CCSP EXAM CRAM

EXAM PREPARATION SERIES

Domain 3
Coverage of every topic in
the official exam syllabus!

with Pete Zerger vCISO, CISSP, MVP

 I N T R O D U C T I O N : SERIES OVERVIEW

LESSONS IN THIS SERIES

1 2 3 4 5 6
One lesson for each exam domain

…and a consolidated full course

video when the series is complete
EXAM OBJECTIVES (DOMAINS)

1. Cloud Concepts, Architecture, and Design 17%

2. Cloud Data Security 20%

3. Cloud Platform and Infrastructure Security 17%

4. Cloud Application Security 17%

5. Cloud Security Operations 16%

6. Legal, Risk, and Compliance 13%

Domain 3 is the focus of this video

 CCSP
EXAM STUDY GUIDE
& PRACTICE TESTS BUNDLE

L ink to the latest exam bundle in the video description !

 CSSP EXAM CRAM
THE COMPLETE COURSE

Cloud Platform and

Infrastructure Security

I will cover every topic

mentioned in the exam syllabus
 CSSP EXAM CRAM
THE COMPLETE COURSE

Cloud Platform and

Infrastructure Security

I will also provide examples

of concepts when possible
 CSSP EXAM CRAM
THE COMPLETE COURSE

Cloud Platform and

Infrastructure Security

as well as a bit of show-and-tell

in a real cloud environment
Exam essentials - 3
Risks associated with each Design and describe a secure
type of cloud computing datacenter
More services = more risk, more control = more Build versus buy, physical and environment
risks you must mitigate. design considerations.

Explain key business continuity BC/DR in the cloud

terms, like RTO, RPO, and RSL Similar to on-premises, but more complexity in
the agreements between cloud customer and
Key concepts that help set the bar for your
cloud provider.
BCP/DRP requirements.

Responsibility sharing between

customer and provider
Who is responsible (customer or CSP) in each
area of cloud infrastructure.
Exam essentials - 3

Exam essentials (and book chapters) in the Official

Study Guide do not map one-to-one to exam domains
3. Cloud Platform and Infrastructure Security
Comprehend Cloud Infrastructure
3.1 and Platform Components

Physical environment Virtualization

Network and Storage

communications
Management plane
Compute

In the shared responsibility model, customer

and CSP share security responsibilities.
3. Cloud Platform and Infrastructure Security
Comprehend Cloud Infrastructure
3.1 and Platform Components

Physical environment Virtualization

Network and Storage

communications
Management plane
Compute

We will review responsibilities and security

controls with each area.
Physical environment

There are infrastructure components that are

common to all cloud service delivery models
Most components are all physically located with the CSP, but
many are accessible via the network
The CSP takes on customer datacenter facilities, infrastructure
management responsibilities
In the shared responsibility model, some elements of operation
are shared by the CSP and the customer.

For the exam, know who owns which roles

from the “shared responsibility model”
shared responsibility model
CSP owns all aspects of physical security in their datacenters
Applications Applications Applications Applications
Data Data Data Data
Runtime Runtime Runtime Runtime
Responsible Middleware Middleware Middleware Middleware
CSP OS OS OS OS
Customer Virtualization Virtualization Virtualization Virtualization
Shared Servers Servers Servers Servers
Storage Storage Storage Storage
Networking Networking Networking Networking

On-premises IaaS PaaS SaaS

shared responsibility model
Physical Datacenter
Applications Applications Applications
Data Data Data
Runtime Runtime Runtime
Responsible Middleware Middleware Middleware
CSP OS OS OS
Customer Virtualization Virtualization Virtualization
Shared Servers Servers Servers
Storage Storage Storage
Networking Networking Networking

IaaS PaaS SaaS

Including datacenter facilities, equipment, and environment.

Physical environment considerations
CSPs utilize common controls to address these risks.

For physical security, standard measures such as locks, security

personnel, lights, fences, visitor check-in procedures.

Logical access controls Identity and access management (IAM), single

sign-on (SSO) provider, multifactor authentication (MFA) and logging.

Controls for data confidentiality and integrity like any cloud customer,
but with much broader controls.
Physical environment considerations
CSPs utilize common controls to address these risks.

EXAMPLE
Ensuring that communication lines are not physically
compromised by locating telecommunications equipment
inside a controlled area of the CSP’s building or campus.

Protects data integrity AND service/resource availability

Network and communication
Customer is responsible for configuring the VMs,
Infrastructure
virtual network, and guest OS security as if the
as a Service systems were on-premises
CSP responsible for physical host, physical
storage, and physical network
CSP is responsible for the physical components,
Platform as a the internal network, and the tools provided.
Service Cheaper for customer, but less control

The customer remains responsible for configuring

access to the cloud service for their users, as well
Software as a as shared responsibility for data recovery
Service
CSP owns physical infrastructure, as
well as network and communication
shared responsibility model

Applications Applications Applications Applications

Data Data Data Data
Runtime Runtime Runtime Runtime
Responsible Middleware Middleware Middleware Middleware
CSP OS OS OS OS
Customer Virtualization Virtualization Virtualization Virtualization
Shared Servers Servers Servers Servers
Storage Storage Storage Storage
Networking Networking Networking Networking

On-premises IaaS PaaS SaaS

Network and communicatION - IaaS

Applications
Data Customer is responsible for configuring the VMs,
Runtime virtual network, and guest OS security as if the
Responsible Middleware systems were on-premises
CSP OS
Customer Virtualization CSP provides the tooling to secure the VM
Shared Servers but customer must configure them!
Storage
Networking

IaaS
Network and communication - IaaS

Applications
Data
Runtime
Responsible Middleware
CSP OS
Customer Virtualization
Shared Servers CSP is responsible for configuring the security of
Storage the network, storage, and software for the
Networking physical host
IaaS
CSP owns all physical security
Network and communication - PaaS

Applications Customer is responsible for configuration

Data of application and data access security
Runtime
Responsible Middleware CSP is responsible for everything from the
CSP OS IaaS model (all the physical components),
Customer Virtualization
Shared Servers CSP is responsible internal network, and the
Storage tools provided.
Networking
Any additional customer control is generally
PaaS provided through service SKUs / tiers
Network and communication - SaaS

Applications The customer remains responsible for

Data configuring use access to the cloud service
Runtime Customer also has shared responsibility for
Responsible Middleware data recovery ???
CSP OS
Customer Virtualization CSP may provide the tools for, but customer
Shared Servers may need to perform recovery in some cases
Storage
Networking

EXAMPLE: Office 365 makes hundreds of

SaaS

previous versions of documents available

for self-service recovery by users.
COMPUTE How does the CSP manage compute capacity?

