Posts

Showing posts from September, 2018

CCSP Domain 2 : Cloud Data Security - Part 2

Image
D2 : Cloud Data Security M6 : Ensure Compliance with Regulations and Controls IT Service Management (ITSM) Management and oversight to ensure alignment between IT and business. Configuration Management Maintain information about configuration items required to deliver an IT service, including their relationship. Change Management An approach to transitioning individuals, teams, and organizations to a desired future state. Respond to acustomer's changing business requirements Respond to business and IT requests Ensure changes are recorded and evaluated Ensure the authorized changes are prioritized, planned, tested, implemented, documented and reviewed in a controlled manner Ensure all changes to configuration items are recorded in configuration management system Optimize overall business risk. Incident Management To identify, analyze, and correct hazards to prevent a future re-occurrence of an incident. Event : A change of state that has significance for the mana

CCSP Domain 2 : Cloud Data Security - Part 1

Image
OMG! I can't believe that it's a year passed by, and I did not write up for the last 2 topics that I'd like to covered in RHCE! Those posts were prepared after I have finished and passed RHCE. Anyway, I am in preparation for another certification, CCSP. Thought of "document" my study notes in order to help me to organize my notes, and also help me to reinforce my understanding on the topics. I am going to start from Domain 2. D2 : Cloud Data Security M1 : Understand Cloud Data Life Cycle Process overview This table is to layout the possible access and allowed access by functions/actor/location. The access control requirement and design can be retrieved from this table. M2 : Understand Implication of Cloud to Enterprise Risk Risk management Risk framework Key roles associate with data management Data subject : individual who is the subject of personal data Data controller : person who determines the purpose and how to process personal data