Cloud Essentials/Governance

Governance

Objectives and Skills
Objectives and skills for the governance portion of CompTIA Cloud Essentials+ certification include:


 * Recognize risk management concepts related to cloud services.
 * Risk assessment
 * Asset inventory
 * Classification
 * Ownership
 * Risk response
 * Mitigation
 * Acceptance
 * Avoidance
 * Transfer
 * Documentation
 * Findings
 * Risk register
 * Vendor lock-in
 * Data portability
 * Explain policies or procedures.
 * Standard operating procedures
 * Change management
 * Resource management
 * Security policies
 * Incident response
 * Access and control policies
 * Department specific policies
 * Communication policies
 * Identify the importance and impacts of compliance in the cloud.
 * Data sovereignty
 * Regulatory concerns
 * Industry-based requirements
 * International standards
 * Certifications
 * Explain security concerns, measures, or concepts of cloud operations.
 * Threat
 * Vulnerability
 * Security assessments
 * Penetration testing
 * Vulnerability scanning
 * Application scanning
 * Data security
 * Categories
 * Public
 * Private
 * Sensitive
 * Confidentiality
 * Encryption
 * Sanitization
 * Integrity
 * Validation
 * Availability
 * Backup
 * Recovery
 * Breach
 * Application and Infrastructure security
 * Audit
 * Access
 * Authorization
 * Hardening

Policies

 * SOP (Standard Operating Procedure)

Compliance

 * ISO (International Standards Organization)
 * ITIL (Information Technology Infrastructure Library)

Key Terms

 * DDoS (Distributed Denial of Service)