The infrastructure components that deliver compute resources, such

as the VMs, disk, processor, memory and network resources.

a minimum resource that is guaranteed to a customer

maximum utilization of compute resource by a customer (e.g. VM)

limits are allowed to change dynamically based on current
conditions and consumption

a weighting given to a particular VM used to calculate percentage-

based access to pooled resources when there is contention.
In cases of shortage, host scoring determines who gets capacity
 the CSPs additional
Responsibility in compute challenge is multitenancy.

In every delivery and service model:

The remains responsible for the maintenance and
security of the physical components of compute.
The remains largely responsible for their data
and their users.
Between the physical components, there can be
a large array of software and other components.
is responsible for each of these remaining parts varies
by service and delivery model AND sometimes by the CSP.
The details should be spelled out in the contract!
VIRTUALIZATION - Responsibilities and risks
The security of the hypervisor is always the
responsibility of the .
The virtual network and virtual machine may be the
responsibility of either the CSP or the customer.
It depends on the cloud service model
Risks associated with virtualization
– Flawed hypervisor can facilitate inter-VM attacks
– Network traffic between VMs is not necessarily visible
– Resource availability for VMs can be impacted
– VMs and their disk images are simply files, can be portable and movable
VIRTUALIZATION - Responsibilities and risks
Security recommendations for the hypervisor
✓ Install all updates to the hypervisor as they are
released by the vendor.
✓ Restrict administrative access to the management All responsibility
interfaces of the hypervisor.
of the CSP
✓ Capabilities to monitor the security of activity
occurring between guest operating systems (VMs).

Security recommendations for the guest OS

✓ Install all updates to the guest OS promptly.
✓ Back up the virtual drives used by the guest OS on a
regular basis

Customer responsibility, though CSP may provide tools

Virtualization – network security
The CSP’s includes:
-preventing physical access to the servers.
-limiting both local and remote access to the hypervisor.
The virtual network between the hypervisor
and the VM is also a potential attack surface.
Responsibility for security in this layer is often shared
between the CSP and the customer.
These components include virtual network, virtual
switches, virtual firewalls, virtual IP addresses, etc.
Responsibility varies by model (IaaS, PaaS, SaaS)
VIRTUALIZATION RESPONSIBILITIES: HYPERVISORS

TYPE 1
“Bare metal“

VM1 VM2

Hypervisor

Hardware

VMware ESXi, KVM

Microsoft Hyper-V
VIRTUALIZATION RESPONSIBILITIES: HYPERVISORS

TYPE 1 TYPE 2
“Bare metal“ “Hosted“

VM1 VM2 VM1 VM2

Hypervisor Hypervisor

Hardware Hardware

VMware ESXi, KVM

Microsoft Hyper-V
VIRTUALIZATION RESPONSIBILITIES: HYPERVISORS

TYPE 1 TYPE 2
“Bare metal“ “Hosted“

VM1 VM2 VM1 VM2

Hypervisor Hypervisor

Hardware Host OS

Hardware
VMware ESXi, KVM
Microsoft Hyper-V VMware Workstation,
Oracle Virtualbox
 VIRTUALIZATION RESPONSIBILITIES: HYPERVISORS

TYPE 1 TYPE 2
“Bare metal“ “Hosted“

VM1 VM2 VM1 VM2

Hypervisor Hypervisor

Hardware Host OS

Hardware

Host hypervisor would be type 1 in nearly all cases,

and the CSP is always responsible for security.
VIRTUALIZATION-FOCUSED ATTACKS

Where an attacker gains access to a VM, then

attacks either the host machine that holds all
VMs, the hypervisor, or any of the other VMs.

or malicious user breaks the isolation between

VMs running on a hypervisor by gaining access
outside their VM.

Protection: Ensure patches on hypervisor and VMs are always up to date.

Ensure guest privileges are low, server-level redundancy and HIPS/HIDS protection.
STORAGE - Responsibilities and risks
Cloud storage has a number of potential security issues.
Various types of cloud storage are discussed in Domain 1
Data spends most of its life at rest, so understanding who
is responsible for securing cloud storage is key.

CSP Responsibilities CUSTOMER Responsibilities

physical protection of data centers and properly configuring and using the
the storage infrastructure they contain. storage tools.
security patches and maintenance of logical security and privacy of data
underlying data storage technologies they store in the CSP’s environment.
and other data services they provide
STORAGE - customer responsibilities
CSPs provide a set of controls and configuration options
customers can use to secure use of their storage platforms.

Customer is responsible for:

assessing the adequacy of these controls and properly configuring
and using the controls available.
Access over public Internet, VPN, or internal networks
ensuring adequate protection for the data at rest and in motion
based on the capabilities offered by the CSP.
Feature configuration, key mgmt (if customer-managed)
Configuring secure access, whether private or public.

In the cloud, the customer loses control of the physical medium where
data is stored but retains responsibility for data security and privacy.
STORAGE - customer challenges & responsibilities
Customer challenges and responsibilities
without of control of the physical medium

Inability to securely wipe physical storage and possibility of another

tenant being allocated the same previously allocated storage space
Customer retains responsibility for secure deletion
Compensating controls for the lack of physical control
of the storage medium include:
-only storing data in an encrypted format
–retaining control of the keys needed to decrypt the data

Together, these permit crypto-shredding when data is no

longer needed, rendering any recoverable fragments useless.
Management plane management plane control = environment control

Provides the tools (web interface and APIs) necessary to configure,

monitor, and control your cloud environment.
Provides virtual management options equivalent to the physical
administration options a legacy data center would provide.
e.g. powering VMs on/off, provisioning VM resources, migrating a VM

You interact with the management plane through tools including the
CSP’s cloud portal, PowerShell or other command line, or client SDKs
Separate from and works with the and the .

Control Plane and Data Plane

Control plane is what you are calling when you create top-level cloud resources
with ARM & Bicep (Azure), CloudFormation (AWS) or Terraform (Infrastructure-as-Code)
Data plane performs operations on resources created through the control plane
Securing the Management plane

Cloud Portal. the main web interface for the CSP platform.
Azure portal, AWS Management console, Google Cloud console

Scheduling. the ability to stop/start a resource at a scheduled time.

