Share:
View:
2088
Jul 16, 2024
The Certificate of Cloud Security Knowledge (CCSK) by the Cloud Security Alliance (CSA) has long been the gold standard for cloud security expertise. With the introduction of CCSK v5, significant updates and enhancements have been designed to address the evolving challenges and technological advancements in cloud security. This new version reflects the latest best practices and integrates emerging topics such as AI/GenAI, Zero Trust, DevSecOps, and advanced data security measures.
CCSK v5 expands on the foundational knowledge provided in CCSK v4 by incorporating new domains and topics while also refining and updating existing content. This ensures that security professionals are equipped with the current information and skills needed to protect cloud environments effectively.
Introduction to Certificate of Cloud Security Knowledge (CCSK)
The Certificate of Cloud Security Knowledge (CCSK) validates expertise in cloud security best practices, governance, risk management, compliance, and incident response. It demonstrates proficiency in securing cloud environments, understanding cloud architecture, and implementing effective cloud security strategies, ensuring professionals are well-equipped to handle modern cloud security challenges.
What’s New in CCSK v5?
Aspect |
CCSK v4 |
CCSK v5 |
Total Domains |
14 Domains |
12 Domains |
New Topics Added |
– |
- Security Monitoring
- Generative AI
- Zero Trust
- Cloud Telemetry & Analytics
- Data Lakes
- Serverless/FaaS
- CI/CD
- DevSecOps
|
Content Reorganization |
Distributed across 14 domains |
Consolidated into 12 more streamlined domains |
Practical Tools |
Focused on traditional cloud security tools |
Emphasis on modern cloud security tools, including AI and analytics |
CCSK v5 Exam Structure
Exam Name |
CCSK v4 |
CCSK v5 |
Exam Duration |
90 Minutes |
120 Minutes |
Number of Questions |
60 Questions |
Exam Format |
Multiple choice questions |
Passing Score |
80% Minimum passing score |
Exam Language |
English, Japanese, Spanish |
Domain Comparison: CCSK v4 vs. CCSK v5
Green for new additions
Red for removed topics
Blue for renamed topics
Yellow for expanded topics
Collaboration, automation, continuous delivery
CCSK v4 Domains |
CCSK v5 Domains |
Domain 1: Cloud Computing Concepts and Architectures
- Definitions of Cloud Computing
- Service Models
- Deployment Models
- Reference and Architecture Models
- Logical Model
- Cloud Security Scope, Responsibilities, and Models
- Areas of Critical Focus in Cloud Security
|
Domain 1: Cloud Computing Concepts & Architectures
- Definitions of Cloud Computing
- Service Models
- Deployment Models
- Reference and Architecture Models
- Logical Model
- CSA Enterprise Architecture Mode
- Cloud Security Scope, Responsibilities, and Models
|
Domain 2: Governance and Enterprise Risk Management
- Cloud Governance
- Enterprise Risk Management in the Cloud
- Effects of various Service and Deployment Models
- Cloud Risk Trade-offs and Tools
|
Domain 2: Cloud Governance
- Cloud Governance
- The Governance Hierarchy
- Cloud Security Frameworks
- Policies
|
Domain 3: Legal Issues, Contracts and Electronic Discovery
- Legal Issues
- Contracts
- Electronic Discovery
|
Not Included |
Domain 4: Compliance and Audit Management
- Compliance in the Cloud
- Compliance impact on cloud contracts
- Compliance scope
- Compliance analysis requirements
- Audit Management in the Cloud
- Right to audit
- Audit scope
- Auditor requirements
|
Domain 3: Risk, Audit, & Compliance
- Cloud Risk Management
- Compliance & Audit
- Jurisdictions
- Cloud-Relevant Laws & Regulations Examples
- Compliance Inheritance
- Artifacts of Compliance
- Governance, Risk, Compliance Tools & Technologies
|
Not Included |
Domain 4: Organization Management
- Organization Hierarchy Models
- Managing Organization-Level Security Within a Provider
- Considerations for Hybrid & Multi-Cloud Deployments
|
Domain 5: Information Governance
- Data Governance
- Information Lifecycle Management
|
Topics merged into Domain 9: Data Security
|
Domain 12: Identity, Entitlement, and Access Management
- IAM Standards for Cloud Computing
- Managing Users and Identities
- Authentication and Credentials
- Entitlement and Access Management
|
Domain 5: Identity & Access Management
- IAM Standards for Cloud Computing
- Managing Users and Identities
- Authentication and Credentials
- Entitlement and Access Management
|
Domain 6: Management Plane and Business Continuity
- Management Plane Security
- Business Continuity Planning
- Architect for Failure
|
Domain 6: Security Monitoring
- Cloud Monitoring
- Beyond Logs – Posture Management
- Cloud Telemetry Sources
- Collection Architectures
- AI for Security Monitoring
|
Domain 7: Infrastructure Security
- Cloud Network Virtualization
- Security Changes With Cloud Networking
- Challenges of Virtual Appliances
- SDN Security Benefits
- Micro-segmentation and the Software Defined Perimeter
- Hybrid Cloud Considerations
- Cloud Compute and Workload Security
|
Domain 7: Infrastructure & Networking
- Cloud Infrastructure Security
