CCSK v5 Knowledge Guide

The Certificate of Cloud Security

Knowledge

Demonstrate a mastery of
essential and up to date cloud
security knowledge with the CCSK
Introduction to the CCSK Download Study New Content
The Certificate of Cloud Security Knowledge (CCSK) is regarded
Materials and Tools
as the benchmark for cloud security expertise providing
a comprehensive and unbiased understanding of how to
CCSK Prep-Kit
Included in
CCSK v5
effectively secure data in the cloud. The CCSK enables everyone
from information security experts to CEOs the ability to utilize
cloud services more securely and speak with confidence about Access everything you need to prepare for the industry’s
cloud security concerns. Whether you are just beginning your leading cloud security certificate in this curated collection of
comprehensive study resources. The prep-kit is designed to CCSK v5 has been substantially
cloud journey or are a seasoned cloud security expert, earning the CCSK certificate is the first step
give you all the necessary tools to prepare independently for updated to provide a detailed
in preparing for other cloud certifications. The newly updated certificate will prove your skills in Zero
the CCSK exam. understanding of modern cloud
Trust, DevSecOps, Cloud Telemetry and Security Analytics, Artificial Intelligence, and more. Learn
components and state-of-the-art
more about what earning your CCSK looks like in this guide.
Inside the CCSK v5 prep-kit, you will find: security best practices. Leveraging
the latest in AI technology, the CCSK
• Study Guide v5 self-paced online course sounds
• Security Guidance for Critical Areas of Focus in a little different from earlier versions
Cloud Computing v5 as an AI assistant was used for the

Benefits of Having Your CCSK •

•
Knowledge Guide
Recommended Readings
voiceovers (with added overviews
from instructors), enabling the course
• Justification Letter content to be updated more quickly
over time.
Demonstrate a mastery of essential and up to date cloud security • FAQ
• Infographic - How to Earn your CCSK
knowledge with the CCSK. • 50 Sample Questions CCSK v5 provides a comprehensive
• Overview Presentation catalog of the essential knowledge
Cloud computing is now the dominant information technology system and cloud security is cybersecurity professionals need to
the foundation of modern cybersecurity programs. Professionals earning the CCSK v5 not only master including:
demonstrate a mastery of essential and up to date cloud security knowledge but also retain
permanent access to the first of its kind CCSK Chatbot. This is a unique tool to help professionals
learn the body of knowledge as well as providing ongoing assistance in daily challenges with its
Additional Study • The latest in cloud architecture,

Materials
cloud native security, workloads,
unique interactive capabilities. CCSK v5 is the mark of the modern cybersecurity professional. virtual networking, data protection,
DevSecOps, Zero Trust, Generative
Career Advancement Earn a Digital Badge and AI and much more
With 83% of corporate boards recommending
an increase in IT security headcount and a
Certificate CSA Research Publications • Vital information about managing
Boost your professional viability by displaying risks, achieving compliance,
3.4 million global shortage of cybersecurity the CCSK digital badge and certificate on your CSA Research is created by the industry for the industry optimizing organizational
professionals1, the demand for proven digital profiles and resumes to demonstrate cloud security strategies and
cybersecurity knowledge is critical. and is both vendor-neutral and consensus driven. Our
your verified skills.
publications are created by subject matter experts who understanding the shared
responsibility between the cloud
Future Ready Skills Engage with our CCSK volunteer for CSA’s working groups which are focused on
delivering the most advanced research and tools available provider and cloud user
With coverage on AI, GenAI, Zero Trust and Community
additional rapidly emerging technologies, the across the cloud security spectrum. Recommended readings • Permanent access to the
Connect with CCSK instructors and students on
CCSK equips you to tackle both present and Circle, CSA’s online community forum, to gain from CSA Research are included at the end of each domain in groundbreaking CCSK Chatbot,
upcoming security threats. CCSK Orb, a unique tool to help
insights, share experiences and knowledge, and the Security Guidance.
learn from industry leaders who helped create you master the body of knowledge
the certificate. and provide ongoing assistance in
1
Source: NIST Cybersecurity Workforce Demand
daily challenges

2 © Copyright 2024, Cloud Security Alliance. All rights reserved. © Copyright 2024, Cloud Security Alliance. All rights reserved. 3
Topics Covered No Prerequisites Required
The CCSK v5 evaluates an individual’s knowledge and expertise in these There is no official experience required, however it is highly recommended that participants have a
12 areas of critical cloud security knowledge: basic understanding of security fundamentals such as firewalls, secure development, encryption, and
identity and access management. A familiarity with zero trust strategy, artificial intelligence, cloud
workloads and application security is particularly relevant to the updated content in CCSK v5. To learn
Domain 1: Cloud Computing Domain 7: Infrastructure & more about these topics prior to taking the CCSK v5, visit CSA’s Knowledge Center to check out our
Concepts & Architectures Networking complete training portfolio.
Describes and defines cloud computing, sets Focuses on managing the overall
baseline terminology, and details the overall infrastructure footprint and network security,
controls, deployment, and architectural including the CSP’s infrastructure security
models. responsibilities.

