Domain 1: Design concepts and requirements

The exam’s 19% weight age is for the domain “Architectural concepts, design requirements” from the CCSP certification curriculum. This domain of the CCSP tests a candidate’s design skills and security skills in the context of the cloud environment. It focuses on the following objectives.
Understanding cloud computing concepts
Cloud reference architecture described
Understanding security concepts in the context of cloud computing
Understanding the design principles of secure cloud computing
How to identify trusted cloud services
Let’s take a closer look at the objectives of the “Architectural Concepts and Design Requirements” domain of the highly coveted CCSP certification.

Understanding cloud computing concepts
This domain tests the candidate’s understanding of cloud computing concepts. The CCSP exam requires that the candidate has a thorough understanding of cloud computing concepts.
Definitions of cloud computing (ISO/IEC 17788): This document provides an overview of cloud computing and a list of terms and definitions. This document is for all types of organizations, including commercial, government, and non-profit that are looking to move their services to cloud computing.
Cloud computing roles: Cloud computing roles can be classified as:Cloud service customer:An organization/individual who uses the cloud services
Cloud Service Provider: A company providing cloud services to cloud customers
Cloud Service Partner: A company that supports cloud service providers and works with cloud service customers

This domain assesses the knowledge of the candidate for the cloud computing roles mentioned above.
Cloud computing fundamentals like: On-demand self-service
Provisioning can be done for computing capabilities such as server time or network storage.
Broad network access
Rapid elasticity and scalability
Resource pooling
These terms should be noted as measured service. They are more broadly defined in the NIST 800-145 document.

How to create block technologies such as virtualization and storage, networking, and databases
Cloud reference architecture described
The second sub-objective validates candidates’ knowledge in:
Cloud computing activities (ISO/IEC 17798, Clause 9) The ISO/IEC 1789 document describes cloud computing architecture definitions, reference concepts, user view, functional views, relationship between the user view and functional view, among other concepts.
Cloud service capabilities include types of application capability, platform ability, and infrastructure capability
There are several cloud service categories, including Software as a Service (SaaS), which is at the top of the cloud stack
Platform as a Service (PaaS), which lies in the middle cloud stack
Network as a Service (NaaS).
Cloud compliance as a service (CompaaS).
Data science as a Service (DSaaS).
Infrastructure as a Service (IaaS), which is at the bottom end of the cloud stack

Cloud deployment models include public, private, hybrid, and community cloud deployments
Cloud interoperability and portability are interrelated. They can be used together to address security, privacy and resilience, interoperability and portability. Portability is the ability to move a business’s new ventures to the cloud. Interoperability refers to the ability of a venture to work with other components on the business’s premises.
Understanding of security concepts in the context of cloud computing. The next sub-objective tests candidates’ core security competencies in cloud computing. These competencies revolve around basic understanding of security concepts.
Cryptography:(e.g. encryption, in motion and at rest, key management) Data stored in the cloud is a security risk. The key to data security is cryptography. Certified security professionals should have a deep understanding of encryption in order to apply it to data in motion.