###### tags: `CCSE` `證照` `雲端安全` # EC-Council CCSE (Certified Cloud Security Engineer) * Exam Code:312-40 * Duration: 4 hrs * Questions: 125 **Author:陳詰昌 Email: power.shell@gmail.com** ## Module 1: 簡介 ### 雲端特性: * 隨需應變自助服務 on demand self service * 隨時隨地用任何網路裝置存取 broad network access * 多人共享資源池 resource pooling * 快速重新部署靈活度 rapid elasticity * 可被監控與量測的服務 measured service ### 雲端服務模式 * IaaS: 透過服務API提供虛擬機及抽象化硬體、作業系統,如Amazon EC2 * PaaS: 提供開發工具、組態管理及開發平台去開發客製化應用程式,如Google App Engine * SaaS: 透過網路提供軟體,如Google Doc、Calendar ### 責任分擔 ![](https://hackmd.io/_uploads/r1gMFY2uJn.png) ### 部署方式 * 公有雲: * 私有雲:雲架構營運專屬某一組織 * 社群雲:特定社群中數個組織共享 * 混合雲:結合2個或以上的雲端部署 ### 雲端角色 * cloud consumer * cloud provider * cloud carrier * cloud auditor * cloud broker ### 安全目標 * 資料安全 * 法規符合 * 支出經費 * 可擴展性 ## Module 2: 雲端的平台及架構安全 * Understand Cloud Platform and Infrastructure * Understand the Risks and Threats Associated with Cloud Platform and Infrastructure * Learn how to Secure the Key Components of Cloud Platform and Infrastructure * Learn how to Design a Secure Data Center in Cloud * Understand Cloud Platform and Infrastructure Security in AWS * Learn how to Implement Cloud Platform and Infrastructure Security in AWS * Understand Cloud Platform and Infrastructure Security in GCP * Learn how to Implement Cloud Platform and Infrastructure Security in Google * Understand Cloud Platform and Infrastructure Security in Microsoft Azure * Learn to Implement Cloud Platform and Infrastructure Security in Microsoft Azure ## Module 3: 雲端的應用程式安全 * Understand Cloud Application Security * Discuss cloud application security risks * Understand Secure Software Development Lifecycle (SSDLC) of Cloud Applications * Understand DevOps and Continuous Integration/ Continuous Deployment (CI/CD) * Discuss cloud application security controls * Understand Application Security Features in AWS * Learn How to Implement Application Security in AWS * Understand Application Security Features in Azure * Learn How to Implement Application Security in Azure * Understand Application Security Features in GCP * Learn How to Implement Application Security in GCP ## Module 4: 雲端的資料安全 * Understand Data Security in Cloud * Discuss cloud data storage fundamentals * Understand the cloud storage architecture and life cycle phases * Evaluate the risks, attacks, and issues in cloud data storage * Understand data security strategies and technologies in the cloud * Discuss Information Rights management Systems * Discuss Data retention and archiving strategies * Discuss Storage and Analysis of Data events * Understand storage services in Amazon Webservices (AWS) * Learn how to implement data security in Amazon Webservices (AWS) * Understand storage services in Google Cloud Platform (GCP) * Learn how to implement data security in Google Cloud Platform (GCP) * Understand storage services in Microsoft Azure * Learn how to implement data security in Microsoft Azure ## Module 5: 雲端的安全運營 * Discuss cloud security operations * Understand elements (standards and methods) in cloud data center physical/logical Operations * Learn Security Operations to Build Cloud Infrastructure * Learn How to Perform Security Operations for Cloud Infrastructures * Learn Security Operations to Manage Cloud Infrastructure * Discuss Security Configurations Management for Cloud Infrastructure * Learn to Monitor Security Operations for Cloud Infrastructure * Understand security operations in Microsoft Azure * Learn to implement security operations in Microsoft Azure * Understand security operations in Amazon