Cloud Essentials/Governance

< Cloud Essentials

Governance

Objectives and Skills

Objectives and skills for the governance portion of CompTIA Cloud Essentials+ certification include:^[1]

Recognize risk management concepts related to cloud services.
- Risk assessment
  - Asset inventory
  - Classification
  - Ownership
- Risk response
  - Mitigation
  - Acceptance
  - Avoidance
  - Transfer
- Documentation
  - Findings
  - Risk register
- Vendor lock-in
- Data portability
Explain policies or procedures.
- Standard operating procedures
- Change management
- Resource management
- Security policies
  - Incident response
- Access and control policies
- Department specific policies
- Communication policies
Identify the importance and impacts of compliance in the cloud.
- Data sovereignty
- Regulatory concerns
- Industry-based requirements
- International standards
- Certifications
Explain security concerns, measures, or concepts of cloud operations.
- Threat
- Vulnerability
- Security assessments
  - Penetration testing
  - Vulnerability scanning
  - Application scanning
- Data security
  - Categories
  - Public
  - Private
  - Sensitive
  - Confidentiality
  - Encryption
  - Sanitization
  - Integrity
  - Validation
  - Availability
  - Backup
  - Recovery
  - Breach
- Application and Infrastructure security
  - Audit
  - Access
  - Authorization
  - Hardening

Readings

Multimedia

Activities

Lesson Summary

Risk Management

Policies

SOP (Standard Operating Procedure)

Compliance

ISO (International Standards Organization)
ITIL (Information Technology Infrastructure Library)

Security

Key Terms

DDoS (Distributed Denial of Service)

See Also

References

↑ CompTIA: Cloud Essentials+ Certification Exam Objectives EXAM NUMBER: CLO-002

← Management and Operations

Cloud Essentials

Retrieved from "https://en.wikiversity.org/w/index.php?title=Cloud_Essentials/Governance&oldid=2249332"