Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Certificate of Cloud Security Knowledge (CCSK)

The standard of expertise for cloud security.

View ClassesTake the Exam
Education Home
View Upcoming Classes
Enterprise Training
CCSK Exam
Resources
Home
Education
CCSK

Certificate of Cloud Security Knowledge

As organizations migrate to the cloud, they need information security professionals who are cloud-savvy. The CCSK certificate is widely recognized as the standard of expertise for cloud security and gives you a cohesive and vendor-neutral understanding of how to secure data in the cloud. The CCSK credential is the foundation to prepare you to earn additional cloud credentials specific to certain vendors or job functions.

Earning the CCSK will provide you with the knowledge to effectively develop a holistic cloud security program relative to globally accepted standards. It covers key areas, including best practices for IAM, cloud incident response, application security, data encryption, SecaaS, securing emerging technologies, and more. If you want to learn more, you can read our guide to earning the CCSK.

What are the benefits of earning your CCSK?

Increase employment opportunities by filling the skills-gap for cloud-certified professionals.

Demonstrate your technical knowledge, skills, and abilities to effectively use controls tailored to the cloud.

Learn to establish a baseline of security best practices when dealing with a broad array of responsibilities, from cloud governance to configuring technical security controls.

Credentials the CCSK Complements

If you are looking to earn the CCAK, we recommend earning your CCSK first. The CCSK also complements the following credentials:

Who should earn their CCSK?

Cybersecurity analystsSecurity EngineersSecurity ArchitectsEnterprise ArchitectsSecurity AdministratorsCompliance ManagersSecurity ConsultantsSystems EngineersCISOs

How to Prepare for the CCSK Exam

The CCSK is an open-book, online exam, completed in 90 minutes with 60 multiple-choice questions selected randomly from the CCSK question pool. Purchasing the exam costs $395 and provides you with two test attempts, which you will have 2 years to use. The minimum passing score is 80%. There are several ways you can prepare for the exam.
Option 1

Study on Your Own

You can also study for the exam yourself using our free prep-kit. The kit includes sample questions, an outline of the domains and topics covered in the exam, as well as all of the documents you will be tested on.

Download Prep-Kit
Option 2

Enroll in Training

There are two types of training for the CCSK, the regular class is lectures-only, but there is a lectures + labs version as well where students practice bringing a fictional organization securely into the cloud.

Class Formats:

View Upcoming Classes

Want to train multiple members of your team?

Contact UsLearn More

Study Materials

Purchase Exam GuideDownload Free Prep-Kit

The Security Guidance v.4 outlines specific uses and applications of the cloud and addresses regulatory issues and inherent risks in using cloud computing on various technologies including: IoT, blockchain and DevSecOps.

 

CSA Security Guidance v.4

Download Now

An in-depth and independent analysis outlining the information security benefits and key security risks of cloud computing with practical advice on how to protect your organization.

 

ENISA Recommendations

Download Now

The Cloud Controls Matrix provides fundamental security principles that guide cloud service vendors toward the most secure practices. For prospective cloud customers it helps in assessing the overall security posture of cloud providers.

 

CSA Cloud Controls Matrix

Download Now
Veterans can earn the CCSK for free
Corporate members receive discounts on the CCSK

