Introduction

The Certified Cloud Security Professional certification, or CCSP, is a certification hosted by the joint effort of (ISC)2 and the Cloud Security Alliance (CSA). This exciting credential is designed for cloud-based information security professionals and ensures that the certification holder has acquired the requisite skills, knowledge and abilities in cloud implementation, security design, controls, operations and compliance with applicable regulations.

The CCSP certification exam comprises six domains: Architectural Concepts and Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Operations, Cloud Application Security and Legal and Compliance. This article will detail the Cloud Platform and Infrastructure Security domain of the CCSP exam and what candidates preparing for the CCSP certification can expect on the exam.

The Cloud Platform and Infrastructure Security domain of CCSP currently accounts for 20% of the material covered by the CCSP certification exam.

Below, you will find an exploration of the different subsections of this domain and what information you can expect to be covered on the CCSP certification exam

3.1 Comprehend Cloud Infrastructure Components

Cloud infrastructure is composed of many parts, each with their own significance. These components include physical environment, virtualization, network and communications, storage, compute and the management plane.

Physical Environment

While the lay person may think that information being “in the cloud” means that it is in some virtual “other dimension,” the cloud has a physical environment. This physical environment has a low tolerance for failure and many considerations that need to be addressed for the physical environment to be suitable for cloud infrastructure.

Data Center

Data centers are the physical environment where the cloud infrastructure resides. There are many physical environment aspects that need to be considered such as:

  • Appropriate floor space
  • Appropriate rack space/cages
  • Any other colocation concerns on a case-by-case basis
  • Geographic considerations: Availability of power, seismic activity, floods, accessibility
  • Political risks: Civil unrest, rioting and so forth

Data Center Design

Redundancy is the name of the game when it comes to data center design. Examples of how redundancy comes into play is no single point of failure, multiple power units, multiple backup units, multiple power distribution units (PDU), multiple entrances and exits to the building and more.

Network and Communications

With the high amount of data that gets transmitted to and from the cloud, network and communications is another important cloud infrastructure consideration that will be covered in this domain. These concerns include:

  • Rate limiting
  • Bandwidth allocation
  • Filtering
  • Routing
  • Software defined networking

Compute

A cloud server’s compute parameters depend on the number of CPUs and the amount of RAM used. The ability to allocate these resources is a vital compute concern. Successful CCSP exam candidates should be able to fully explain these three factors that affect resource allocation:

  • Reservations
  • Limits
  • Shares

Virtualization

The use of powerful host machines providing shared resource pools to maximize the number of guests is a both a basic explanation of virtualization and the underpinning of cloud computing. In fact, cloud computing would not be possible without virtualization. The most convincing arguments for the use of virtualization are:

  • Increasing the efficiency and agility of hardware by sharing resources
  • A reduction in personnel resourcing and maintenance, leading to easier management

Storage

Redundancy is also the name of the game with regard to storage. For reliability, when storage is performed on a disk drive, the approach used is that of Redundant Array of Inexpensive Disks (RAID). Object storage is a popularly used storage solution offered by cloud service providers. The redundancy with object storage comes by way of data storage across multiple object storage servers.

Management Plane

Cloud management planes allow administrators to remotely manage all hosts instead of physically visiting each host server to install software or reboot/power on said hosts. The end result is automated control tasks. Administrators can control the entire cloud infrastructure via the management plane.

3.2 Analyze Risks Associated With Cloud Infrastructure Risk Assessment/Analysis

Although these risk assessment/analysis guidelines below will be helpful, ultimately all risks associated to a cloud infrastructure should be customized for their individual needs. Risks to consider include:

Policy and Organization Risks

  • Provider lock-in
  • Loss of governance
  • Compliance challenges
  • Provider exit

General Risks

A risk is present if there is the potentiality of failure to meet a requirement that is able to be expressed in technical terms. These technical terms include performance, protection, operability, and integration.

Cloud service providers have a relatively large technology scale, which affects risk. This one result depends on the situation, of course. Considerations include:

  • Consolidation of cloud and IT infrastructure lead to consolidation of points of failure
  • Larger scale platforms require more technical skill to manage
  • Shifting control of technical risks towards cloud service provider

Cloud Attack Vectors

The new technology of cloud computing brings with it new attack vectors. These attack vectors are:

  • API compromise, example being leaking API credentials
  • Identity compromise
  • Attacks on connecting infrastructure. For example, attacks on the cloud carrier
  • Attacks on the cloud service provider’s infrastructure and facilities

Virtualization Risks

  • Snapshot and image security
  • Guest breakout
  • Sprawl

Countermeasure Strategies

There are a couple recommendations for countermeasures and several considerations.

First, use a multi-layered approach to defending from risks. Second, and in keeping with the recurring theme of redundancy, for every control that is used against a risk there should be a second control implemented in case of failure of the first. The countermeasure considerations include:

  • Continuous uptime
  • Access controls: Including building access, computer and colocation floor access and so on.
  • Automation of controls

3.3 Design and Plan Security Controls
Physical and Environmental Protection

Bodies of knowledge in this area are NIST’s SP 800-14 and SP 800-123. This knowledge has been consolidated into key regulations.

Key Regulations

  • Healthcare Insurance Portability and Accountability Act (HIPAA)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)

Examples of Relevant Controls Based Upon One or More Regulations

  • Policies and procedures established for maintaining safe and secure working environments: Includes offices, facilities, rooms and secure areas
  • Restricted physical access of users and support personnel to information assets and functions
  • Physical security perimeters such as walls, fences, guards, barriers, gates and so on.

Protecting Data Center Facilities

Data centers are required to have a redundant, multi-layered approach to using access controls. Controls are required to be at the facilities level, the computer floor level, and at the data center/facility staff level to guard against risk.

System and Communication Protections

Cloud computer runs on physical systems which use services needing protection. Some of these services are:

  • Hypervisor
  • Volume management
  • Storage controller
  • Security group management
  • IP address management
  • Identity service
  • VM image service
  • Management databases

Other considerations for system and communication protections are:

  • Automation of configuration
  • Responsibilities of protecting the cloud: Including knowing where the responsibility lies between cloud service provider and cloud customer
  • Detecting and logging of security events

Virtualization Systems Protection

Below are the relevant virtualization systems protection considerations:

  • Protecting the management plane
  • Isolation of the management network from other networks
  • Proper network design as well as properly operating components: for example, firewalls
  • Use of trust zones

Other Design and Plan Security Controls Considerations

  • Management of authentication, identification and authorization within the cloud infrastructure
  • Audit mechanisms

3.4 Plan Disaster Recovery and Business Continuity Management

Considerations for this subsection include:

  • Understanding of the cloud environment with respect to the Business Continuity and Disaster Recovery (BCDR) plan
  • Understanding of the risks
  • Understanding of the business requirements
  • BCDR strategy
  • Creation of BCDR plan
  • Implementation of BCDR plan

Conclusion

Domain 3 is one of the most difficult and verbose sections of the CCSP certification exam. Use the above article as a guide (though not your sole source of exam preparation for this domain), and you should be successful in passing the CCSP certification exam.

 

Sources

CCSP, (ISC)2

CCSP Certification Exam Outline, (ISC)2

CCSP Domain 3 Notes, Quizlet

Adam Gordon, “The Official (ISC)2 Guide to the CCSP CBK,” John Wiley & Sons, 2016

Be Safe

Section Guide

Greg
Belding

View more articles from Greg

Earn your CCSP the first time with InfoSec Institute and pass your exam, GUARANTEED!

Section Guide

Greg
Belding

View more articles from Greg