Domain 3: Cloud Platform & Infrastructure Security Module 30 of 70

Module 30: Secure Data Center Design

CCSP Domain 3 — Cloud Platform & Infrastructure Security Section B 6–8 min read
The CCSP exam expects you to evaluate data center design from the cloud customer’s perspective — you are assessing what your provider has built, not building it yourself.

The Cloud Customer’s Data Center Dilemma

In traditional IT, you design your own data center. In cloud, you depend on someone else’s. The exam tests whether you know how to evaluate a CSP’s data center without having physical access to it.

Your primary tools:

  • Third-party audit reports (SOC 2, ISO 27001)
  • Uptime Institute tier certifications
  • Contractual SLAs and guarantees
  • CSP transparency reports and compliance documentation
On the exam, if you cannot physically inspect a CSP’s data center, the correct answer is almost always “rely on third-party audit reports and certifications” — not “conduct your own on-site assessment.”

Uptime Institute Tier Classifications

The exam expects you to know the four tiers and what they mean for availability:

  • Tier I — Basic capacity. Single path for power and cooling. 99.671% uptime (~28.8 hours downtime/year)
  • Tier II — Redundant capacity components. Still single distribution path. 99.741% uptime
  • Tier III — Concurrently maintainable. Dual power and cooling paths. 99.982% uptime (~1.6 hours/year)
  • Tier IV — Fault tolerant. Dual paths, can sustain any single failure. 99.995% uptime (~26 minutes/year)

Exam trap: Higher tiers do not mean “more secure” in the cybersecurity sense. Tiers measure availability and redundancy. A Tier IV data center with poor access controls is still insecure. Do not confuse uptime tiers with security maturity.

Redundancy and Resilience Patterns

Cloud data centers are designed around the assumption that components will fail. The exam tests these resilience concepts:

  • N+1 redundancy — one extra component beyond what is needed (minimum for cloud)
  • 2N redundancy — complete duplication of all components (Tier IV requirement)
  • Geographic distribution — multiple data centers in different regions for disaster recovery
  • Availability zones — physically separate facilities within a region, connected by low-latency links

The critical exam concept: availability zones are designed so that a failure in one zone does not affect another. If a question asks about protecting against a data center failure, the answer involves multi-AZ deployment — not just backup within the same facility.

Logical Design vs. Physical Design

In cloud, logical design often matters more than physical:

  • Physical design — the CSP’s responsibility (power, cooling, fire suppression, physical access)
  • Logical design — the customer’s responsibility (network architecture, segmentation, multi-AZ deployment)

The exam tests whether you understand that even if the CSP runs a Tier IV data center, your application is not fault-tolerant unless YOU design it for multi-AZ resilience.

A Tier IV data center does not make YOUR application fault-tolerant. You must architect your deployment to take advantage of the CSP’s infrastructure redundancy.

Environmental Controls

Although the customer does not manage these directly, the exam expects you to understand what to look for in a CSP assessment:

  • HVAC systems — temperature and humidity control to prevent equipment failure
  • Hot aisle/cold aisle containment — efficient cooling design that extends equipment life
  • Fire suppression — clean agent systems (FM-200, Novec 1230) that do not damage equipment
  • Water detection — sensors under raised floors and near cooling units
  • Power — UPS systems, diesel generators, automatic transfer switches

Exam thinking: If a scenario asks what environmental control is MOST critical for data center continuity, the answer is typically power (UPS + generator) because without power, nothing else functions.

Multi-Region and Data Sovereignty

Designing across multiple regions adds complexity:

  • Data may be subject to local laws in each region where it resides
  • Latency increases with geographic distance
  • Replication across regions must account for data sovereignty requirements
  • Some regulations prohibit data from leaving specific jurisdictions

The exam expects you to balance availability (more regions = more resilience) against compliance (more regions = more legal exposure). The correct answer usually prioritizes compliance constraints first, then optimizes availability within those constraints.

Next Module Module 31: Physical and Environmental Security