Instance Scheduler or Lambda (AWS), Azure Automation or Functions

Orchestration. automating processes to manage resources, services,

and workloads, and Infrastructure-as-Code (IaC) deployments.
CloudFormation (AWS), Azure DevOps, Cloud Build (GCP)

Maintenance. update, upgrade, security patching, etc.

Secure the management plane interfaces with multi-factor auth

(MFA), role-based access control (RBAC), and role management.
3. Cloud Platform and Infrastructure Security
3.2 Design a Secure Data Center

Logical design
(e.g., tenant partitioning, access control)

Physical design
(e.g., location, buy or build)

Environmental design
(e.g., Heating, Ventilation, and Air Conditioning (HVAC),
multi-vendor pathway connectivity)

Design Resilient
Logical design
The logical design of a data center is an abstraction
In the now legacy co-location (colo) scenario, customers were
separated at the server rack or cage-level.
In logical data center design in the cloud, customers utilize
software and services provided by the CSP.
The logical design of the cloud infrastructure should :
- create tenant partitioning or isolation
- limit and secure remote access
- monitor the cloud infrastructure
- allow for the patching and updating of systems

The CCSP exam focuses on “tenant partitioning” and “access control”.

Tenant partitioning
Logical isolation in CSP multitenancy makes cloud computing more
affordable but create some security and privacy concerns.
If isolation between tenants is breached, customer data is at risk.
Multitenancy is a concept developed decades ago:
- business centers physically housed multiple tenants
- colocation data centers supported multiple customers
The risk in these scenarios is largely physical (server, rack, cage)
In the public cloud, tenant partitioning is largely logical.
Customers are sharing capacity across the CSP datacenter,
including physical components.

CSP and tenant share responsibility for implementing and enforcing

controls that address the unique multitenant risks of the public cloud.
Access control
When creating a logical data center, access control is a primary concern.

A single point of access makes access control simpler and facilitates

monitoring, but any single point can become a failure point as well.

(single login for on-premises and cloud)

can simplify identity and access management (IAM)
– One method of access control is to federate a customer’s existing
IAM system with their CSP tenant
– Another method to facilitate IAM between cloud and on-premises
resources is identity as a service (IDaaS)
Azure Active Directory (used with Office 365) or
Google’s Cloud Identity (used with Google Workspace)
 ACCESS CONTROL

Remote Desktop Protocol (RDP): the native remote access protocol for Windows
operating systems.
Secure Shell (SSH): the native remote access protocol for Linux operating
systems, and common for remote management of network devices.
RDP and SSH both support encryption and MFA
Secure Terminal/Console-Based Access: a system for secure local access.
A KVM (keyboard video mouse) system with access controls
Jumpboxes: a bastion host at the boundary of lower and higher security zones.
CSPs offer services for this: Azure Bastion, AWS Transit Gateway
Virtual Clients: software tools that allow remote connection to a VM for use as if
it is your local machine.
e.g. Virtual Desktop Infrastructure (VDI) for contractors
Physical design - Build vs buy
Building your own datacenter from scratch and buying an
existing facility each have their advantages and disadvantages

Requires significant investment Generally, lower cost of entry

to build a robust data center (especially in shared scenario)
Offers the most control over Less flexibility in service design
datacenter design (limited to what provider offers)
Requires knowledge and skill to Shared datacenters come with
match quality of BUY option additional security challenges

CSPs offer many advantages of “build” at a “buy” price tag

Physical design – considerations
One of the first considerations in datacenter design is location

Availability of affordable, stable, Physical site security (vehicular

resilient electricity approaches, visibility)
Natural disaster exposure (flood, Location relative to existing
hurricane, tornado, etc.) customer datacenters (BCDR)
Availability of high-speed, Geographic location relative to
redundant Internet connectivity customers
Availability of other utilities

When you move to the public cloud, most of these are CSP
decisions. Customer just chooses which CSP region(s)
 There is no security without physical security
Physical Security but in the cloud, this is a CSP responsibility

Know the challenges of physical security, which belong to the CSP

A strong fence line of sufficient Visitor access procedures with

height and construction controlled entry points
Lighting of facility perimeter Interior access controls (badges,
and entrances key codes, secured doors)
Video monitoring and alerting Fire detection and prevention
systems
Electronic monitoring for
tampering Protection of sensitive assets,
systems, wiring closets, etc.

Due to it’s cloud focus, the CCSP exam spends little time on physical
security, focusing more on aspects of logical security and design.
Datacenter tier standard
HIGHER Availability and uptime are often used
TIER IV: Fault-Tolerant
Site Infrastructure interchangeably, but there is a difference

Uptime simply measures the amount of

TIER III: Concurrently time a system is running
AVAILABILITY

Maintainable Site
Infrastructure
Availability encompasses availability of the
infrastructure, applications, and services
TIER II: Redundant
Site Infrastructure Generally expressed as a number of 9’s,
such as five nines or 99.999% availability

TIER I: Basic Site Should be measured by cloud consumer to

Infrastructure
ensure the CSP is meeting SLA obligations.
LOWER
Datacenter tier standard
HIGHER
TIER IV: Fault-Tolerant
Site Infrastructure

TIER III: Concurrently

AVAILABILITY

Maintainable Site The Uptime Institute publishes specifications

Infrastructure
for physical and environmental redundancy,
expressed as tiers, that organizations can
TIER II: Redundant implement to achieve high availability (HA).
Site Infrastructure

TIER I: Basic Site

Infrastructure
LOWER
Datacenter tier standard
HIGHER involves no redundancy and the most amount
TIER IV: Fault-Tolerant
Site Infrastructure of downtime in the event of unplanned
maintenance or an interruption.

