The Certificate of Cloud Security Knowledge (CCSK) certification programme covers the entire CCSK version 4 BOK (Body of Knowledge). Practical exercises and audience interaction reinforce the learning.
Thousands of IT and security professionals have obtained the certificate. It is therefore no surprise that CIO.com listed CCSK as #1 on the list of Top Ten Cloud Computing Certifications. CCSK is also the basis for many consumer/vendor discussions around risk and assurance and has become required in many segments. CCSK is also the basis for the CCM (Cloud Controls Matrix) and the STAR (Security Trust Assurance Registry). Version 4 features significantly updated content, including DevOps, Big Data, containers and more. Furthermore, the labs also give a good introduction in practical AWS security.
Why do the CCSK?
The Cloud Security Alliance (CSA) has developed a widely-adopted catalog of security best practices, the “Security Guidance for Critical Areas of Focus in Cloud Computing, V4.0“. This document was last updated significantly in 2017, even though it was first published in 2009.
In addition, the European Network and Information Security Agency (ENISA) created a whitepaper called “Cloud Computing: Benefits, Risks and Recommendations for Information Security“. This is also an important contribution to the cloud security body of knowledge. Together these documents are a broad foundation of knowledge about cloud security. Their topics range from architecture, governance, compliance, operations, encryption, virtualization and much more.
CCSK facilitates a common understanding of cloud security concepts. This increases the quality of risk decisions taken. It is also developed and maintained by the Cloud Security Alliance (CSA).
Intake survey; three days of classroom training including practical exercises; practical labs which give you solid examples of how to secure Amazon cloud services or audit that; lunch and refreshments; an exam token; and candidate manual.
1. Please bring your own laptop(Laptop compatible OS are Windows, Linux or Mac)
2. AWS account
Cloud computing foundations; How to create and secure cloud environments; What to expect from Cloud Service Providers; Risk, governance and compliance; Knowledge to secure data in the cloud.
Body of knowledge
The CCSK V4 exam contains material sourced from the CSA Cloud Security Guidance v4, the CSA Cloud Control Matrix and the ENISA Cloud Computing Risk Assessment report. Approximately 80% of the exam questions will be related to content included in the CSA Security Guidance.
Introduction of participants and programme
Introduction to cloud computing
Infrastructure and virtualization security
Management plane security
Practical exercise on AWS or OpenStack
Managing Cloud Security
Data Security for Cloud
Audit, compliance and the CCM
Securing cloud applications
Cloud data architectures
Identity and Access Management
CASB and Security as a Service
Review, Evaluation and Test Preparation
09 – 11 Oct | Melbourne, Australia
16 – 18 Oct | Sydney, Australia
About the Exam
Passing the exam is evidence that an individual is knowledgeable about cloud security. In particular, this means having an understanding of the key concepts of the CSA guidance and ENISA whitepaper and the CSA Cloud Controls Matrix.
How is the Examination conducted – Method, Number of Questions, Format?
1. The exam is web-based and consists of multiple-choice questions examining your individual competency in key cloud security issues
2. There are 60 questions and it is a timed examination (must be completed within 90 minutes) without interruption
3. It is not possible to pause the exam, stop the exam or take the exam at a later time once you’ve started
4. Pass mark is 80% ie you must get 40 out of 50 questions correct to pass the test and obtain the certificate
5. You are allowed to consult the training material during the exam ie it is an open book exam.
Where does the Examination need to be taken?
1. The exam is an online examination taken directly at the Cloud Security Alliance (CSA) website. You can take the Examination at any place that has a computer and an internet connection.
2. There is no necessity to schedule your test in advance.
What body of knowledge does the Examination test you on?
1. The body of knowledge tested is The CSA Guidance V4, English language version and ENISA’s report “Cloud Computing: Benefits, Risks and Recommendations for Information Security”.
2. 70% of the questions are based on the CSA Guidance whereas 20% of the questions are based on the ENISA report and 10% of the questions are applied knowledge questions related to the best practices in both documents.
3. The CSA recommends that the best way to prepare for the CCSK examination is to thoroughly read and understand the CSA Guidance and ENISA.
Exam token fee is included in this registration fee.
Certification by : The Cloud Security Alliance
The Cloud Security Alliance (CSA) is a not-for-profit organisation with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.
1. Any IT professional who is planning to use cloud computing or who is already working in the cloud.
2. IT Professionals who want to understand more about the issues pertaining to security which are related to being in the cloud as well as recommendations as to how this can be dealt with.
3. The audience will include the likes of the Chief Information Officer (CIO), Chief Information Security Officer (CISO), IT and security professionals.
Preparation.There is some preparation required before the course starts. You will be downloading some software and applying for an Amazon webservices account.
Webservices account. An Amazon web services account will need to be created ahead of the course at least two days in advance of the scheduled course date.
Cloud usage fees.These fees are also not included as part of the registration fee. However, it is estimated that these would not exceed a few US dollars.
It is advised that you have at least a basic understanding of security fundamentals such as firewalls, secure development, encryption and identity management.
This course is delivered by a single faculty. It may be delivered by either Peter van Eijk or Ricci Ieong. Both are accredited to deliver the CCSK programme.
Training Grants – applicable to courses in Malaysia
The Certificate of Cloud Security Knowledge certification course is an approved course under the HRDF SBL-Khas Scheme.
Vertical Distinct Sdn Bhd is a PSMB (Pembangunan Sumber Manusia Berhad) Approved Training Provider and the courses offered in Malaysia are HRDF (Human Resource Development Fund) claimable. For guidelines and details on how to submit your application or claims to the HRDF, please visit HRDF.