CCSP Exam Cram - DOMAIN 2 (2023)
Vložit
- čas přidán 22. 02. 2023
- This video, the second in our CCSP Exam Cram series, is targeted exam prep for DOMAIN 2 of the ISC2 CCSP exam.
CCSP Official Study Guide and Practice Tests Bundle
amzn.to/3HIntBY
PDF Presentation Download - CCSP Exam Cram: Domain 2
1drv.ms/b/s!AmhtzcmYt5AVia0PP...
CCSP Official Exam Outline/Syllabus
www.isc2.org/-/media/ISC2/Cer...
Table of Contents
-----------------
00:04:30 2.1 Describe Cloud Data Concepts
00:09:48 2.2 Design and Implement Cloud Data Storage Architectures
00:20:14 2.3 Design and Apply Data Security Technologies and Strategies
01:01:28 2.4 Implement Data Discovery
01:08:14 2.5 Implement Data Classification
01:20:13 2.6 Design and Implement Information Rights Management (IRM)
01:26:34 2.7 Plan and Implement Data Retention, Deletion and Archiving Policies
01:37:02 2.8 Design and Implement Auditability, Traceability and Accountability of Data Events
CISSP Exam Cram (Full Course, all 8 domains)
• CISSP Exam Cram Full C...
OWASP Logging Cheat Sheets
github.com/OWASP/CheatSheetSe...
NOTICE: Some of our video description contain affiliate links, which means we may receive a small commission on a purchase without additional cost to you, if you buy something. - Věda a technologie
Far better than paid courses on Udemy. Thanks a lot Pete
Thanks, that’s great to hear! Good luck! 👍🍀
Yes, agreed, you've done a great job. Although I'm not studying to pass the exam, this is an excellent series to enhance a good base of knowledge
Finally, I found a series that is much better than any paid subscription on Udemy. Often, instructors have outdated knowledge or their lectures don't correlate with actual implementation and configuration in cloud services. As a cloud architect, it’s been challenging for me to grasp these concepts. However, with this lecture series, I have no trouble understanding the material because Pete explains it in a way that directly relates to real-world scenarios.
Glad you’re finding it helpful! Good luck on the exam!👍🍀
I really enjoy your CCSP class. It's amazing! Hopefully, it will help me pass the exam at the end of the month.
Glad you're enjoying. Best of luck! 🍀🤞
Love this series. Started watching with your CISSP series. You go in-depth and your content delivery isn't bland like others in this space. Keep up the great work!
Glad you enjoy it! Good luck! 🍀👍
I don't have words to express my gratitude for your work. Your videos helped me tremendously in passing the CISSP exam. Now, I am preparing to study for the CCSP, and I plan to use your videos again.
Thank you so much for your incredible work. You are making a significant contribution to the development of many cybersecurity professionals.
May I ask when you expect to finish the CCSP video series?
Very happy I could help. CONGRATULATIONS on the CISSP! 🏆🎉🌟
Excellent work! Big thanks Pete👏
Happy to help! Good luck on the exam!
Amazing videos, clear and to the point! Thanks a lot Pete.
Happy to help! Domain 3 coming soon! 👍
Man I hope you will achieve everything in your life you wish for! These videos are life changing. This is my second time watching the whole series and i can't believe how much I have retained by just watching these so far.
I haven't gotten a book yet I'm just target reading based in the study guides using open source material like your channel. However, i got the cybex practice book and I am already feeling comfortable answering probably 50% correctly.
I am going to study the book once it arrives and aim for above 80% accuracy. HopefullyI can take my exam in the next two months.
Glad you’re finding them helpful! Good luck on your exam!🍀🤞👍
The real life demo was really helpful!! Thanks for giving us this course and looking forward to Domain 3!
Glad it was helpful! 👍
👍 Thanks a lot Pete!!!
You're a god send brother
Glad I could help!👍
Your CISSP series was very helpful in passing my CISSP. Excited to learn from the CCSP videos as well. Thanks for this great content! 🥇
Glad it was helpful! Good luck on the CCSP!!! 🍀🤞👍
Thanks a lot, Pete!! 👏
👍
Great we were waiting for part two thanks for sharing
👍 Good luck! Ping me if questions along the way!
You got me through CISSP and next up is CCSP! Thank you for your work!
You got this! 💪Good luck! 🍀🤞
Great, Thanks a lot Pete
Happy to help. Good luck!👍
Thanks , Pete
Happy to help! 👍
Great stuff Pete!
Thanks! 👍
Thank you for your efforts and cooperation.
My pleasure! Happy to help! 👍
Thank you Pete
Glad you like! Ping me in the comments or on LinkedIn with questions. Good luck on the exam! 🍀🤞
Thanks Pete !
You're welcome!
@@InsideCloudAndSecurity : we simply love your class , one more request , can you please have the rest of domains released soon and then provide some practice test engines so that our concepts are rock solid
Doing great work Pete. Greatly appreciated.
Much appreciated! Good luck! 👍
Pete your content is GREAT so much better than the £3000 fee based I have paid for CCSP and CISSP courses. I would of preferred giving you the money. CCSP Exam next week for me. Thank you
So glad you like it! Good luck on your exam! 🍀🤞👍
Many Thanks Pete. This series better than my paid bootcamps 😁
LOVE to hear that! Hope your exam went/goes well! 👍
Very valuable
Glad you like them. Ping me in the comments or on LinkedIn with questions as you prepare. Good luck on the exam! 🍀👍
Hi Pete. I previously passed CISSP with your help. Thank you!
