دانلود کتاب Cloud Auditing Best Practices: Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans

فهرست مطالب :

Cover Title Page Copyright and Credits Contributors About the reviewers Table of Contents Preface Part 1:The Basics of Cloud Architecture and Navigating – Understanding Enterprise Cloud Auditing Essentials Chapter 1: Cloud Architecture and Navigation Understanding cloud auditing Shared responsibility of IT cloud controls Role of an IT auditor Cloud architecture and service models Cloud architecture Cloud services Navigating cloud provider environments Navigating Amazon AWS EC2 Navigating the Microsoft Azure portal Navigating GCP Summary Chapter 2: Effective Techniques for Preparing to Audit Cloud Environments Preparing to perform a cloud assessment Effective techniques for aligning IT controls to cloud environments Auditing frameworks and governance Basic cloud auditing tools and frameworks Native tools for auditing Amazon AWS Native tools for auditing Microsoft’s Azure portal Native tools for auditing Google Cloud Platform Open-source tools Native tools versus open-source tools Leveraging policy and compliance automation Summary Part 2:Cloud Security and IT Controls Chapter 3: Identity and Access Management Controls User authentication and authorization Example IAM controls Amazon AWS IAM Microsoft Azure GCP Permissions, roles, and groups Key privileged access, roles, and policies Device management Reviewing activity logs AWS Azure GCP Summary Chapter 4: Network, Infrastructure, and Security Controls Security control centers Amazon Virtual Private Cloud Azure Virtual Network Google Cloud Platform Virtual Private Cloud Network controls Amazon Virtual Private Cloud Azure Virtual Network Google Cloud Platform Virtual Private Cloud Security policies Amazon Virtual Private Cloud Azure Virtual Network Google Cloud Platform Virtual Private Cloud Data security Summary Chapter 5: Financial Resource and Change Management Controls Example resource management controls Center for Internet Security (CIS) benchmark controls CSA Cloud Controls Matrix Policies for resource management Performing changes Change management integration and workflows Change history Financial billing and cost controls Financial resource ownership Summary Part 3:Executing an Effective Enterprise Cloud Audit Plan Chapter 6: Tips and Techniques for Advanced Auditing Common pitfalls Inability to forecast resource usage and costs The impact of shadow IT Avoiding automation Misconfiguration The inadvertent exposure of credentials Overly permissive access Tips, tricks, and techniques AWS Azure GCP Preparing for more advanced auditing Other clouds Oracle Cloud Infrastructure IBM Cloud Alibaba Cloud Summary Chapter 7: Tools for Monitoring and Assessing Basic cloud auditing tools within AWS Amazon CloudWatch Amazon Inspector Azure Azure Monitor Azure Network Watcher GCP Google Cloud Monitoring Network Intelligence Center Summary Chapter 8: Walk-Through – Assessing IAM Controls Preparing to assess cloud IAM controls Assessing authentication and authorization AWS IAM Microsoft Azure Assessing access assignment controls Microsoft Azure GCP Assessing privileged access controls AWS IAM Microsoft Azure Assessing device controls AWS IAM Microsoft Azure Summary Chapter 9: Walk-Through – Assessing Policy Settings and Resource Controls Preparing to assess network, infrastructure, and resource controls Assessing network and firewall settings Microsoft Azure Assessing resource management policies Microsoft Azure GCP Assessing data security policies AWS Microsoft Azure Summary Chapter 10: Walk-Through – Assessing Change Management, Logging, and Monitoring Policies Preparing to assess change management controls Assessing audit and logging configurations AWS Microsoft Azure GCP Assessing change management and configuration policies Azure Automation Terraform Policy Sentry Assessing monitoring and alerting policies AWS Azure GCP Summary Index Other Books You May Enjoy