Topics Covered

Course Outline

CSA CCSK Domain 01 Icon

DOMAIN 1

Cloud Computing Concepts and Architecture
CSA CCSK Domain 02 Icon

DOMAIN 2

Governance and Enterprise Risk Management
CSA CCSK Domain 03 Icon

DOMAIN 3

Legal Issues, Contracts, and Electronic Discovery
CSA CCSK Domain 04 Icon

DOMAIN 4

Compliance and Audit Management
CSA CCSK Domain 05 Icon

DOMAIN 5

Information Governance
CSA CCSK Domain 06 Icon

DOMAIN 6

Management Plane and Business Continuity
CSA CCSK Domain 07 Icon

DOMAIN 7

Infrastructure Security
CSA CCSK Domain 08 Icon

DOMAIN 8

Virtualization and Containers
CSA CCSK Domain 09 Icon

DOMAIN 9

Incident Response
CSA CCSK Domain 10 Icon

DOMAIN 10

Application Security
CSA CCSK Domain 11 Icon

DOMAIN 11

Data Security and Encryption
CSA CCSK Domain 12 Icon

DOMAIN 12

Identity, Entitlement and Access Management
CSA CCSK Domain 13 Icon

DOMAIN 13

Security as a Service
CSA CCSK Domain 14 Icon

DOMAIN 14

Related Technologies
CSA CCSK CCM Icon

EXTRA DOMAIN

Cloud Controls Matrix
CSA CCSK ENISA Icon

EXTRA DOMAIN

ENISA Recommendations

Industry Support

The CCSK reflects both the operational knowledge of the CCM (Cloud Controls Matrix) as well as the strategic goals for the CSA. The CCM itself is a superset of many existing security control standards, which makes the CCSK all the more relevant to today's security environment.

John Checco
President Emeritus for the New York Metro InfraGard Members Alliance

I recently passed the CSA Certificate of Cloud Security Knowledge and I found so much of the content directly valuable. I would recommend it to all IT security professionals. It provides a set of comprehensive and vendor neutral cloud computing principles that are invaluable across security roles and responsibilities. The CSA Security Guidance v4 document will be required reading for all my engineering talent in our organization going forward.

Cory Cowgill
CTO of Fusion Risk Management

As enterprises move toward cloud computing, they are desperately seeking guidance and education in this new domain. CSA is bridging this gap and the CCSK provides an important first step in establishing baseline knowledge for individuals tasked with building and managing applications to the cloud.

Michael Sutton
CISO, Zscaler
Jerry Archer

The CSA, in providing a set of goals through the CCSK, is challenging security practitioners to become the cloud thought-leaders we need today and tomorrow to ensure safe and secure cloud environments. In developing the CCSK, CSA is 'setting the bar' for security professionals and providing business executives a means to gauge the opinions and rhetoric associated with security in the cloud.

Jerry Archer
SVP and Chief Security Officer for Sallie Mae

With CCSK certification, professionals who have Cloud Computing responsibilities can demonstrate thorough Cloud security knowledge based on the CSA's catalogue of security best practices.

Patrick Harding
CTO, Ping Identity

The CCSK study materials were very upfront and clear in presenting what was needed to pass the exam. The Security Guidance V.4 was all encompassing and included a lot of materials, some of which wasn’t tested on but I appreciate learning about regardless. Overall, I think the study material provided along with the guidance for how CSA breaks down the CCSK testing domains and objectives, are enough to pass the exam and gain a fundamental understanding of what is being tested.

Nabli Ali
Senior Associate with Schellman

CCSK Success Stories

CCSK Success Story: From the Head of IT Infrastructure and Security
Read now
 
CCSK Success Story: From a Cybersecurity and Privacy Officer
Read now
 
CCSK Success Story: From an IT and Cloud Security Manager
Read now
 
CCSK Success Stories: From a Regional Information Security Officer
Read now
 
CCSK Success Stories: From a Project Manager of Certificate Policy
Read now
 
CCSK Success Stories: From the VP of Internal Security and IT
Read now
 
Read more CCSK Success Stories
Continue your professional development on Circle, CSA's online community platform

CCSK digital badge now available through Credly

CCSK holders can showcase their credentials through a CCSK digital badge, now being provided in partnership with Credly, a leading digital credential service provider. A digital badge helps you gain recognition for earning your certificate by allowing you to easily display and share your achievement. Recruiters and employers will be able to quickly verify your competencies and skills.

Your digital badge has a unique URL and can be used in your email signature, personal websites, social media sites such as LinkedIn and Twitter, as well as on electronic copies of resumes. It serves as a digital representation of your knowledge, skills, and credential achievements.

Claim your CCSK digital badge now

Learn more about digital badges