TIER III: Concurrently must have an uninterruptible power

AVAILABILITY

Maintainable Site
supply that can handle brief power
Infrastructure
outages, as well as sags and spikes

TIER II: Redundant must also have dedicated cooling

Site Infrastructure equipment that can run on 24/7, and a
generator to handle extended power outages

TIER I: Basic Site expected to provide 99.671% availability

Infrastructure
LOWER
Datacenter tier standard
HIGHER provides partial redundancy, meaning an
TIER IV: Fault-Tolerant
Site Infrastructure unplanned interruption will not necessarily
cause an outage

TIER III: Concurrently adds redundant components for important

AVAILABILITY

Maintainable Site cooling and power systems

Infrastructure
facilities must also have the ability to store
TIER II: Redundant additional fuel to support the generator
Site Infrastructure
expected to provide 99.741% availability

TIER I: Basic Site

Infrastructure
LOWER
Datacenter tier standard
HIGHER adds even more redundant components
TIER IV: Fault-Tolerant
Site Infrastructure
has a major advantage in that it never needs
to be shut down for maintenance
TIER III: Concurrently
AVAILABILITY

Maintainable Site enough redundant components that any

Infrastructure
component can be taken offline for
maintenance and data center continues to run
TIER II: Redundant
Site Infrastructure expected to provide 99.982% availability

TIER I: Basic Site

Infrastructure
LOWER
Datacenter tier standard
HIGHER can withstand either planned or unplanned
TIER IV: Fault-Tolerant
Site Infrastructure activity without affecting availability

this is achieved by eliminating all single

TIER III: Concurrently points of failure
AVAILABILITY

Maintainable Site
Infrastructure
and requires fully redundant infrastructure,
including dual commercial power feeds,
TIER II: Redundant dual backup generators
Site Infrastructure
expected to provide 99.995% availability

TIER I: Basic Site

Infrastructure
LOWER
Heating, Ventilation, and Air Conditioning
An HVAC failure can reduce availability of computing
resources, just like a power failure.
Customer reviews of the CSP should include the adequacy
and redundancy of HVAC systems.
A number of documents can help assess HVAC concerns,
such as a SOC-2 Type ll report.
Because of the confidential info in a SOC 2 Type II, some CSPs
will require a nondisclosure agreement (NDA) prior to sharing.

A routine review of the most current SOC 2 report is a critical part

of a cloud customer’s due diligence in CSP evaluation.
 WHAT IS AN SOC 2 TYPE 2 REPORT?

(SSAE)
SSAE 18 is an audit standard to enhance the quality and usefulness of
System and Organization Control (SOC) reports.
designed for larger organizations, such as cloud providers
(the cost of a Type 2 report can run $30,000 or more).
SOC-2 Type 1
report that assesses the design of security processes at a specific
point in time.
SOC-2 Type 2
(often written as “Type II”) assesses how effective those controls are
over time by observing operations for six months.
 CSSP EXAM CRAM
THE COMPLETE COURSE

Retrieving a SOC-2 Type

ll report from a CSP

EXAMPLE FOR CONTEXT:

Process will vary by CSP
Multivendor Pathway Connectivity Protects availability

Connectivity to data center locations from more than one internet

service provider (ISP) is multi-vendor pathway connectivity

Using multiple vendors is a proactive way for CSPs to

mitigate the risk of losing network connectivity.
Best practice for CSPs or data centers is dual-entry, dual-
provider for high availability:
Two providers, entering the building from separate locations

Cloud customers should consider multiple paths for

communicating with their cloud vendor.
 are engineered to respond
positively to changes or disturbances, such as
natural disasters or man-made disturbances.

DOMAIN 3: Cloud Platform & Infrastructure Security

Design Resilient

A few examples of resilient design:

✓ HA firewalls, active-passive or active-active

✓ Multi-vendor pathway connectivity
✓ Web server farm (behind redundant load balancers)
✓ Database cluster (Windows / Linux cluster feature)

Service-level resiliency requires identifying single

points of failure throughout the service chain
3. Cloud Platform and Infrastructure Security
Analyze Risks Associated with Cloud
3.3 Infrastructure and Platforms

Risk assessment
(e.g., identification, analysis)

Cloud vulnerabilities, threats and attacks

Risk mitigation strategies

Risk assessment, Identification, and analysis

The risk management process is fundamental to information

security, since the entire practice involves mitigating and
managing risks to data and information systems.

Careful selection of CSPs and the development of SLAs and other

contractual agreements are critical to mitigating risk
Organizations can balance cost savings with risk by building a
system on top of IaaS or PaaS, rather than utilizing a SaaS solution.
IaaS means more control, more responsibilities, and risks

and confirming their CSP does the same!

Customers must be proactive in addressing their responsibilities
under the shared responsibility model.
Risk assessment - IDENTIFICATION
Identifying risks is the first step in managing them and begins
with identification of the organization's valuable assets

Security practitioners and risk managers can then begin to

identify potential causes of disruption to the assets.

RISK FRAMEWORKS
Several exist that provide processes and procedures for
designing and implementing a risk management framework.
- ISO/IEC 31000:2018, Risk Management Guidelines
- NIST SP 800-37, Guide for Applying the Risk Management
Framework to Federal Information Systems
 Assigns a to evaluate
effectiveness of countermeasures
Objective, ensure controls are cost effective

D O M A I N 3 : RISK ASSESSMENT
Risk assessment - IDENTIFICATION

Risks specific to cloud environments

should be identified when making the
decision to use a cloud service.
Risk assessment - ANALYSIS
Analyzing identified risks continues the
conversation started by “What could go wrong?”

Analysis seeks to answer two questions:

What will the impact be if that goes wrong?
Single loss expectancy (SLE) - $
How likely is it to happen?
Annualized Rate of Occurrence (ARO) - decimal
An impact that happens twice a year has an ARO of 2.0
An impact that happens once every two years has an ARO of 0.5
An impact that happens once every five years has an ARO of 0.2
Risk assessment - ANALYSIS
Analyzing identified risks continues the
conversation started by “What could go wrong?”

Analysis seeks to answer two questions:

What will the impact be if that goes wrong?
Single loss expectancy (SLE) - $
How likely is it to happen?
Annualized Rate of Occurrence (ARO) - decimal

With these two figures, we can determine our

annualized loss expectancy (ALE)
 D O M A I N 3 : CALCULATING RISK

The possible yearly cost of all instances of a

specific realized threat against a specific asset.
Risk assessment - ANALYSIS
Analyzing identified risks continues the
conversation started by “What could go wrong?”

Analysis seeks to answer two questions:

What will the impact be if that goes wrong?
Single loss expectancy (SLE) - $
How likely is it to happen?
Annualized Rate of Occurrence (ARO) - decimal

formula ALE = SLE x ARO

Risk assessment - ANALYSIS
SCENARIO: It is estimated a tornado may strike a branch office
once every 5 years, causing 30% loss to a $1,000,000 building.

Calculating the cost of a single occurrence (SLE)

What will the impact be if that goes wrong?
Single loss expectancy (SLE) - $
How significant will the loss be?
Exposure factor (EF) - %

formula SLE = Asset value (AV) x EF

Risk assessment - ANALYSIS
SCENARIO: It is estimated a tornado may strike a branch office
once every 5 years, causing 30% loss to a $1,000,000 building.

