CCSP Domain 5: Operations shape secure cloud infrastructure

Last updated:September 2018

Editor's note

American television audiences in the 1980s delighted in watching Fred the Baker, the fictional face of Dunkin’ Donuts’ 15-year advertising campaign, repeatedly declare it was “time to make the doughnuts” as the character dutifully trudged off to work before dawn -- ensuring a fresh batch of doughnuts would be ready when customers arrived. The catchphrase took on a life of its own, coming to symbolize the dedication to doing a job, doing it right and doing it consistently, day in and day out, despite the challenges.

So, what do doughnuts have to do with building and maintaining secure cloud infrastructure? More than you might think. The cloud presents new operational challenges, requiring cloud security professionals to become intimately familiar with and invested in the day-to-day development, planning, implementation, operations, management and security of physical and logical cloud infrastructure. That’s because secure cloud infrastructure doesn’t happen by accident. From access control to patch management to risk assessment and everything in between, protecting cloud resources requires diligent adherence to best practices in all aspects of IT operations and service management. In other words, somebody’s got to make the doughnuts in a cloud data center -- and if not cloud security professionals, then who?

Domain 5 of the CCSP exam, “Operations,” comprehensively covers cloud operations in the context of security. This section of the test examines your understanding of what it takes to design, implement, control, monitor, manage and audit secure cloud infrastructure, including physical and logical resources. Additionally, candidates must demonstrate an understanding of risk cloud assessment, compliance and regulations.

This Security School, based on (ISC)² CCSP training material, covers the fundamentals of Domain 5 of the CCSP exam. Once you've reviewed the parts of this Security School on the operational requirements of maintaining secure cloud infrastructure, take the quiz to see how prepared you are for this portion of the exam.

CCSP® is a registered mark of (ISC)².

1Operational needs of secure cloud infrastructure

Operations comprises a wide range of functions -- including design, development, implementation, management, monitoring and auditing of infrastructure and services -- and each contributes to a secure cloud infrastructure.