CCSK certification
CCSK Certification
The following are the key exam areas and concepts of the CCSK certification (this information is based on the Cloud Security Alliance CCSK FAQ):
CSA Guidance For Critical Areas of Focus in Cloud Computing V4.0 English
Domain 1 Cloud Computing Concepts and Architectures
Definitions of Cloud Computing
- Service Models
- Deployment Models
- Reference and Architecture Models
- Logical Model
Cloud Security Scope, Responsibilities, and Models
Areas of Critical Focus in Cloud Security
Domain 2: Governance and Enterprise Risk Management
Tools of Cloud Governance
Enterprise Risk Management in the Cloud
Effects of various Service and Deployment Models
Cloud Risk Trade-offs and Tools
Domain 3: Legal Issues, Contracts and Electronic Discovery
Legal Frameworks Governing Data Protection and Privacy
- Cross-Border Data Transfer
- Regional Consideration
Contracts and Provider Selection
- Contracts
- Due Diligence
- Third-Party Audits and Attestations
Electronic Discovery
- Data Custody
- Data Preservation
- Data Collection
- Response to a Subpoena or Search Warrant
Domain 4: Compliance and Audit Management
Compliance in the Cloud
- Compliance impact on cloud contracts
- Compliance scope
- Compliance analysis requirements
Audit Management in the Cloud
- Right to audit
- Audit scope
- Auditor requirements
Domain 5: Information Governance
Governance Domains
Six phases of the Data Security Lifecycle and their key elements
Data Security Functions, Actors and Controls
Domain 6: Management Plane and Business Continuity
Business Continuity and Disaster Recovery in the Cloud
Architect for Failure
Management Plane Security
Domain 7: Infrastructure Security
Cloud Network Virtualization
Security Changes with Cloud Networking
Challenges of Virtual Appliances
SDN Security Benefits
Micro-segmentation and the Software Defined Perimeter
Hybrid Cloud Considerations
Cloud Compute and Workload Security
Domain 8: Virtualization and Containers
Major Virtualizations Categories
Network
Storage
Containers
Domain 9: Incident Response
Incident Response Lifecycle
How the Cloud Impacts IR
Domain 10: Application Security
Opportunities and Challenges
Secure Software Development Lifecycle
How Cloud Impacts Application Design and Architectures
The Rise and Role of DevOps
Domain 11: Data Security and Encryption
Data Security Controls
Cloud Data Storage Types
Managing Data Migrations to the Cloud
Securing Data in the Cloud
Domain 12: Identity, Entitlement, and Access Management
IAM Standards for Cloud Computing
Managing Users and Identities
Authentication and Credentials
Entitlement and Access Management
Domain 13: Security as a Service
Potential Benefits and Concerns of SecaaS
Major Categories of Security as a Service Offerings
Domain 14: Related Technologies
Big Data
Internet of Things
Mobile
Serverless Computing
ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
- Isolation failure
- Economic Denial of Service
- Licensing Risks
- VM hopping
- Five key legal issues common across all scenarios
- Top security risks in ENISA research
- OVF
- Underlying vulnerability in Loss of Governance
- User provisioning vulnerability
- Risk concerns of a cloud provider being acquired
- Security benefits of cloud
- Risks R.1 – R.35 and underlying vulnerabilities
- Data controller versus data processor definitions
- In Infrastructure as a Service (IaaS), who is responsible for guest systems monitoring
Cloud Security Alliance – Cloud Controls Matrix
- CCM Domains
- CCM Controls
- Architectural Relevance
- Delivery Model Applicability
- Scope Applicability
- Mapped Standards and Frameworks
For more information, see the course schedule and fees.