Domain 2: Cloud Governance

Focuses on cloud governance with an
Domain 8: Cloud Workload
Security ​​Choose How to Study
emphasis on the role of security and how Focuses on the related set of software and
enterprise governance helps align the data units that are deployable on some type of
strategic, tactical, and operational capabilities
of information and technology with the
infrastructure or platform. Study on Your Own
business objectives.
Domain 9: Data Security Use the free CCSK Prep-Kit to facilitate your independent learning
Addresses the complexities of data security in style. The kit includes a comprehensive study guide, FAQ, overview
Domain 3: Risk, Audit, & the cloud, covering essential strategies, tools, presentation, recommended readings, and 50 sample questions to
Compliance and practices for protecting data in transit and
help you prepare on your own.
Focuses on cloud security, risk, audit, and at rest.
compliance, including evaluating cloud
service providers and establishing cloud risk
registries. Domain 10: Application Enroll in Training
Security
Focuses on the unique challenges and
Domain 4: Organization opportunities presented by application Self-paced training online
Management security in the cloud environment from the
Focuses on managing your entire cloud initial design phase to ongoing maintenance.
If you have a hard time fitting in an instructor-led course and/or
footprint, including securing and validating
need training flexible enough for your schedule and budget, then
service provider deployments.
Domain 11: Incident Response our self-paced training may be a good fit. You can complete CCSK
& Resilience training modules on-the-go, without any deadlines, at a pace that’s
Domain 5: Identity & Access Focuses on identifying and explaining best right for you.
Management practices for cloud incident response and
Focuses primarily on IAM between an resilience that security professionals may
organization and cloud providers or between reference when developing their own incident Instructor-led training online or in-person
cloud providers and services. plans and processes.
(lectures only class)
Domain 6: Security Monitoring Domain 12: Related Ideal for individuals who prefer a more personal training experience
Presents unique security monitoring Technologies & Strategies and direct interaction with an instructor. Check out the current
challenges and solutions for cloud Introduces the foundational concepts class schedule to find one that works for you.
environments, emphasizing the distinct and focuses on developing a strategic
aspects of cloud telemetry, management cybersecurity approach to Zero Trust and
plane logs, service and resource logs, and the Artificial Intelligence.
integration of advanced monitoring tools.

4 © Copyright 2024, Cloud Security Alliance. All rights reserved. © Copyright 2024, Cloud Security Alliance. All rights reserved. 5
 CCSK Training and Certificate Options
Train your Team
CCSK Training & Exam CCSK Training & Exam
CCSK v5 CCSK Exam
Self-Paced Instructor-Led

Course Title CCSK Exam CCSK Foundation CCSK Foundation CCSK Plus

Online or In Person Build a cloud-savvy team. Give your staff the foundational cloud security knowledge they need to
Location Online Online Online or In Person
with Labs optimize the protection of the cloud infrastructure you rely on or provide. CSA offers team trainings
Self Study with Interactive multimedia
designed and proven to:
Study Mode Instructor Led Instructor Led
Study Guides with practice quizzes
• Fill your cloud security skills gaps
Based on time to Hours will fluctuate 2 days minimum 2 days minimum
Time to Complete read Study Guides as content is regularly Online or In Person Online or In Person • Get all your stakeholders trained, certified and aligned
independently updated Classroom Classroom • Meet your organization’s staff training needs with exactly what fits your needs and budget
• Recognize training completion and incentivize staff with certificates and digital badges for
Digital Study Guides
Written Materials Only 365-day access 365-day access 365-day access 365-day access
passing the exam

Fully Guided Study While any organization can take advantage of CSA team training opportunities, CSA corporate
Audio/Video Materials members can receive up to a 40% discount on team training when you train up to 100 employees. To
verify your organization’s membership status and see if you qualify for discounted team training, or
Practice Quizzes or to learn how to become a CSA corporate member, contact [email protected].
Sample Exam Questions

Expert Instructor Access

Expert Q&A

Community Support
Course Types
with CSA Circle

Exam Tokens
One token, two attemps. Also available without
CCSK Foundation
Valid for 2 years. exam tokens for $495
Covering 12 domains of critical cloud security knowledge, this
CCSK Orb lectures-only class covers the core concepts, best practices and
New Chatbot
recommendations for securing an organization on the cloud
Hands-On Labs regardless of the provider or platform.