Calculating the cost of a single occurrence (SLE)

What will the impact be if that goes wrong?
Single loss expectancy (SLE) - $
How significant will the loss be?
Exposure factor (EF) - %

EXAMPLE $1,000,000 X 0.30 = $300,000

Building Expected loss Single loss
(our EF) expectancy (SLE)
Risk assessment - ANALYSIS
SCENARIO: It is estimated a tornado may strike a branch office
once every 5 years, causing 30% loss to a $1,000,000 building.

Calculating the cost of annualized cost (ALE)

What will the impact be if that goes wrong?
Single loss expectancy (SLE) - $300,000
How likely is it to happen?
Annualized rate of occurrence (ARO) - 0.2

$300,000 X 0.2 = $60,000

EXAMPLE Single loss Annualized rate Annualized loss
expectancy (SLE) of occurrence expectancy (ALE)
 D O M A I N 3 : ANALYZE CLOUD RISKS

Analysis of a CSP or cloud solution and the associated

risks involves many departments and focus areas:

-Business units
-Vendor management
-Privacy
-Information security

CSP operations should also be considered, but most

major CSPs are audited for ISO/IEC 27001, 27017,27018
 D O M A I N 3 : ANALYZE CLOUD RISKS

There are standards to guide CSPs in their preparation

or customer evaluation of cloud service providers.

ISO/IEC 27001
a framework for policies and procedures that include legal, physical, and technical
controls involved in an organization’s information risk management processes.

ISO/IEC 27017 Covered in depth in Domain 1 (section 1.5)

a security standard developed for cloud service providers and users to make a
safer cloud-based environment and reduce the risk of security problems.

ISO/IEC 27018 Will be covered in depth in Doman 6 (section 6.2)

the first international standard about the privacy in cloud computing services
 CSSP EXAM CRAM
THE COMPLETE COURSE

Validating CSP compliance with

ISO/IEC 27001, 27017, & 27018

EXAMPLE FOR CONTEXT:

Location will vary by CSP
 D O M A I N 3 : ANALYZE CLOUD RISKS

Risks with a cloud solution are mainly associated with

data privacy and information security:
Authentication Risk
Does the CSP provide a solution or is this a customer responsibility?
Customer-managed or CSP-managed?
Data Security
How a vendor encrypts data at rest, strength of the cryptography,
and access controls that prevent unauthorized access by cloud
service personnel or other tenants.
Some controls on by default, customer may have to
enable others
 D O M A I N 3 : ANALYZE CLOUD RISKS

Risks with a cloud solution are mainly associated with

data privacy and information security:
Supply Chain Risk Management (SCRM)
Evaluation of vendor security policies and processes.
Most CSPs do not allow direct auditing of their operations, due to
the number of customers they support.
Instead, they provide standardized reports and assurance
material regarding their security practices, such as
- SOC 2 report
- ISO 27001 certification
HIPPA, FedRAMP,
- Specialized reports for regulated data
ISO/IEC 27017, 27018
 D O M A I N 3 : ANALYZE CLOUD RISKS

One risk that has been discussed is the organization losing

ownership and full control over system hardware assets.
Careful selection of CSPs and the development of SLAs and other
contractual agreements are critical to limiting risk
Organizations can balance cost savings with risk by building a
system on top of IaaS or PaaS, rather than utilizing a SaaS solution.
REMEMBER: The service model affects the level of control!

Regardless of which deployment or service model is used, some

risks are common to all cloud computing environments.
 D O M A I N 3 : ANALYZE CLOUD RISKS

Geographic dispersion of the CSP data centers

If the cloud service is properly architected, a disruption at one data
center should not cause a complete outage.
Customers must verify the resilience and continuity
controls in place at the CSP
Downtime
Resilience for network disruptions can be built in multiple ways,
such as multivendor connectivity, zones and regions.
Discussed in ‘cloud shared considerations’ in Domain 1
 D O M A I N 3 : ANALYZE CLOUD RISKS

Compliance
Privacy data in some jurisdictions cannot be transferred to other
countries, so data dispersion is inappropriate.
Major CSPs have compliance-focused service offerings
General technology risk
Cloud systems are not immune to standard security issues like
cyberattacks.
CSP defenses should be documented and tested, and
customers aware of their configuration responsibilities
Risk types
Different threat actors, ranging from competitors and script kiddies to
criminal syndicates and state actors.
Capabilities depend on tools, experience, and funding.
Other external environmental threats, such as fire and floods, and man-
made threats, such as the accidental deletion of data or users.

A malicious insider, a threat actor who may be a dissatisfied employee

(someone overlooked for a promotion).
Another internal threat is human error, which is when data is
accidentally deleted.
Customer should know who is responsible for configuration

CSPs also face these risks. Customers should verify their

CSP has addressed them or provided tools to help customers
Cloud vulnerabilities, threats and attacks
The primary vulnerability in the cloud
is that it is an Internet-based model

Organizations could be at risk if the CSP’s public-facing

infrastructure comes under attack
Any attack on your CSP or cloud vendor may be
unrelated to you as an organization
Threat actors may be targeting the CSP or another
tenant of the CSP
Risks can come from the other tenants as well.
Customers may be “collateral damage” of an attack on the CSP!
Cloud vulnerabilities, threats and attacks

The Cloud Security Alliance details the top cloud-specific security

threats in their list titled “The CSA Egregious 11”

1. Data Breaches 6. Insider threat

2. Misconfiguration and 7. Insecure interfaces and APIs
inadequate change control 8. Weak control plane
3. Lack of cloud security 9. “Metastructure” and
architecture and strategy “applistructure” failures
4. Insufficient identity, credential 10. Limited cloud usage visibility
access and key management
11. Abuse and nefarious use of
5. Account hijacking cloud services
 CLOUD VULNERABILITIES, THREATS, AND ATTACKS

Data breaches Unintentional loss/oversharing is a “data leak”

Loss of sensitive data (PII, PHI, intellectual property) due to security breach.
Misconfiguration and inadequate change control
Software can offer the most secure configuration options, but if it is not properly
set up, then the resulting system will have security issues.
Remediate risk through change and configuration management
Lack of cloud security, architecture, and strategy
As organizations migrate to the cloud, some overlook security, or fail to consider
their obligations in the shared responsibility model.
Insufficient identity, credential access, and key management
The public cloud offers benefits over legacy on-premises environments but can
also bring additional complexities.
Well-architected identity and access management (IAM), encryption,
secret and key management are different than on-prem and essential
 CLOUD VULNERABILITIES, THREATS, AND ATTACKS