- Cloud Network Fundamentals
- Cloud Network Security & Secure Architectures
- Infrastructure as Code (IaC)
- Zero Trust for Cloud Infrastructure & Networks
- Secure Access Service Edge (SASE)
|
Domain 8: Virtualization and Containers
- Mayor Virtualizations Categories
- Network
- Storage
- Containers
|
Domain 8: Cloud Workload Security
- Introduction to Cloud Workload Security
- Securing Virtual Machines
- Securing Containers
- Securing Serverless and Function as a Service (FaaS)
- Securing AI Workloads
|
Domain 11: Data Security and Encryption
- Data Security Controls
- Cloud Data Storage Types
- Securing Data in the Cloud
- Managing Data Migrations to the Cloud
|
Domain 9: Data Security
- Data Security Controls
- Primer on Cloud Storage
- Cloud Data Encryption at Rest
- Data Security Tools and Techniques
- Data Security for Artificial Intelligence
- Data Lakes
|
Domain 10: Application Security
- Opportunities and Challenges
- Secure Software Development Lifecycle
- How Cloud Impacts Application Design and Architectures
|
Domain 10: Application Security
- Opportunities and Challenges
- Secure Development Lifecycle
- Architecture’s Role in Secure Cloud Applications
- Identity & Access Management
- DevOps & DevSecOps
- CI/CD
|
Domain 9: Incident Response
- Incident Response Lifecycle
- How the Cloud Impacts IR
|
Domain 11: Incident Response & Resilience
- Incident Response Lifecycle
- How the Cloud Impacts IR
- Resilience
|
Domain 13: Security as a Service
|
Not Included
(Topics are now integrated across other domains) |
Domain 14: Related Technologies
- Big Data
- Internet of Things
- Mobile Data
- Serverless Computing
|
Domain 12: Related Technologies & Strategies
- Zero Trust
- AI/Generative AI
|
CCSK v5 New Topics and Domains in Detail
CCSK v5 introduces several new topics that reflect the latest advancements in cloud security.
- AI/Generative AI: Replaces IoT and Mobile Data to address AI’s critical role in cloud security, including governance and secure handling of AI-generated data.
- Zero Trust: Assumes no implicit trust, ensuring strict authentication and authorization for every access request, minimizing the attack surface in cloud environments.
- Data Lakes: Reflects the importance of managing and securing vast amounts of unstructured and structured data, focusing on governance and compliance.
- Security Monitoring, Cloud Telemetry & Analytics: Enhanced focus on security operations, cloud telemetry, and analytics to improve proactive security measures and incident response.
- DevSecOps: Embeds security practices into DevOps processes, promoting collaboration and automating security testing throughout the software development lifecycle.
- CI/CD: Focuses on automating the build, test, and deployment processes to enhance the security and reliability of cloud applications.
- Serverless/FaaS: Addresses the security challenges and best practices of serverless architectures, including managing permissions and securing function code.
- Resilience: Emphasizes strategies for disaster recovery and business continuity, ensuring robust cloud architectures that can quickly recover from disruptions.
Removed Topics
CCSK v5 removes detailed discussions on certain topics that were covered in CCSK v4:
- Security as a Service (Sec-aaS): This topic has been distributed across several other domains rather than being a standalone focus.
- Detailed Legal and Regulatory Aspects: The coverage of laws and regulations has been reduced to focus more on practical implementation and compliance strategies.
Enhanced and Expanded Content
CCSK v5 places a stronger emphasis on areas that have become increasingly critical:
- Cloud Workloads: Includes a deeper dive into securing cloud-native applications and serverless architectures.
- Governance, Auditing, and Compliance: More comprehensive coverage to help professionals ensure their organizations meet regulatory requirements and best practices.
- Incident Response: Updated to reflect modern strategies and tools for effectively managing and responding to security incidents.
CCSK Training with InfosecTrain
Understanding the differences between CCSK v4 and CCSK v5 is crucial for both current certification holders and those new to cloud security. This comparison highlights the enhancements and new focus areas, providing a clear picture of how CCSK v5 better prepares professionals to tackle contemporary cloud security threats and challenges.
At InfosecTrain, we offer comprehensive CCSK Foundation and CCSK v5 training courses. These CCSK courses provide in-depth knowledge and hands-on experience in cloud security, preparing professionals for the CCSK exams. With expert instructors, practical labs, and up-to-date content, we ensure that participants gain the necessary skills and expertise to excel in cloud security roles and effectively secure cloud environments.
TRAINING CALENDAR of Upcoming Batches For CCSK Plus
Start Date |
End Date |
Start - End Time |
Batch Type |
Training Mode |
Batch Status |
|
08-Feb-2025 |
23-Mar-2025 |
09:00 - 12:00 IST |
Weekday |
Online |
[ Open ] |
|