1. Introduction to Cloud Computing(Domain 1 : Cloud Architecture; NIST definitions : Essential characteristics; Service models; Deployment models)
2. Infrastructure for Cloud Computing(Infrastructure and Virtual networking security; Management plane security; Domain 13 : Virtualization and infrastructure security; Domain 7 : Traditional Security, Business Continuity and Disaster Recovery; Domain 8 : Data centre operations)
3. Risk and process (A structured look at risk and security processes; Data security for the Cloud; Domain 5 : Information lifecycle; Domain 6 : Portability and interoperability; Domain 9 : Incident response; ENISA document and threat model)
4. Application software(Application software, ID management and encryption; Securing Cloud users and Applications; Domain 11 : Encryption and Key Management; Domain 10 : Application Security; Domain 12 : Identity and Access Management; Domain 14 : Security as a Service)
5. Governance(Managing Cloud Security and Risk Governance, Compliance; Selecting Cloud Services; Domain 2 : Governance and Enterprise Risk; Domain 3 : Legal and Electronic Discovery; Domain 4 : Compliance and Audit ENISA Doc; Review, Evaluation and Exam Preparation)
Online class delivery
Format (An online course which runs in five 2-hour sessions over a period of a week, consecutively.)
Time (9AM – 11AM UTC-2 which is two hours ahead of GMT)
Dates – please send an email to firstname.lastname@example.org for current dates
How is the Examination conducted – Method, Number of Questions, Format?
1. The exam is web-based and consists of multiple choice questions examining your individual competency in key cloud security issues
2. There are 60 questions and it is a timed examination (must be completed within 90 minutes) without interruption
3. It is not possible to pause the exam, stop the exam or take the exam at a later time once you’ve started
4. Pass mark is 80% ie you must get 40 out of 50 questions correct to pass the test and obtain the certificate
5. You are allowed to consult the training material during the exam ie it is an open book exam.
Where does the Examination need to be taken?
1. The exam is an online examination taken directly at the Cloud Security Alliance (CSA) website. You can take the Examination at any place that has a computer and an internet connection.
2. There is no necessity to schedule your test in advance.
What body of knowledge does the Examination test you on?
1. The body of knowledge tested is The CSA Guidance V4, English language version and ENISA’s report “Cloud Computing: Benefits, Risks and Recommendations for Information Security”.
2. 70% of the questions are based on the CSA Guidance whereas 20% of the questions are based on the ENISA report and 10% of the questions are applied knowledge questions related to the best practices in both documents.
3. The CSA recommends that the best way to prepare for the CCSK examination is to thoroughly read and understand the CSA Guidance and ENISA.
Exam fees The course fees include one CSA exam token which entitles you to two attempts at the exam.
CPE points The course may qualify for 12 or more CPE points, which might come in handy if you maintain CISSP certification.
Certification by : The Cloud Security Alliance
The Cloud Security Alliance (CSA) is a not-for-profit organisation with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.
Course Materials and Format
Each session will have presentations, quizzes to test your knowledge, Q&As and suggestions for study, practical exercises and application to your current job. Additionally, there will be a membership site featuring a private support group with your instructor, additional practical resources, as well as optional practical work
1. Any IT professional who is planning to use cloud computing or who is already working in the cloud.
2. IT Professionals who want to understand more about the issues pertaining to security which are related to being in the cloud as well as recommendations as to how this can be dealt with.
3. The audience will include the likes of the Chief Information Officer (CIO), Chief Information Security Officer (CISO), IT and security professionals.
It is advised that you have at least a basic understanding of security fundamentals such as firewalls, secure development, encryption and identity management.
1. This online course is brought to you in partnership with Digital Infrastructures and delivered by Peter van Eijk.
2. The registration fee for the training covers the training provided for the five sessions, materials given, support from your instructor and one CSA exam token. The total fees exclude any applicable VAT or payment fees.
Course image banner incorporates a photo of group of people in a meeting courtesy rawpixels.com