Share:
View:
1720
Dec 18, 2020
Cloud computing is the future of the Information Technology sector, and considering its security is an important aspect. CCSK, an abbreviation of Certificate of Cloud Security Knowledge, is the first user certification for secure Cloud computing in the industry. CCSK is designed in such a way that it ensures awareness of the security threats and best practices for securing the Cloud. CCSK is a well-structured way of learning about the security of the Cloud, and it also validates your learnings. This certification caters to all the Cloud security issues faced by an organization. It gives you a better understanding of the technical and non-technical considerations when moving a company or an organization into the Cloud platform. It will provide you with a broader understanding of the Cloud platform and round off the vulnerability edges you haven’t been exposed to.
Domains of CCSK
CCSK’s body of knowledge is split up into 14 domains that are listed below:
Domain 1: Cloud Architecture
- Definition of Cloud Computing
- Essential characteristics
- Cloud Service Models
- Cloud Deployment Models
- Multi-Tenancy
- CSA Cloud Reference Model
- Jericho Cloud Cube Model
- Cloud Security Reference Model
- Cloud Service Brokers
- Service Level Agreements
Domain 2: Governance and Enterprise Risk Management
- Contractual Security Requirements
- Enterprise and Information Risk Management
- Third-Party Management Recommendations
- Supply chain examinations
- Use of Cost Savings for Cloud
Domain 3: Legal Issues, Contracts, and Electronic Discovery
- eDiscovery considerations
- Jurisdictions and data locations
- Liability for activities of subcontractors
- Due diligence responsibility
- Federal Rules of Civil Procedure and electronically stored information
- Metadata
- Litigation hold
Domain 4: Compliance and Audit Management
- Right to audit
- Compliance impact on Cloud contracts
- Audit scope and Compliance scope
- Compliance analysis requirements
- Auditor requirements
Domain 5: Information Management and Data Security
Six phases of the Data Security Lifecycle and their key elements
- Volume Storage
- Object Storage
- Logical vs. Physical locations of data
- Three valid options for protecting data
- Data loss prevention
- Detection Data Migration to the Cloud
- Encryption in IaaS, PaaS, and SaaS
- Database Activity Monitoring and File Activity Monitoring
- Data Backup
- Data Dispersion
- Data Fragmentation
Domain 6: Interoperability and Portability
Definitions of Portability and interoperability
- Virtualization impacts on Portability and Interoperability
- SAML (Security Assertion Markup Language) and WS-Security
- Size of Data Sets
- Lock-In considerations by Iaas, PaaS, and SaaS delivery models
- Mitigating hardware compatibility issues
Domain 7: Traditional Security, Business Continuity and Disaster Recovery
Four D’s of perimeter security
- Cloud Backup and Disaster Recovery services
- Customer due diligence related to BCM/DR
- Business Continuity Management/Disaster Recovery due diligence
- Restoration Plan
- The physical location of Cloud provider
Domain 8: Data Center Operations
Relation to Cloud control matrix
- Queries run by Datacenter operators
- Technical aspects of a provider’s data center operations customer should understand
- Logging and Report generation in multisite Clouds
Domain 9: Incident Response
Factors allowing for more efficient, effective containment and recovery in a cloud
- The main data source for detection and analysis of an incident
- Investigating and containing an incident in an Infrastructure as a Service environment
- Reducing the occurrence of application-level incidents
- How often should incident response testing occur
- Offline analysis of potential incidents
Domain 10: Application Security
- Identity, entitlement, and access management (IdEA)
- SDLC impact and implications
- The difference in S-P-I models
- Consideration when performing a remote vulnerability test of a Cloud-based application
- Categories of security monitoring for applications
- Entitlement
Domain 11: Encryption and Key Management
- Adequate encryption protection of data in the Cloud
- Key management best practices, location of keys, keys per user
- Relationship of Tokenization, Masking, Anonymization, and Cloud database controls
Domain 12: Identity, Entitlement and Access Management
- Relationship between identities and attributes
- Identity Federation
- Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
- SAML and WS-Federation
- Provisioning and Authoritative sources
Domain 13: Virtualization
- Security concerns of Hypervisor architecture
- VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps
- In-Motion VM characteristics that can create a serious complexity for audits
- How Virtual Machine communication bypass network security controls
- VM attack surfaces
- Compartmentalization of VMs
Domain 14: Security as a Service
- Ten categories
- Barriers to developing full confidence in security as a service
- When deploying Software as a service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA.
- Logging and reporting implications
- How can web security as a service be deployed?
- What measures do security as a Service provider take to earn the trust of their customers
Benefits of earning a CCSK (Certificate of Cloud Security Knowledge)
CCSK provides you a broader perspective of business considerations and offers proficiency in technical considerations and organizational considerations. Some of the benefits of CCSK are:
- It proves your proficiency in key cloud security affairs.
- It increases your possibilities for job opportunities.
- It is an add-on to your skills as a Cloud certified professional.
- It exhibits your technical knowledge, skills, and abilities to utilize controls modified for the Cloud viably.
- It helps you learn the best practices of security when dealing with many more responsibilities.
- It gives you a thorough understanding of the security domain of Cloud architecture.
Exam Details
Exam Pattern: Multiple Choice questions (MCQs)
Number of Questions: 60
Time Duration: 90 minutes
Passing score: 80%
Language: English
Who should do CCSK?
Although it is not mandatory, it is recommended that the candidate should have worked in IT-related services for at least six months before appearing for this exam. The target audience for the CCSK certification is as follows:
- IT Executives
- IT Directors
- IT Managers
- Information Security Consultants
- Technology Consultants
Why CCSK with InfosecTrain
You can opt for the CCSK (Certificate of Cloud Security Knowledge) Training, for professional knowledge and an in-depth understanding of Cloud security. We are one of the leading training providers with our well-versed and experienced trainers. The courses will help you understand the basic concepts and provide a sound knowledge of the subject. This certification will truly merit each penny and minute you have invested.