The Cloud Security Alliance CCSK exam preparation guide is designed to provide candidates with necessary information about the CCSK Foundation exam. It includes exam summary, sample questions, practice test, objectives and ways to interpret the exam objectives to enable candidates to assess the types of questions-answers that may be asked during the CSA Certificate of Cloud Security Knowledge (CCSK) exam.
It is recommended for all the candidates to refer the CCSK objectives and sample questions provided in this preparation guide. The Cloud Security Alliance CCSK Foundation certification is mainly targeted to the candidates who want to build their career in Cloud domain and demonstrate their expertise. We suggest you to use practice exam listed in this cert guide to get used to with exam environment and identify the knowledge areas where you need more work prior to taking the actual CSA Certificate of Cloud Security Knowledge exam.
Cloud Security Alliance CCSK Exam Summary:
|
Exam Name
|
CSA Certificate of Cloud Security Knowledge (CCSK Foundation) |
| Exam Code | CCSK |
| Exam Price | $395 USD |
| Duration | 90 minutes |
| Number of Questions | 60 |
| Passing Score | 80% |
| Recommended Training / Books | CCSK Course |
| Schedule Exam | PEARSON VUE |
| Sample Questions | Cloud Security Alliance CCSK Sample Questions |
| Recommended Practice | CSA Certificate of Cloud Security Knowledge (CCSK) Practice Test |
Cloud Security Alliance CCSK Foundation Syllabus:
| Section | Objectives |
|---|---|
| Cloud Computing Concepts and Architectures |
- Definitions of Cloud Computing
- Cloud Security Scope, Responsibilities, and Models |
| Governance and Enterprise Risk Management |
- Tools of Cloud Governance - Enterprise Risk Management in the Cloud - Effects of various Service and Deployment Models - Cloud Risk Trade-offs and Tools |
| Legal Issues, Contracts and Electronic Discovery |
- Legal Frameworks Governing Data Protection and Privacy
- Contracts and Provider Selection
- Electronic Discovery
|
| Compliance and Audit Management |
- Compliance in the Cloud
- Audit Management in the Cloud
|
| Information Governance |
- Governance Domains - Six phases of the Data Security Lifecycle and their key elements - Data Security Functions, Actors and Controls |
| Management Plane and Business Continuity |
- Business Continuity and Disaster Recovery in the Cloud - Architect for Failure - Management Plane Security |
| Infrastructure Security |
- Cloud Network Virtualization - Security Changes With Cloud Networking - Challenges of Virtual Appliances - SDN Security Benefits - Micro-segmentation and the Software Defined Perimeter - Hybrid Cloud Considerations - Cloud Compute and Workload Security |
| Virtualization and Containers |
- Major Virtualizations Categories - Network - Storage - Containers |
| Incident Response |
- Incident Response Lifecycle - How the Cloud Impacts IR |
| Application Security |
- Opportunities and Challenges - Secure Software Development Lifecycle - How Cloud Impacts Application Design and Architectures - The Rise and Role of DevOps |
| Data Security and Encryption |
- Data Security Controls - Cloud Data Storage Types - Managing Data Migrations to the Cloud - Securing Data in the Cloud |
| Identity, Entitlement, and Access Management |
- IAM Standards for Cloud Computing - Managing Users and Identities - Authentication and Credentials - Entitlement and Access Management |
| Security as a Service |
- Potential Benefits and Concerns of SecaaS - Major Categories of Security as a Service Offerings |
| Related Technologies |
- Big Data - Internet of Things - Mobile - Serverless Computing |