Final Exam: Security Admin - apply BCDR planning in various scenarios
- categorize different types of web services including CAAS, IAAS, MAAS, PAAS, and SAAS
- classify different types of web services including CAAS, IAAS, MAAS, PAAS, and SAAS
- compare the privacy and information systems
- create a maintenance plan using orchestration units
- create business continuity plan and work on its implementation
- define data outsourcing and how to prevent loss of control on data
- define deceptive information and how to protect data
- define internal and external audit and identify various types of audits and audit scope
- define patch management, performance monitoring, and backup
- define risk profile, appetite, and risk management
- define the integration of security services as a service or offering
- describe audit and compliance keeping services stacks in mind
- describe cloud administration and management
- describe cloud under compliance and the need to comply with the attesting bodies
- describe deceptive information and how to protect data
- describe DRM, different data protection policies, and event handing including SIEM
- describe how security policy implementation mitigates cloud security challenges
- describe how to secure network operations including network isolation, clans, TLS, DNS, and IPSec
- describe how to secure SAAS cloud by focusing on SAAS applications
- describe identity access control including details on authentication and authorization
- Describe information security and how to manage operations
- describe security base parameters and recall what creates baselines
- describe supply chain risk, CSA CCM, ISO 28000:2007
- describe the business high availability and continuity techniques
- describe the data protection guidelines including ISO/IEC 27015:2015, 27002, and EU data protection
- describe the evolution of cloud including hardware, software, and server virtualization
- describe the importance of encryption in and out of cloud
- describe the life cycle of securing data in the cloud
- describe the risk management process in logical and physical infrastructures
- describe the software development life cycle and issues
- describe the standards, such as Internal ISMS, ISO 27001:2013
- develop a maintenance plan using orchestration units
- Identify cloud model types and their approach towards adopting the model
- identify cloud software security measures including security principles and testing
- identify common stake holders and governance challenges and how to coordinate communication with them
- identify the building blocks of security planning designing and Infrastructure development
- identify the different service provider risks including back door spoofing
- identify the importance if open-source in cloud infrastructure
- identify the importance of control over physical security and assets
- identify the software development life cycle and issues
- identify various design concepts including logical and physical design
- identify various techniques including Crypto, tokenization, data masking, and dip
- issue excellent grain queries to get selective access control
- list the best practices for servers, storage network, and virtual switches
- list the best practices to communicate with vendors, partners, and customers
- list the common legislation conflicts and compliance issues
- list the importance of encryption and key management
- list the key features of dynamic clusters, storage maintenance, and HA on cloud
- perform excellent grain queries to get selective access control
- recall the importance of control over physical security and assets
- recognize the concepts of data handling, hardware, software and breach planning, and secure environment
- recognize the concepts relates to contract management and its key components
- recognize the core architecture of cloud and importance to data security
- recognize the e-discovery process
- recognize the importance of control over physical security and assets
- recognize the risks and threats involved in cloud computing and their analysis
- specify how to provide security on cloud keeping track of limitations including vulnerability of infrastructure, platform, and service
- specify the need for cloud datacenter
- use secure deployment practices to develop and secure cloud application
|