Starting at $1695*
Starting at $995*
Price $445 $795 See classes with AWS
See classes for details
and Azure Labs for details CCSK Plus
All versions are available for teams in enterprise organizations and government agencies.
Team Pricing
Contact [email protected] for details. The CCSK Plus contains all the material in the foundation course
with the addition of hands-on labs. Learn how to apply the
*Baseline pricing only. Instructor-led pricing varies based on a variety of circumstances such as location, scope, duration, and more. knowledge from the lectures by performing a series of exercises
to bring a fictional organization securely into the cloud. More

GI Bill Coverage
information about the expanded material and labs covered in the
CCSK Plus can be found here.

United States veterans can now receive full coverage for the CCSK exam under the GI Bill. The Post-9/11
GI Bill is eligible for veterans who have served at least 90 days of active duty service after September
10, 2001 and received an honorable discharge. You can learn more about the requirements and
reimbursement process here. Veterans who do not qualify under the GI Bill are eligible to receive a 25%
discount on the CCSK exam. Contact [email protected] to learn if you qualify.

6 © Copyright 2024, Cloud Security Alliance. All rights reserved. © Copyright 2024, Cloud Security Alliance. All rights reserved. 7
CCSK Exam Structure Take the Exam

Exam Format Register on the CSA Exams website

This is an open-book, online exam, completed in 120 minutes with 60 multiple-choice Simply create an account on CSA Exams to register for the exam. Because the exam is
questions selected randomly from the CCSK question pool. The minimum passing online, you can take the test where and when you want after purchasing an exam token.
score is 80%. You have two attempts to pass the exam. There is no waiting period to
take your second attempt if you fail the first attempt, however it is recommended that
students take a break and look over the study materials before attempting the exam a Purchase a CCSK exam token
second time.
Each CCSK exam token provides you with two test attempts. If you choose to enroll in a
training course, a complimentary exam token is included.
Question Format
All questions are multiple choice or true and false. Take the exam
Make sure you have thoroughly studied the exam materials and reviewed your notes if you
Exam Difficulty took a training course.

It may be open-book, but don’t underestimate the difficulty of this exam. Questions are
selected at random from the CCSK question pool, so having a solid understanding of
each domain and the material covered in the study guide is essential if you want to pass. After Passing the Exam
Domains & Number of Questions
Continuing Education Credits/Certificate
Domains # of Questions Although there are currently no official CPE designations for any of CSA’s training courses, we do
issue a certificate of completion with a stated number of hours to complete the course for all courses
1. Cloud Computing Concepts & Architectures 5 we offer. You can then use this certificate of completion for CPE credit submission, but it will be
2. Cloud Governance 5 determined if it qualifies for CPE credit by whomever receives your request. Credit hours for the
3. Risk, Audit & Compliance 5 online self-paced course will fluctuate as the content is regularly updated.
4. Organization Management 5
5. Identity & Access Management 4
6. Security Monitoring 4 Digital Badge
7. Infrastructure & Networking 6
8. Cloud Workload Security 7 A CCSK digital badge is issued upon successful completion of
9. Data Security 5 the exam. Leverage the CCSK digital badge on your social media
10. Application Security 6 channels and resume to showcase your knowledge and validate
11. Incident Response & Resilience 5 your expertise.
12. Related Technologies & Strategies 3

8 © Copyright 2024, Cloud Security Alliance. All rights reserved. © Copyright 2024, Cloud Security Alliance. All rights reserved. 9
Related CSA Certificates and Trainings Share your Expertise
Certificates Forge Industry Connections
on Circle
Certificate of Competence of Zero Trust (CCZT)
Connect with other CCSK holders or share your knowledge
The Certificate of Competence in Zero Trust (CCZT) is the authoritative with students on Circle, CSA’s online community forum that
Zero Trust training and certificate that delivers the knowledge needed provides a space for professionals, novices and visionaries to
to understand the core concepts of Zero Trust. Developed by CSA, the share information. Join the CCSK Community Group and share
trusted industry leader for cloud security certificates, the CCZT builds tips learned from taking the training or exam, and gain insight
knowledge to drive the definition, implementation and management of from other industry leaders in cloud security to continue your
Zero Trust over time. learning journey.

