Home » Security Bloggers Network » CCSP Domain 4: Cloud Application Security

CCSP Domain 4: Cloud Application Security

by Greg Belding on October 10, 2018

Introduction

The Certified Cloud Security Professional certification, or CCSP, is a certification hosted by the joint effort of (ISC)2 and the Cloud Security Alliance (CSA). This exciting credential is designed for cloud-based information security professionals and ensures that the certification holder has acquired the requisite skills, knowledge and abilities in cloud implementation, security design, controls, operations and compliance with applicable regulations.

The CCSP certification exam comprises six domains: Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Operations, Cloud Application Security and Legal and Compliance. This article will detail the Cloud Application Security domain of the CCSP exam and what candidates preparing for the CCSP certification can expect on the exam.

The Cloud Application Security domain of CCSP currently accounts for 15% of the material covered by the CCSP certification exam.

Below you will find an exploration of the different subsections of this domain and what information you can expect to be covered on the CCSP certification exam.

4.1 Recognize the Need for Training and Awareness in Application Security

When new development techniques are introduced, training is often required. Cloud computing is no exception to this rule.

Sponsorships Available

Cloud Development Basics

Cloud Application Components

Cloud applications are composed of the following components:

Data
Functions
Processes

Determining Data Sensitivity and Performance

Cloud based applications should be assessed to determine their sensitivity and importance. This is how “cloud-friendliness” is determined. Six key questions are asked in these situations. based on impact: