Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)

Published 11/24/2020

Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)
Written by Ryan Bergsma, Technology Director and Security Manager, CSA.

Updated on 7/15/24 to align with CCSK v5.


In this blog we’ll be taking a look at how to earn your Certificate of Cloud Security Knowledge (CCSK), from study materials to the details of the exam. If you’re considering earning your CCSK, or just exploring the possibility, this will give you a good idea of what to expect and what resources to draw from as you prepare.

We'll start by covering what you’ll need to know in order to pass the exam successfully.


Step 1. What You’ll Need to Know

Recommended Experience

While there is no official work experience required, it can be helpful to have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity and access management.


Topics Covered

Cloud Computing Concepts & Architectures: To start, you’ll need to be able to define cloud computing and the baseline terminology. Familiarize yourself with the overall controls, deployment, and architectural models.

Cloud Governance, Risk, & Compliance: Understand how enterprise governance helps align the strategic, tactical, and operational capabilities of information and technology with the business objectives. Know how to evaluate cloud service providers.

Management: Understand how to manage your cloud footprint, including securing and validating service provider deployments and clarifying the identity and access responsibilities between an organization and cloud providers.

Security Monitoring & Response: Understand the unique security monitoring challenges and solutions for cloud environments, including the distinct aspects of cloud telemetry, management plane logs, service and resource logs, and the integration of advanced monitoring tools. Be able to explain best practices for cloud incident response and resilience.

Infrastructure & Networking: Understand how to manage the overall infrastructure footprint and network security, including the CSP's infrastructure security responsibilities.

Workload & Data Security: Understand the complexities of data security in the cloud, as well as software and data units that are deployable on some type of infrastructure or platform.

Application Security: Understand the unique challenges and opportunities presented by application security in the cloud environment.

Related Technologies & Strategies: Finally, understand the foundational concepts needed to develop a strategic cybersecurity approach to Zero Trust and Artificial Intelligence.


Step 2. How to Study

Get Advice from Peers

I’d recommend checking out our Q&A blog series, CCSK Success Stories, where we asked individuals about their experience preparing for and taking the exam. Having prepared for and gone through the exam themselves, they are able to offer insight into what topics they found most challenging, and what you should focus on.


Choose How to Study

Self-Study: I’d recommend taking this route if you have don’t have the time or budget to complete a training course, or already have experience in cloud security. You can study for the exam on your own by downloading our free CCSK Prep-Kit here.

Self-Paced Online Training: If you want training but have a hard time fitting in a regular course and need something flexible enough for your schedule and budget, then our self-paced training may be a good fit. You can complete CCSK training on-the-go, without any deadlines, at a pace that's right for you. View available CCSK courses here.

Online Training with an Instructor: For individuals who work best when they can ask questions, the online instructor-led training is a good fit. It may also be an option for companies with a tight travel budget, since it still offers you the ability to attend regularly scheduled class sessions. Find upcoming classes here.

In-Person Training: Of course, in-person training is always nice to have. You get the opportunity to interact with an instructor face to face, ask questions, and learn in the same room with other students. Find upcoming classes here.

CCSK Plus Course with Hands-On Labs: This extended version of the CCSK course offers a more practical implementation of the material. It combines the knowledge covered in the regular CCSK Fundamentals Course with hands-on labs where you can practice applying what you learn in real-life scenarios.


Download Study Materials

Everything you’ll need to study for the exam is in the CCSK Prep-Kit. Important items in the Prep-Kit include:

  • CCSK Knowledge Guide
  • CCSK Study Guide
  • Sample Questions
  • Acronym List
  • Recommended Readings

Start with the Knowledge Guide to get a more in-depth understanding of what you’ll need to do to prepare for the exam.


Step 3. Review Exam Details

The Exam Format

The exam is open-book and held online. You can start an exam at any time that works for you. The timeline to complete it is 120 minutes, and you’ll be answering 60 questions selected randomly from the CCSK question pool. The minimum passing score is 80%.


Question Format

All the questions are multiple choice or true/false. Sample questions from each domain are included in the Prep-Kit. For a more comprehensive practice test that covers multiple questions and material from all the modules, you can try our online self-paced course.


Exam Difficulty

With an average passing rate of only 62%, the CCSK is a challenging exam to pass. For this reason, make sure you have read through all of the study materials and thoroughly understand the topics before attempting the test. Below is a breakdown of the percentage of questions you’ll be asked from each domain.

Domains

% of Questions

1. Cloud Computing Concepts & Architectures

8.33%

2. Cloud Governance

8.33%

3. Risk, Audit & Compliance

8.33%

4. Organization Management

8.33%

5. Identity & Access Management

6.67%

6. Security Monitoring

6.67%

7. Infrastructure & Networking

10.00%

8. Cloud Workload Security

11.67%

9. Data Security

8.33%

10. Application Security

10.00%

11. Incident Response & Resilience

8.33%

12. Related Technologies & Strategies

5.00%


Step 4. Take the Exam

Register at the CCSK Exam Website

Whether you plan to purchase an exam token directly or will receive one as part of a training package, to attempt the exam, you will first need to create an account on the exam platform. If you plan to self-study and buy a token, you can go directly to the link above. If you received an exam token with a training package you will get an email with instructions on how to register and claim your token.


Take the Exam

Since the exam is taken online, once you have a test token you can take the test when and where you want. Make sure you have thoroughly studied the exam materials and reviewed your notes if you took a training course. And be sure you have a reliable internet connection and a full 120 minutes in which you will not be interrupted or distracted.


Step 5. Build on the Knowledge from the CCSK

After you’ve earned your CCSK, a good way to continue learning about cloud security is following our CloudBytes webinar series or volunteering for a working group. Other ways you can build on your success...


Share Your Success with a Digital Badge

A CCSK digital badge is issued upon successful completion of the exam. Leverage the CCSK digital badge on your social media channels and resume to showcase your knowledge and validate your expertise.


Read the Latest CSA Research

In general, I recommend being familiar with the Top Threats document series. This helps folks understand the threat landscape for cloud. I’d also take a look at what’s the latest output from our AI Safety Initiative.


Use the CCSK to Satisfy Continuing Education Credits

The CCSK can be used to satisfy continuing professional education credits for several other IT credentials. A certificate of completion will be issued that reflects your total number of credits awarded, which can then be submitted for possible credits, such as CPEs. All CSA trainings are compliant with NASBA standards for CPE providers.


Gain Hands-On Experience

Practice building in a cloud environment using management plane best practices and appropriate reference architectures for practice projects. Look at some of the cloud offerings in the market and consider the security implications for the consumer based on the shared responsibilities model.


Consider Enrolling in Complementary Training

CSA has several other training and certificate offerings that build on the foundations of the CCSK.

Certificate of Competence in Zero Trust (CCZT): The authoritative Zero Trust training and certificate that delivers the knowledge needed to understand the core concepts of Zero Trust.

Certificate of Cloud Auditing Knowledge (CCAK): The first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems.

Cloud Infrastructure Security: Shorter courses that focus on fundamental areas of cloud computing such as Top Threats, Cloud Key Management, Microservices and Containers, DevSecOps, and more.

STAR Lead Auditor Training: A self-paced course designed to help assessors, service providers, and consultants better manage the security of cloud services, as well as provide the credentials necessary to become a qualified STAR Auditor.

Interested in earning your CCSK? Download the Prep-Kit to learn more.


Share this content on your favorite social network today!