Certificate of Cloud Security Knowledge (CCSK)
The standard of expertise for cloud security.

Certificate of Cloud Security Knowledge
As organizations migrate to the cloud, they need information security professionals who are cloud savvy. The CCSK certificate is widely recognized as the standard of expertise for cloud security. It gives you a cohesive and vendor-neutral understanding of how to secure data in the cloud, which will prepare you to earn cloud credentials specific to certain vendors or job functions.
Learn CSA’s Security Guidance V.4 along with...
- An in-depth understanding of the full capabilities of cloud computing.
- The knowledge to effectively develop a holistic cloud security program relative to globally accepted standards.
- Best practices for IAM, cloud incident response, application security, data encryption, SecaaS, securing emerging technologies and more.
- How to assess the security of cloud providers and your own organization using the cloud-specific governance & compliance tool: Cloud Controls Matrix.
What are the benefits of earning your CCSK?
If you are looking to earn the Certificate of Cloud Auditing Knowledge (CCAK), we recommend earning your CCSK first.
- Prove your competency in key cloud security issues through an organization that specializes in cloud research.
- Increase employment opportunities by filling the skills-gap for cloud-certified professionals.
- Demonstrate your technical knowledge, skills, and abilities to effectively use controls tailored to the cloud.
- Learn to establish a baseline of security best practices when dealing with a broad array of responsibilities, from cloud governance to configuring technical security controls.
- Complement other credentials such as the CCAK, CISA, CISSP and CCSP.
Who should earn their CCSK?

How to Prepare for the CCSK Exam
The CCSK is an open-book, online exam, completed in 90 minutes with 60 multiple-choice questions selected randomly from the CCSK question pool. Purchasing the exam costs $395 and provides you with two test attempts, which you will have 2 years to use. The minimum passing score is 80%. There are several ways you can prepare for the exam.
Option 1
Study on Your Own
You can also study for the exam yourself using our free prep-kit. The kit includes sample questions, an outline of the domains and topics covered in the exam, as well as all of the documents you will be tested on.
Download Prep-Kit
Option 2
Enroll in Training
There are two types of training for the CCSK, the regular class is lectures-only, but there is a lectures + labs version as well. Download the class outlines to see the differences between both courses and determine which is a better fit for you.
Class Formats:
View Upcoming Classes
Recommended
Instructor-Led Training
Receive a superior cloud security education, by enrolling in an instructor-led course. Having direct access to a cloud security expert, lets you ask questions and gain additional context around topics and challenges that are relevant to your particular organization.
Interested in the CCSK training with hands-on labs? You can view the list of upcoming classes here

Study Materials
CSA is proud to collaborate with McGraw-Hill and announce the release of the “CCSK Certificate of Cloud Security Knowledge All-in-One Exam Guide,” written by CSA-authorized trainer Graham Thompson. This book offers exam-focused coverage of the latest cloud technologies, including virtualization, governance and security. Readers will receive real-world examples and best practices, online content that includes access to 120 additional practice questions, and a 10% discount code for the CCSK exam. You can buy the book here

CSA Security Guidance v.4

ENISA Recommendations

CSA Cloud Controls Matrix
Domains Covered
DOMAIN 1
Cloud Computing Concepts and Architecture
DOMAIN 2
Governance and Enterprise Risk Management
DOMAIN 3
Legal Issues, Contracts, and Electronic Discovery
DOMAIN 4
Compliance and Audit Management
DOMAIN 5
Information Governance
DOMAIN 6
Management Plane and Business Continuity
DOMAIN 7
Infrastructure Security
DOMAIN 8
Virtualization and Containers
DOMAIN 9
Incident Response
DOMAIN 10
Application Security
DOMAIN 11
Data Security and Encryption
DOMAIN 12
Identity, Entitlement and Access Management
DOMAIN 13
Security as a Service
DOMAIN 14
Related Technologies
EXTRA DOMAIN
Cloud Controls Matrix
EXTRA DOMAIN