Certificate of Cloud Auditing Knowledge (CCAK)

Join a Research Working Group
The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential
After earning your Certificate of Cloud Security Knowledge,
available for industry professionals to demonstrate their expertise in
start applying your knowledge by volunteering for one of CSA’s
the essential principles of auditing cloud computing systems. The CCAK
many working groups. Working Group volunteers have the
credential and training program fills the gap in the market for technical
opportunity to contribute to and author research publications,
education for cloud IT auditing.
and elevate their professional profile by receiving recognition
across CSA’s promotional channels. Whether you are looking to

Training join as an observer or author a research report, we encourage

you to join. Our working groups are composed of a diverse
network of industry practitioners and corporate members that
Cloud Infrastructure Security continuously cycle through researching, analyzing, formulating
and delivering arguably the most advanced research and tools
Focusing on fundamental areas of cloud computing such as Top available across the cloud security spectrum.
Threats, Cloud Key Management, Microservices and Containers,
DevSecOps and more, the Cloud Infrastructure Security courses
are designed to be succinct, short-form courses composed of up to
several units each and a five-question knowledge check at the end.

STAR Lead Auditor

The STAR Lead Auditor Training is a self-paced course designed to help

assessors, service providers, and consultants better manage the security
of cloud services, as well as provide the credentials necessary to become
a qualified STAR Auditor. This course equips individuals with the skills and
knowledge required to audit cloud service providers (CSPs) against the
STAR Certification scheme.

10 © Copyright 2024, Cloud Security Alliance. All rights reserved. © Copyright 2024, Cloud Security Alliance. All rights reserved. 11
Developer Debrief: were predominantly used by early adopters or organizations just dipping their toes into cloud. Over
the decade-plus we’ve been teaching and working operationally in the cloud, we learned a lot more

Who Should Earn the CCSK? about what skills and knowledge are needed to be successful in cloud security in today’s far more
complex environments.

So we built version 5 from the ground up. Instead of just adapting the previous material, we wrote
Meet one of the designers and trainers for our CCSK course, Rich
every module from scratch, but pulled in the older material we knew still worked well based on our
Mogull. Having been involved in the development of the CCSK since the decade-plus of instructing.
beginning, we asked him to share his insights on the latest version.
We started with an outline that was released for review among CCSK instructors and then the
public at large. We then developed each module, which was reviewed by a select group of the top
CSA instructors. Where needed, we would perform additional research and engage with the CSA
Rich Mogull Research Team.
SVP Cloud Security at FireMon &
CEO Securosis

What is one of the most critical additions to v5?

This is really tough, but I’ll say the addition of organization management content, which combines
with the governance section. When we first created the CCSK, we didn’t even have the capability to
Who should pursue CCSK v5? implement organization hierarchies and multi-deployment architectures. In my advisory work I still
see a lot of enterprises struggle with how to design and manage their cloud footprint, so it was a bit
Version 5 of the CCSK is designed for a wide range of IT professionals with around 2 years of of a passion project of mine to add this to the CCSK.
experience. While a background in security will help, we made sure it also addresses the needs of
operations and development professionals working in cloud, especially if they work without the help
of a designated security team. I also strongly recommend
anyone with a previous version of the CCSK to update to v5,
What Others Are Saying
since this reflects the latest knowledge on cloud security
practices. I also strongly recommend “The CCSK is a benchmark for cloud security expertise. Our team of security architects and analysts has greatly benefited from
anyone with a previous version of the comprehensive understanding of cloud security principles and practices that this certification offers. It has enabled us to
implement robust security strategies that align with industry best practices.”
the CCSK to update to v5, since
How does CCSK set up students this reflects the latest knowledge Shankar Chebrolu

for future opportunities and on cloud security practices.

Director of Security Architecture at Red Hat

learning? “Obtaining the CCSK certificate was one of the best decisions I’ve made for my professional growth. Studying for the certificate
not only deepened my technical knowledge but also improved my ability to communicate security concepts to non-technical
I like to describe the CCSK as a “survey course.” The material is meant to give you a broad background stakeholders. It’s a fantastic certificate for anyone serious about cloud security.”
so you better understand where to dig in deeper on specific topics/trainings. It also provides the
context to help you understand more focused education. Salvador Guarino Jr.
CISO at PwC Philippines

How were the updates for v5 determined? “The CCSK has proven to be an invaluable resource for our leadership teams. It ensures that our leaders are well-versed in the
latest cloud security trends and technologies, enabling us to make informed decisions and maintain a competitive edge in the
We went through an extensive process which started with stepping back and reorganizing the entire market.”
structure of the training to better fit how cloud security is currently practiced. If you look at previous
Tim Chase
versions of the CCSK, they were designed when cloud technologies were in a very early state and
Global Field CISO at Laceworks

12 © Copyright 2024, Cloud Security Alliance. All rights reserved. © Copyright 2024, Cloud Security Alliance. All rights reserved. 13
Online training based on CSA’s 
vendor-neutral research
Level up your cloud computing knowledge with the variety of
CSA online courses and certificates for beginners and pros alike.

knowledge.cloudsecurityalliance.org