Regarding CCSP, I noticed that the videos for each domain of CCSP tend to be twice as long as the CISSP counterparts. And there is a similar trend for Sec+ videos.
My question is, how would you recommend the CISSP-passers approach CCSP material? On one hand, CCSP has new information, on another hand, because the videos are lengthy, it is very easy to skim over material, presuming that it was already covered in CISSP.
Nowhere near twice as long, but longer for a reason. I'll explain. In the exam crams, CISSP is about 8 hours, Security+ is 10 hrs 45min, and CCSP 11 hrs 54 min. In the CISSP, my first extended course, I covered all the most likely exam topics, meaning the legacy topics unlikely/less likely to appear in the live exam were not covered, intending to be a very effective supplementary resource. With Security+ and CCSP, I intentionally covered "every topic in the exam syllabus" to create a resource that was still very time efficient, but could better stand on their own as the sole/primary video resource to accompany the official study guide. With Security+, found this has been quite successful, so I repeated with the CCSP, which is much more cloud-focused than CISSP, and an exam even CISSP's struggle with, one telling me he passed CISSP on the first try but had failed CCSP twice! Initial reports on the CCSP Exam Cram from early candidates have been positive, with a newly awarded CCSP yesterday calling it "outstanding". 👍 Hope this helps! Good luck on the exam! 🍀🤞
Brilliant
Thanks! 😉 Good luck! 🍀👍
finally, passed ccsp tho
Congratulations Matt! 🏆🎉🌟
22:00 symetric key doesnt provide non-repudiation. Symmetric key encryption uses the same key for both encryption and decryption, so both the sender and the receiver share the same secret. This means that there is no way to prove who actually encrypted or decrypted the message, and either party can repudiate the message.
Correct, which is why if you look at the slide again, you will notice it says "Lacks support for scalability, easy key distribution, and non-repudiation". Lacks support for = does not help with.
aha okie, Understood now. thanks for quick reply.@@InsideCloudAndSecurity
This is a really good layout of topics fantastic explanation. I will see if recommended resources in this series along with the videos will allow me to pass the exam. I will report back after few months.
Glad you think so. Good luck on the exam! 🍀🤞👍
30:17 "It is a good ideal to store you cryptographic keys with CSP unless you have requirements that mandate your organization to manage its keys". I find this contradictory to the CBK 3rd Edition by Mike Chapel & David Saidl in Chapter 2.3.1 ; "Outsourcing Key Management: Keys should not be stored with the data they're protecting, and we shouldn't make physical access to keys readily available to anyone who doesn't have authorization and need to know for that data; therefore, in cloud computing, it is preferable to have the keys stored somewhere other than the cloud provider's data center. One solution is for the cloud customer to retain the keys, but that requires an expensive and complicated set of infrastructure and skilled personnel. This would reduce some of the benefit in reduced costs we get from offloading our enterprise to the cloud provider. Another option is using a cloud access security broker (CASB)". Considering the risks that come with cloud technology especially where data erasure assurance needs to be attained (even if its not a regulatory requirement), keeping Keys with CSP seem to not prefered.
@InsideCloudAndSecurity I look forward to your further guidance here
CBK agreement with my assertion is right there in the text you quoted: “one solution is for the cloud customer to retain the keys, but that requires an expensive and complicated set of infrastructure, and skilled personnel”. The overwhelmingly most common practice is that the customers will rely on CSP (Microsoft, Amazon, and Google) to manage those keys, except in cases of where sensitivity or regulatory compliance necessitates, customer-managed keys, such as with HIPAA/HITRUST.
Hi thank you so much for the video. Is there a way to access these slides?
Yes, see "PDF Presentation Download" link in the Description section beneath the video. Same is true of individual domain videos and the full course.
Ephemeral storage is used in IaaS or Saas?
in multiple models. You'll find emphemeral storage in IaaS in the form of a temp disk, as well as PaaS services like AWS Lambda and Azure Automation, and more.
Thank you and great job. Please help me understand who is CSSP for versus CISSP. Looking to get certify
(ISC)² developed the Certified Cloud Security Professional (CCSP) credential to ensure that cloud security
professionals have the required knowledge, skills, and abilities in cloud security design, implementation,
architecture, operations, controls, and compliance with regulatory frameworks. A CCSP applies information
security expertise to a cloud computing environment and demonstrates competence in cloud security
architecture, design, operations, and service orchestration.
@@InsideCloudAndSecurity Thank you.
According to (ISC)2, where should the cloud customer’s encryption keys be stored?
Will depend on the situation and customer need (high sensitivity, regulatory, etc). CSP services (like storage) offer provider-managed keys and a customer-managed keys option.
@@InsideCloudAndSecurity I am sorry. explanation isnt clear. But thanks for responding
Minor comment, but I disagree with the order of 'Private' and 'Sensitive' at 1:09:29
Appreciate the comment, but in ISC2 perspective, their official study guide agrees with this representation. This segment is supported by diagram in ISC2 CISSP official study guide (9th edition) Fig 5.1. In any event, I expect questions on this exam to focus more on adequate data protection and key management to secure various types of non-public data.