WEBVTT 00:00:00.740 --> 00:00:05.440 So let's take a moment to review the key elements of the 00:00:05.440 --> 00:00:07.790 Cloud Security Operations for CCSP course, 00:00:07.790 --> 00:00:14.240 the fifth in the line of six domains for the CCSP exam. 00:00:14.260 --> 00:00:20.660 Recall that the exam outline contains these testable items, 00:00:20.740 --> 00:00:25.650 build and implement physical and logical infrastructure for cloud environment, 00:00:25.660 --> 00:00:29.690 operate and maintain physical and logical infrastructure for cloud environment, 00:00:29.690 --> 00:00:32.640 implement operational controls and standards, 00:00:32.650 --> 00:00:37.200 support digital forensics, manage communication with relevant parties, 00:00:37.210 --> 00:00:39.360 and manage security operations. 00:00:39.370 --> 00:00:42.070 All of these are learning objectives that are included in the 00:00:42.070 --> 00:00:44.900 exam outline that you should be familiar with. 00:00:44.910 --> 00:00:48.200 Let these points surface to your mind as key. 00:00:48.200 --> 00:00:52.180 The key points that should still resonate with you is that 00:00:52.190 --> 00:00:56.710 most of the operations related to physical controls in the 00:00:56.710 --> 00:00:58.640 cloud are wholly on the provider. 00:00:58.650 --> 00:01:01.750 In fact, that's the motive for using the cloud, 00:01:01.750 --> 00:01:05.950 so that the customer doesn't have to be concerned about the cost and 00:01:05.950 --> 00:01:08.890 the management of resources at a physical level. 00:01:08.900 --> 00:01:14.800 But, the separation in logical controls is not as simple to assume. 00:01:14.800 --> 00:01:15.320 Here, 00:01:15.330 --> 00:01:19.090 you should remember that the shared‑responsibility model is 00:01:19.090 --> 00:01:22.950 what will dictate how much responsibility you have and how much 00:01:22.950 --> 00:01:24.400 is on the cloud service provider. 00:01:24.410 --> 00:01:25.560 Always recall, 00:01:25.570 --> 00:01:29.890 you should begin with administrative controls before you 00:01:29.890 --> 00:01:32.810 delve into physical and logical controls, 00:01:32.810 --> 00:01:33.520 otherwise, 00:01:33.520 --> 00:01:37.730 you may not be able to capture the full breadth of the 00:01:37.730 --> 00:01:40.820 concern in your security environment. 00:01:41.240 --> 00:01:44.210 Components of physical and logical security you should 00:01:44.210 --> 00:01:48.600 recall are hardware security modules, the type‑one hypervisors, 00:01:48.610 --> 00:01:52.550 the Trusted Platform Module, firewalls and security groups, 00:01:52.560 --> 00:01:55.520 along with data encryption keys. 00:01:55.530 --> 00:02:00.760 Each of these have an element of protective measures that should be taken. 00:02:00.770 --> 00:02:04.710 For the hardware security module and the Trusted Platform Module, 00:02:04.710 --> 00:02:10.509 they actually use encryption, or encryption is something that they're protecting. 00:02:10.520 --> 00:02:15.190 The hypervisor needs to go through hardening by the cloud service provider, 00:02:15.190 --> 00:02:17.790 but some cloud service providers are allowing you 00:02:17.790 --> 00:02:19.950 to actually launch hypervisors. 00:02:20.010 --> 00:02:23.900 Think also from the standpoint of systems and physical and 00:02:23.900 --> 00:02:26.400 logical security along with those systems, 00:02:26.410 --> 00:02:31.050 like the VXLAN that doubles the ID of the native VLAN and has 00:02:31.050 --> 00:02:33.940 the ability to create 16 million networks. 00:02:33.950 --> 00:02:39.570 Think also of DNSSEC and the other security parameters 00:02:39.570 --> 00:02:43.230 that we need to configure with DNS, including DMARK, 00:02:43.240 --> 00:02:45.120 SPF, and DKIM. 00:02:45.640 --> 00:02:46.890 Think also about IPSEC, 00:02:46.890 --> 00:02:51.320 and TLS VPNs and how these are still heavily used in order to 00:02:51.320 --> 00:02:54.990 access read sources from our cloud carrier. 00:02:55.000 --> 00:03:00.130 Also recall how infrastructure as code simplify security, 00:03:00.140 --> 00:03:00.910 automates it, 00:03:00.920 --> 00:03:03.700 and makes it so that you can stand up a whole security 00:03:03.700 --> 00:03:05.650 environment in an automated fashion. 00:03:05.840 --> 00:03:10.580 Administrative controls all should center around change management. 00:03:10.590 --> 00:03:13.930 Recall that change management is the umbrella for 00:03:13.940 --> 00:03:16.590 all other management activities. 00:03:16.600 --> 00:03:21.230 Change management is a nontechnical resource for the 00:03:21.230 --> 00:03:24.200 organization serving the business need, and therefore, 00:03:24.200 --> 00:03:28.500 the language should also be nontechnical in a change management meeting. 00:03:28.510 --> 00:03:32.250 All other management capabilities report into change management, 00:03:32.250 --> 00:03:34.910 including configuration, deployment, release, 00:03:34.920 --> 00:03:38.140 and patch management, even incident and problem management, 00:03:38.150 --> 00:03:42.180 along with service level, availability, and continuity management. 00:03:42.190 --> 00:03:45.320 Service‑level management needs to focus on the 00:03:45.320 --> 00:03:49.050 availability of resources and less on uptime, 00:03:49.060 --> 00:03:54.790 as we think less about physical resources and more about services. 00:03:55.010 --> 00:03:59.200 The monitoring of security controls includes vulnerability, 00:03:59.210 --> 00:04:03.560 log capture and analysis, and the security operations center. 00:04:03.680 --> 00:04:11.560 Modern‑day cloud service providers give you a rich access to resources via APIs. 00:04:11.570 --> 00:04:16.660 Here, you can monitor all of what's going on in your management console. 00:04:16.839 --> 00:04:18.019 Next up on the list, 00:04:18.019 --> 00:04:22.040 be sure to take the self‑assessment questions that you 00:04:22.040 --> 00:04:24.680 will find inside of the study guide. 00:04:24.690 --> 00:04:27.650 Think about, as you go through the questions, how one 00:04:27.650 --> 00:04:30.520 answer should be better than another. 00:04:30.530 --> 00:04:35.890 Think of the context, both in time and what the answer is focusing on. 00:04:35.900 --> 00:04:40.240 Be sure to grab your study guide so that you're able to 00:04:40.240 --> 00:04:42.090 look at your assessment questions. 00:04:42.090 --> 00:04:48.660 And then, go into the last course in the tranche of six for the CCSP exam, 00:04:48.670 --> 00:04:51.010 Legal, Risk, and Compliance.