Account hijacking  Phishing is the most common approach

Credential theft, abuse, and/or elevation to carry out an attack.
Insider threat
Disgruntled employees, employee mistakes, and unintentional over-sharing.
Job rotation, privileged access management, auditing, security training
Insecure interfaces and APIs
Customers failing to secure access to systems gated by APIs, web consoles, etc.
Controls include MFA, RBAC, and key-based API access
Weak control plane
Weaknesses in the elements of a cloud system that enable cloud environment
configuration and management (web console, CLI, and APIs)
Most CSPs offer reference architectures to ensure customers
secure and isolate their dev/test/prod environments and data
 CSSP EXAM CRAM
THE COMPLETE COURSE

Insider threat protections

offered by CSPs

EXAMPLE FOR CONTEXT:

Capabilities will vary by CSP
 CLOUD VULNERABILITIES, THREATS, AND ATTACKS

Metastructure and applistructure failures

Vulnerabilities in the operational capabilities that CSPs make available, like APIs for
accessing various cloud services.
If the CSP has inadequately secured these interfaces, any resulting solutions built on
top of those services will inherit these weaknesses.
Metastructure. The protocols and mechanisms that provide the interface between
the cloud layers, enabling management and configuration.
Applistructure. Applications deployed in the cloud and the underlying application
services used to build them.
e.g. PaaS features like message queues, functions, and message services

Responsibility? Mitigation?
Mitigating risks in this area is the responsibility of the CSP. Customers should
verify the CSP has implemented their own SSDLC to ensure service security.
 CLOUD VULNERABILITIES, THREATS, AND ATTACKS

Limited cloud usage visibility

Refers to when organizations experience a significant reduction in visibility over
their information technology stack.
This is because in some models, the CSP own the stack!

Abuse and nefarious use of cloud services

While the low cost and high scale of compute in the cloud is an advantage to
enterprises, it is an opportunity for attackers to execute disruptive attacks at scale.
Makes executing DDoS and phishing attacks easier, so CSPs
must implement mitigating security controls for these risks
Risk mitigation strategies
There are several approaches to risk mitigation in cloud environments.

Selecting a qualified CSP is an essential first step.

The next step is designing and architecting with security in mind.
Security should be considered at every step starting with design!

The next risk mitigation tool is encryption, and data should be encrypted at
rest and in-transit.
Storage and database encryption at rest, TLS and VPN in-transit

Finally, ongoing monitoring and management to maintain posture.

Major CSPs provide the ability to manage and monitor configuration
security, and to monitor changes to cloud services, and track usage
 CSSP EXAM CRAM
THE COMPLETE COURSE

Ongoing monitoring to
maintain security posture

EXAMPLE FOR CONTEXT:

Capabilities will vary by CSP
3. Cloud Platform and Infrastructure Security
3.4 Design and Plan Security Controls

Physical and environmental protection

(e.g. on-premises)

System, storage and communication

protection

Identification, authentication and

authorization in cloud environments

Audit mechanisms
(e.g. log collection, correlation, packet capture)
Physical and environmental protection
The primary consideration is the site location, as it will have
an impact on both physical and environmental protections.
Cloud data centers share requirements with traditional
colocation providers or individual data centers, including:
– ability to restrict physical access at multiple points
– ensuring a clean and stable power supply
– adequate utilities like water and sewer
– the availability of an adequate workforce
These are customer responsibilities in on-premises
(private) cloud, and CSP responsibility in the public cloud
Physical and environmental protection
The primary consideration is the site location, as it will have
an impact on both physical and environmental protections.
Cloud data centers share requirements with traditional
colocation providers or individual data centers, including:
– ability to restrict physical access at multiple points
– ensuring a clean and stable power supply
– adequate utilities like water and sewer
– the availability of an adequate workforce
Expect less exam focus on physical considerations since
it’s a CSP area of responsibility for public cloud
site selection & facility design
Key elements in site selection and facility design.

For site selection

Visibility, composition of the surrounding area, area
accessibility, and the effects of natural disasters.
These are all problems for the CSP in public cloud

Customers should focus on selecting CSP datacenter

locations to meet disaster recovery and data residency
Remember CSPs auto-select region pairs for redundancy!
Site selection
REGION PAIRS
chosen by the CSP (Microsoft)

300+ miles
System, storage, and communication protection
System and Communication Protection Technology
Encrypt and protect data: Protect systems and services:
✓ at rest ✓ DoS/DDoS
✓ in transit ✓ Boundary (ingress and egress)
✓ in use ✓ Key Management
Security practices People and processes
✓ Automation of configuration
✓ Responsibilities for protecting cloud
systems and services Customer and CSP roles
vary based on the “Shared
✓ Monitoring and maintenance
Responsibility Model”
System, storage, and communication protection
Properly securing information systems can be a difficult task
due to the sheer number of elements that make up a system.
Breaking systems down into components and then applying
security controls can make the overall task more manageable.
One source for controls is NIST Special Publication 800-53, “Security and
Privacy Controls for Information Systems and Organizations”, which
contains a family of controls specific to systems and communications

The NIST control family includes 50+ controls, many

relevant to system, storage, and communication protection
System, storage, and communication protection
Properly securing information systems can be a difficult task
due to the sheer number of elements that make up a system.

- Policy and Procedures

- Separation of System and User Functionality
- Security Function Isolation
- Denial-of-Service Protection
- Boundary Protection
- Cryptographic Key Establishment and Management
System, storage, and communication protection
Policy and Procedures
Establish requirements for system protection, and define the
purpose, scope, roles, and responsibilities needed to achieve it.
Separation of System and User Functionality
A basic security principle that ensures that no single person
can control all the elements of a critical function or system.
Separating user and admin functions can also prevent users
from altering processes or misconfiguring systems.
Security Function Isolation
Separating security-specific functions from other roles is
another example of separation of duties.
e.g. configuring data security controls like
encryption and logging configuration
System, storage, and communication protection
Denial-of-Service Protection
A disruptive attack at scale that is more difficult for smaller
organizations to combat effectively.
Most CSPs offer DoS/DDoS mitigation as a service, and there are
also dedicated providers like Akamai and Cloudflare.
e.g. Azure DDoS, AWS Shield, Google Cloud Armor
Boundary Protection
Deals with both ingress and egress protections, including:
✓ Preventing malicious traffic from entering the network
✓ Preventing malicious traffic from leaving your network
✓ Protecting against data loss (exfiltration)
✓ Configuring rules/policies in routers, gateways, or firewalls
System, storage, and communication protection
Cryptographic Key Establishment and Management
Cryptography provides a number of security functions including
confidentiality, integrity, and nonrepudiation.
like TLS or a VPN can be used to provide
confidentiality.
can be implemented to detect unintentional data
modifications. integrity
Additional security measures like or hash-
based message authentication code (HMAC) can be used to
detect intentional tampering.
HMAC can simultaneously verify both data integrity
and message authenticity
Identification, Authentication, and authorization

