Cloud Administration/Security

Security

Objectives and Skills
Objectives and skills for the security portion of CompTIA Cloud+ certification include:

2.1 Given a scenario, apply security configurations and compliance controls to meet given cloud infrastructure requirements. 2.2 Given a scenario, apply the appropriate ACL to the target objects to meet access requirements according to a security template. 2.3 Given a cloud service model, implement defined security technologies to meet given security requirements. 2.4 Given a cloud service model, apply the appropriate security automation technique to the target system.
 * Company security policies
 * Apply security standards for the selected platform
 * Compliance and audit requirements governing the environment
 * Laws and regulations as they apply to the data
 * Encryption technologies
 * IPSec
 * SSL/TLS
 * Other ciphers
 * Key and certificate management
 * PKI
 * Tunneling protocols
 * L2TP
 * PPTP
 * GRE
 * Implement automation and orchestration processes as applicable
 * Appropriate configuration for the applicable platform as it applies to compute
 * Disabling unneeded ports and services
 * Account management policies
 * Host-based/software firewalls
 * Antivirus/anti-malware software
 * Patching
 * Deactivating default accounts
 * Authorization to objects in the cloud
 * Processes
 * Resources
 * Users
 * Groups
 * System
 * Compute
 * Networks
 * Storage
 * Services
 * Effect of cloud service models on security implementations
 * Effect of cloud deployment models on security implementations
 * Access control methods
 * Role-based administration
 * Mandatory access controls
 * Discretionary access controls
 * Non-discretionary access controls
 * Multifactor authentication
 * Single sign-on
 * Data classification
 * Concepts of segmentation and micro-segmentation
 * Network
 * Storage
 * Compute
 * Use encryption as defined
 * Use multifactor authentication as defined
 * Apply defined audit/compliance requirements
 * Tools
 * APIs
 * Vendor applications
 * CLI
 * Web GUI
 * Cloud portal
 * Techniques
 * Orchestration
 * Scripting
 * Custom programming
 * Security services
 * Firewall
 * Antivirus/anti-malware
 * IPS/IDS
 * HIPS
 * Impact of security tools to systems and services
 * Scope of impact
 * Impact of security automation techniques as they relate to the criticality of systems
 * Scope of impact