related to cloud computing. Below are some examples of what you can expect to find in the international standards:

“3.2.5 cloud computing: Paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand.”

“3.2.8 cloud service: One or more capabilities offered via cloud computing (3.2.5) invoked using a defined interface.”

“3.2.7 cloud deployment (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Greg Belding. Read the original post at: