Federal Cloud Computing, Second Edition: The Definitive Guide for Cloud Service Providers

Matthew Metheny

  • 出版商: Syngress Media
  • 出版日期: 2017-01-19
  • 售價: $2,670
  • 貴賓價: 9.5$2,537
  • 語言: 英文
  • 頁數: 536
  • 裝訂: Paperback
  • ISBN: 0128097108
  • ISBN-13: 9780128097106
  • 相關分類: 雲端運算
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers, Second Edition offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation.

You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis.

This updated edition will cover the latest changes to FedRAMP program, including clarifying guidance on the paths for Cloud Service Providers to achieve FedRAMP compliance, an expanded discussion of the new FedRAMP Security Control, which is based on the NIST SP 800-53 Revision 4, and maintaining FedRAMP compliance through Continuous Monitoring. Further, a new chapter has been added on the FedRAMP requirements for Vulnerability Scanning and Penetration Testing.

  • Provides a common understanding of the federal requirements as they apply to cloud computing
  • Offers a targeted and cost-effective approach for applying the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)
  • Features both technical and non-technical perspectives of the Federal Assessment and Authorization (A&A) process that speaks across the organization

商品描述(中文翻譯)

《聯邦雲端運算:雲端服務提供商的權威指南,第二版》提供了對聯邦政府內部的聯邦雲端運算相關主題的深入探討,包括聯邦雲端運算策略、雲端運算標準、安全與隱私以及安全自動化等。本書將介紹NIST風險管理框架(RMF)的基礎知識,並特別關注雲端運算環境,涵蓋聯邦風險和授權管理計劃(FedRAMP)流程的各個方面,以及實施評估和授權(A&A)流程的成本效益高的步驟,以及實施持續監控的策略,使雲端服務提供商能夠持續滿足FedRAMP的要求。本書的更新版將涵蓋FedRAMP計劃的最新變化,包括對雲端服務提供商實現FedRAMP合規性的路徑的明確指導,對基於NIST SP 800-53修訂4的新FedRAMP安全控制的擴展討論,以及通過持續監控維持FedRAMP合規性。此外,還新增了一章關於漏洞掃描和滲透測試的FedRAMP要求。本書具有以下特點:


  • 提供對聯邦要求在雲端運算中的共同理解

  • 提供一種針對國家標準與技術研究院(NIST)風險管理框架(RMF)的有針對性且具有成本效益的方法

  • 從技術和非技術的角度介紹了聯邦評估和授權(A&A)流程,適用於組織內的各個層面