Cloud Essentials/Governance

Governance

Objectives and Skills

edit

Objectives and skills for the governance portion of CompTIA Cloud Essentials+ certification include:[1]

  • Recognize risk management concepts related to cloud services.
    • Risk assessment
      • Asset inventory
      • Classification
      • Ownership
    • Risk response
      • Mitigation
      • Acceptance
      • Avoidance
      • Transfer
    • Documentation
      • Findings
      • Risk register
    • Vendor lock-in
    • Data portability
  • Explain policies or procedures.
    • Standard operating procedures
    • Change management
    • Resource management
    • Security policies
      • Incident response
    • Access and control policies
    • Department specific policies
    • Communication policies
  • Identify the importance and impacts of compliance in the cloud.
    • Data sovereignty
    • Regulatory concerns
    • Industry-based requirements
    • International standards
    • Certifications
  • Explain security concerns, measures, or concepts of cloud operations.
    • Threat
    • Vulnerability
    • Security assessments
      • Penetration testing
      • Vulnerability scanning
      • Application scanning
    • Data security
      • Categories
      • Public
      • Private
      • Sensitive
      • Confidentiality
      • Encryption
      • Sanitization
      • Integrity
      • Validation
      • Availability
      • Backup
      • Recovery
      • Breach
    • Application and Infrastructure security
      • Audit
      • Access
      • Authorization
      • Hardening

Readings

edit

Multimedia

edit

Activities

edit

Lesson Summary

edit

Risk Management

edit

Policies

edit
  • SOP (Standard Operating Procedure)

Compliance

edit
  • ISO (International Standards Organization)
  • ITIL (Information Technology Infrastructure Library)

Security

edit

Key Terms

edit
DDoS (Distributed Denial of Service)

See Also

edit

References

edit