Identity

Authentication (AuthN) is the process of

proving that you are who you say you are.
Authorization (AuthZ) is the act of granting an
AuthN and
authenticated party permission to do something.
AuthZ
Access
Identification, Authentication, and authorization

Permissions, rights, and privileges are

granted to users based on their proven identity.
If user has assigned rights to a resource, they
AuthN and
are granted authorization.
AuthZ
Users should be granted minimum necessary permissions.
This is the principle of least privilege.
ACCOUNTABILITY
Users who perform activities on a system are held
accountable for following policies and procedures
is typically enforced with adequate logging
and monitoring of system activity
Cloud challenges in enforcing accountability
– SaaS apps used as users travel make identifying
anomalous / malicious behavior more difficult
– Bad password practices (reuse across services)
– Use of personal devices in BYOD scenarios
Modern IDaaS tools provide solutions for these challenges
Multifactor authentication (mfa)

MFA works by requiring two or more of

the following authentication methods:

MFA
MFA factors and attributes

Something you know (pin or password)

Something you have (trusted device)
Something you are (biometric)
MFA
Time-based one-time
Software OATH passwords (TOTP)

Authenticator app Voice call SMS (text msg) OATH HW token

MFA factors and attributes
includes two or more authentication factors
more secure than using a single authentication
factor
passwords are the weakest form of authentication
password policies help increase their security by
enforcing complexity and history requirements
Smartcards include microprocessors and
cryptographic certificates
Oath tokens create one-time passwords (OTP)
Biometric methods identify users based on
individual characteristics such as fingerprints and
facial recognition
conditional authentication policies

image credit: Microsoft

signal > decision > enforcement
Authentication methods
Authentication applications “Authenticator apps”
is a software-based authenticator that implements two-step verification services using
the Time-based One-time Password Algorithm and HMAC-based One-time Password
algorithm, for authenticating users of software applications.

Examples include Microsoft Authenticator and Google Authenticator.

Authenticator apps from companies like Microsoft and Google generate one-time
passcodes using open standards developed by the Initiative for Open Authentication (OATH).
You’ll hear HMAC and TOTP tokens called OATH tokens with some of these providers.

Push notifications
where the server is pushing down the authentication information to your mobile device.
uses the mobile device app to be able to receive the pushed message and display the
authentication information.
 CSSP EXAM CRAM
THE COMPLETE COURSE

Conditional authentication
policies in Identity-aaS

EXAMPLE FOR CONTEXT:

Capabilities will vary by CSP
describe the concept of Federated services
is a collection of domains that have
established trust.
The level of trust may vary, but typically includes authentication and almost
always includes authorization.
Often includes a number of organizations that have established trust for
shared access to a set of resources.

You can federate your on-premises environment with Azure Active Directory
(Azure AD) and use this federation for authentication and authorization.
This sign-in method ensures that all user authentication occurs on-
premises.
Allows administrators to implement more rigorous levels of access control.
Certificate authentication, key fob, card token
identity federation (example) may be cloud or on-premises

Facebook Azure AD
idP-A trusts idP-B

idP-B idP-A

User authenticates Website (app or services)

with idP-B authenticates with idP-A

shared access

user website

trust is not always bi-directional

Audit mechanisms

Cloud services will offer different controls over

what information is logged…

but at a minimum level of security-relevant events,

Collection such as use of or changes to privileged accounts

A log aggregator can ingest logs from all

on-premises and cloud resources for review.

Both were discussed in Domain 2

NIST SP 800-53 and the OWASP logging cheat sheet offer

guidance on specific information to capture in audit records.
 AUDIT MECHANISMS

Refers to the ability to discover relationships

between two or more events across logs.
This capability is commonly associated with a SIEM,
which correlates events in logs from many sources
Packet capture and replay
Packet capture tools are also called protocol analyzers

The cloud environment may not provide any facility for

capturing packets, particularly in SaaS scenarios
Wireshark: a free, open-source protocol analyzer, with CLI
and GUI versions, available for Windows and Linux.
Some CSPs support Wireshark, others have specialized
services to perform packet capture on virtual networks.
e.g. Network Watcher (Azure), AWS supports Wireshark
Some CSP protocol analyzers can save the data that they
collect to a Wireshark-compatible packet capture file (PCAP).
3. Cloud Platform and Infrastructure Security
Plan Disaster Recovery (DR) and
3.5 Business Continuity (BC)

Business continuity (BC) / disaster recovery

(DR) strategy

Business requirements
(e.g. Recovery Time Objective (RTO), Recovery Point Objective
(RPO), recovery service level)

Creation, implementation and testing of plan

BCP vs DRP
Business Continuity Planning (BCP) vs Disaster Recovery
Planning (DRP) – What is the difference?

BCP focuses on the whole business

DRP focuses more on the technical aspects
of recovery
BCP will cover communications and
process more broadly

BCP is an umbrella policy and DRP is part of it

goals of drP and bcp
What are the core goals of disaster recovery
and business continuity planning?

Minimizing the effects of a disaster by:

Improving responsiveness by the employees in
different situations.
Easing confusion by providing written procedures
and participation in drills
Helping make logical decisions during a crisis
BCP Definitions
Some BCP-related definitions worth knowing

BRP (Business Resumption Plan)

the plan to move from the disaster recovery site back to
your business environment or back to normal operations.
MTBF (Mean Time Between Failures)
a time determination for how long a piece of IT
infrastructure will continue to work before it fails.
MTTR (Mean Time to Repair)
a time determination for how long it will take to get a piece
of hardware/software repaired and back on-line.
BCP Definitions
Some BCP-related definitions worth knowing

MTD (Max tolerable downtime)

The amount of time we can be without the asset that is
unavailable BEFORE we must declare a disaster and initiate
our disaster recovery plan.
BCDR strategy
Important BCP-related definitions for the exam

BCP (Business Continuity Plan) Business-focused

The overall organizational plan for “how-to” continue
business after an event has occurred.
A proactive risk mitigation strategy that contains likely
scenarios that could affect the organization and
guidance on how the organization should respond
Sometimes called a continuity of operations plan (COOP)
DRP (Disaster Recovery Plan) Tech-focused
the plan for recovering from an IT disaster and having
the IT infrastructure back in operation.
Business impact analysis
The business impact assessment (BIA) is used to
determine which processes are critical and which are not.

