CCSP Domain 3 – Cloud Platform and Infrastructure Security

In this course we walk through all of the critical concepts within the Cloud Platform & Infrastructure domain. This domain is 17% of the test. I will guide you through all of the concepts that you need to know and advise you on the level of knowledge that you need to get comfortable with.

There is over 5 hours of video content plus course notes based on information from my book: Cloud Guardians.

We will take a look at networking. At its core this is a data center class. It is current data center technology that allows companies like Amazon to sell services that live on their network. If you are not comfortable with the basics to how networks work it is essential to take a look. If you are familiar with switches, routers, IP and such I have separated out those video sections so that it is easier to breeze right on by.

We will walk through risk analysis, evaluation and response. We will take a look at basic risk terms, from asset and threat to risk appetite and tolerance. It is also very good to know what quantitative and qualitative risk assessments are. You do not need to actually perform any calculations on the test at this time though.

And a brief look at the Cloud Security Alliances Egregious 11 and Treacherous 12 documents. The Treacherous 12 is a pretty basic way to look at problems on the cloud, but the Egregious 11 gets a bit more technical. Not to the level that the OWASP Top 10 is at, but still good to spend a little time getting to know. They are the actual problems (at least some of them) that we have with the cloud today.

We will also look at Business Continuity Management (BCM). It is an abbreviated view as we do not need to go into things like what is the difference between a hot site and a cold site. Instead the question is where does the cloud fit into BCM? Do make sure that you know your time frames e.g., MTD, RTO, RPO, etc.