DOMAIN 13 Security as a Service Flashcards Preview

CCSK V4 - Domain 12 & 13 & 14 > DOMAIN 13 Security as a Service > Flashcards

Flashcards in DOMAIN 13 Security as a Service Deck (2)
Loading flashcards...

Major Categories of Security as a Service Offering:

Identity, Entitlement, and Access Management Services,
Cloud Access and Security Brokers,
Web Security (Web Security Gateways),
Email Security,
Security Assessment,
Web Application Firewalls (WAF),
Intrusion Detection/Prevention (IDS/IPS),
Security Information & Event Management (SIEM),
Encryption and Key Management,
Business Continuity and Disaster Recovery,
Security Management,
Distributed Denial of Service Protection


There are three main categories of security assessments:

•• Traditional security/vulnerability assessments of assets that are deployed in the cloud (e.g.
virtual machines/instances for patches and vulnerabilities) or on-premises.
•• Application security assessments, including SAST, DAST, and management of RASP (Runtime Application Self-Protection).
•• Cloud platform assessment tools that connect directly with the cloud service over API to assess not merely the assets deployed in the cloud, but the cloud configuration as well.