Measures the impact of specific systems and processes.

Any that are deemed critical to the organization’s
functioning must be prioritized in an emergency situation.
A BIA typically contains a cost-benefit analysis (CBA) and
a calculation of the return on investment (ROI).
BCp/DRp from a CSP perspective
A cloud data center that is affected by a natural
disaster will likely activate multiple BCPs and DRPs.

CSP will activate both plans to deal with the interruption to

their service.
One key element of the BCP is communicating incident
status to relevant parties.
BCp/DRp from a CUSTOMER perspective
The customer is responsible for determining how
to recover in the case of a disaster in the cloud.

Customer may choose to implement backups, or utilize

multiple availability zones, load balancers, or other techniques.
CSPs can further protect customers by not allowing two
availability zones within a single physical datacenter within a
cloud region.

Let’s revisit the concept of availability zones

in a cloud datacenter (covered in Domain 1)
Describe core architecture components
Availability Zones Zone redundant

Unique physical locations within

a region with independent
power, network, and cooling

Comprised of one or more

datacenters

Tolerant to datacenter failures

via redundancy and isolation
FOCUS: datacenter
failures within a region
BCp/DRp from a CUSTOMER perspective
The customer is responsible for determining how
to recover in the case of a disaster in the cloud.

Customer may choose to implement backups, or utilize

multiple availability zones, load balancers, or other techniques.
CSPs can further protect customers by not allowing two
availability zones within a single physical datacenter within a
cloud region.

Major CSPs have multiple datacenters within a

region so it can be safely assumed this is true.
 COMMUNICATION PLAN

The plan that details how relevant stakeholders will be informed in

event of an incident. (like a security breach)
Would include plan to maintain confidentiality, such as encryption
to ensure that the event does not become public knowledge.
Contact list should be maintained that includes stakeholders from
the government, police, customers, suppliers, and internal staff.

Compliance regulations, like GDPR, include notification

requirements, relevant parties and timelines

Confidentiality amongst internal stakeholders is desirable so

external stakeholders can be informed in accordance with the plan.
 STAKEHOLDER MANAGEMENT

When we have an incident, there are multiple groups of relevant

stakeholders that we need to inform and manage, and may include:
-Internal stakeholders
-Cyber insurance provider
-Business partners
-Customers
-Law enforcement

A stakeholder is a party with an interest in an enterprise;

corporate stakeholders include investors, employees, customers,
and suppliers.

Regulated industries, such as banking and healthcare will have

requirements driven by the regulations governing their industries.
Business requirements

is the age of data that must be recovered

from backup storage for normal operations
to resume if a system or network goes down

is the duration of time and a service level

within which a business process must be
restored after a disaster in order to avoid
unacceptable consequences associated
with a break in continuity.

SLAs between a company and customers will influence RPO and RTO
Business requirements
measures the compute resources needed
to keep production environments running
during a disaster.
is a percentage measure (0-100%) of how
much computing power you will need
during a disaster
based upon a percentage of computing
used by production environments versus
others, such as development, test, and QA
Answers ‘what needs to be migrated to keep production running?’

EXAMPLE: a 10-web server environment that uses 8 for dev, test,

and QA, only 2 would need to be migrated for production.
 CSSP EXAM CRAM
THE COMPLETE COURSE

Data backup and retention

features in PaaS services

EXAMPLE FOR CONTEXT:

Capabilities will vary by CSP
BCDR Plan Creation, implementation and testing
Design

Report and Implement

Revise the Plan

Test the
Plan
BCDR Plan Creation, implementation and testing
Design

Based on priorities
Report and Implement
from the business
Revise the Plan
impact analysis (BIA)

Test the FEMA and Infragard can advise

Plan on likely disasters for a region
BCDR Plan Creation, implementation and testing
Design

Implement the plan

Report and Implement
to protect critical
Revise the Plan
business functions

Identifying key personnel is a

Test the crucial implementation step
Plan
BCDR Plan Creation, implementation and testing
Design

Report and Implement Testing ensures both

Revise the Plan the BCP/DRP function
as expected

Test the
Plan
BCDR Plan Creation, implementation and testing
Design
Testing ensures both
the BCP/DRP function
as expected
Report and Implement
Revise the Plan
AND that people
know their roles and
responsibilities

Test the Testing both BCP and

Plan DRP plans is essential
BCDR Plan Creation, implementation and testing
Design

BCP/DRP should be
Report and Implement
revised as necessary
Revise the Plan
based on test results

BCP/DRP plans evolve and

Test the need refinement over time
Plan
DRP test scenarios
A BCP and DRP should be tested at least annually.
Common disaster scenarios include the following:
✓ Data breach ✓ Natural disasters
(e.g., fire, flooding, tornado,
✓ Data loss
hurricane, or earthquake)
✓ Power outage or loss of
other utilities ✓ Civil unrest or terrorism

✓ Network failure ✓ Pandemics

The plan should test the most likely scenarios

first and can be tested in a number of ways.
DISASTER RECOVERY TESTS

Members of the disaster recovery team gather in a large

conference room and role-play a disaster scenario.
Usually, the exact scenario is known only to the test moderator,
who presents the details to the team at the meeting.
The team members refer to the document and discuss the
appropriate responses to that particular type of disaster.
Role play only, minimal impact on productivity
DISASTER RECOVERY TESTS

In this test, some of the response measures are tested (on non-
critical functions).

Involves actually shutting down operations at the primary site

and shifting them to the recovery site.
When the entire organization takes part in an unscheduled,
unannounced practice scenario, of full BC/DR activities.
 The cost of building resiliency should be
implementation less than the cost of business interruption.

Implementing BCP or DRP processes may necessitate

utilizing cloud computing for critical services.

Customers can take advantage of the cloud’s high

availability features like:
✓ multiple availability zones
✓ automatic failover to backup region(s)
✓ direct connection to a CSP.
These choices come with costs that must be considered.

The cost of high availability in the cloud is generally less than

a company trying to achieve high availability on their own
INSIDE CLOUD

THANKS
F O R W A T C H I N G!