Webservices (AWS) * Learn to implement security operations in Amazon Webservices (AWS) * Understand security operations in Google Cloud Platform (GCP) * Learn to implement security operations in Google Cloud Platform (GCP) ## Module 6: 雲端的滲透測試 * Understand the scope of cloud penetration testing * Learn generic penetration testing steps in the cloud * Learn AWS-specific penetration testing steps * Learn Azure-specific penetration testing steps * Learn GCP-specific penetration testing steps ## Module 7: 雲端的事故應變 * Understand Cloud Incident Response * Understand Cloud Incident Response Lifecycle * Understand How SOAR Accelerates Incident Response * Discuss Security Incident Response in AWS * Discuss AWS Investigation and Detection Tools * Discuss Security Incident Response in Microsoft Azure Cloud * Discuss Security Incident Response in Google Cloud Platform (GCP) ## Module 8: 雲端的鑑識調查 * Discuss cloud forensics * Learn how to investigate security incidents in Amazon Web Services (AWS) * Learn how to investigate security incidents in Microsoft Azure * Learn how to investigate security incidents in Google Cloud Platform (GCP) ## Module 9: 雲端的營運持續與災難復原 * Discuss Cloud Disaster Recovery and Business Continuity * Learn to Design Disaster Recovery and Business Continuity in Cloud * Learn to Architect Recovery and Resilience in AWS * Learn to Implement Recovery and Resilience in AWS * Understand Business Continuity and Disaster Recovery in Microsoft Azure * Learn Disaster Recovery Configurations in Azure * Learn to Implement BC/DR with Azure SQL Database * Learn to Configure BCDR for Azure Stack Edge VPN * Understand Various Disaster Recovery Scenarios in Azure * Learn to Implement BCDR in Azure * Discuss Azure Partner Solutions for BCDR * Discuss BC/DR in Google Cloud Platform (GCP) * Discuss GCP Resources for Disaster Recovery (DR) and Business Continuity Plan (BCP) * Understand Disaster Recovery for Data in GCP * Understand Disaster Recovery for Applications in GCP * Learn to Architect DR for Cloud Infrastructure Outages * Learn to Implement BCDR in Google Cloud Platform (GCP) * Discuss Partners Solutions for Implementing BCDR in GCP ## Module 10: 雲端的治理、風險管理及合規 * Understand GRC in the Cloud * Discuss Cloud Governance * Learn to Implement and Maintain Governance for Cloud Computing * Discuss Risk management in the Cloud * Discuss Risk Management Framework and Process in the Cloud * Understand Cloud Compliance * Learn to Implement GRC in the cloud * Understand GRC in Amazon Web Services (AWS) * Understand GRC in Azure * Understand GRC in Google Cloud Platform (GCP) ## Module 11: 雲端的標準、政策及法規議題 * Understand Laws Impacting Cloud Computing * Learn the Cloud Computing Standards * Describe the Legal Frameworks for Data Protection and Privacy * Learn Audit Planning and Reporting in the Cloud * Describe Outsourcing and Vendor Management * Understand Standards, Policies, and Auditing in AWS * Understand Standards, Policies, and Auditing in Azure * Understand Standards, Policies, and Auditing in GCP
Last changed by  
陳詰昌
曾任刑事局資訊科科長、偵九大隊隊長、數位證據股股長等職位,具有網路犯罪偵查、資安事件調查、數位鑑識等20餘年工作經驗;於2022年轉任金融業,負責資安治理、風險評鑑、維運等工作。 國立臺灣科技大學資訊工程碩士,資訊管理博士班進修中;通過CISSP、CISM、CEH、CEFI、ECSA、CC等證照。
75

Read more

CCSP(Certified Cloud Security Professional)

Author:陳詰昌Email: power.shell@gmail.com

11/26/2023
個資資安風險對應與事件處置

什麼是威脅? 原本就存在

11/5/2023
個資資安事件風險與對應

定義: 影響目標達成的不確定因素

10/19/2023
CISM Certified Information Security Manager (ISACA)

Author:陳詰昌Email: power.shell@gmail.com如有錯誤請告知~

10/18/2023
Read more from 陳詰昌
Published on HackMD