This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 3.2 of Cloud Security Controls and Frameworks
NIST SP 800-145, NIST CSF 2.0, ENISA risk taxonomy, framework comparison, and the Capital One 2019 case study.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
NIST Cybersecurity Framework 2.0
The official NIST CSF 2.0 framework including the new Govern function and implementation tiers.
NIST Cybersecurity Framework 2.0
The official NIST CSF 2.0 framework including the new Govern function and implementation tiers.
ENISA Cloud Security for Healthcare
ENISA sector-specific cloud guidance demonstrating the risk taxonomy in regulated environments.
ENISA Cloud Security for Healthcare
ENISA sector-specific cloud guidance demonstrating the risk taxonomy in regulated environments.
Capital One Breach — SEC Filing and Technical Analysis
Capital One SEC filing disclosing the breach, affected data categories, and remediation actions.
Capital One Breach — SEC Filing and Technical Analysis
Capital One SEC filing disclosing the breach, affected data categories, and remediation actions.
AWS Security Assurance Programs and Compliance Reports
AWS compliance programme page listing SOC 2, ISO 27001, FedRAMP, PCI-DSS, and sector-specific certifications.
AWS Security Assurance Programs and Compliance Reports
AWS compliance programme page listing SOC 2, ISO 27001, FedRAMP, PCI-DSS, and sector-specific certifications.
Quadrant 4 · Self-Assessment
Controls, Standards and Testing
CSA CCM v4, NIST CSF 2.0, ENISA, CSPM, CWPP, CASB, CIEM, CSMV, and cloud penetration testing tools.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.