Certified - CCSP

Domain 3 of the CCSP exam takes us into the technical backbone of the cloud: platforms and infrastructure. In this episode, we establish the scope of the domain, including compute, storage, networking, virtualization, and the critical controls that protect them. Unlike higher-level governance or data-centric domains, Domain 3 is hands-on and deeply rooted in technical decision-making. It requires candidates to know not only what the cloud is built on but also how each layer introduces specific security concerns that must be addressed.

We discuss why infrastructure security in cloud is distinct from traditional IT, especially with shared responsibility models and abstraction layers that blur ownership of controls. Exam scenarios in this domain often require careful reading of context to determine whether the provider or the customer is accountable. This overview sets the stage for a deep dive into workloads, containers, serverless computing, and the orchestration tools that power modern cloud platforms. Produced by BareMetalCyber.com.