CCSK Journey - sanpoduri/upskill GitHub Wiki

Hi

Hope you are doing well.

I would like to share my CCSK (Certified Cloud Secuirty Knowledge) certificate journey from cloudsecurityalliance.org with you and hope the below plan help you in acquiring the necessary knowledge and clearing the exam.

  1. Exam Format# The CCSK is an open-book, online exam
  2. Time # 90 minutes with 60 multiple-choice questions with no -ve marking
  3. Schedule# No pre-scheduling is needed, you can buy and write whenever you are ready

Material to follow #

The best part for this exam is, all the material is available in cloudsecurityalliance.org with free of cost.

  1. CSA Security Guidance doument V4
  2. Cloud Controls Matrix
  3. ENISA Cloud Security Guide for SMEs

Objective of this exam

This exam is a non-technical test and it is intended to give you an understanding of various offerings such as cloud deployment models/service models and security options available on cloud for a consumer

Prepartion Plan

The below study plan is for those individuals who have limited/No cloud background. This certificate can be cleared in a months time , with a overall prepartion of 12 to 15 hrs of study.

Course breakup # 1. There are about 14 domains in Security Guidance document and I assume you are a working professional so you can plan to read 3/4 domains per week.

Note # If you are alraedy holding any fundametal certification from popular cloud providers (such as AWS/Azure/GCP), you may skip few domains such as Domain #1: Cloud computing concepts & architectures 2. Since many of us might come from traditional IT , there are few topics where you need focus /drill down

a. IAM (Identity and access Management)

You may watch below free youtube vidoes to get better understanding on Federation.

Identity and Access Management: Technical Overview [Video]. YouTube. https://www.youtube.com/watch?v=Tcvsefz5DmA SAML 2.0: Technical Overview [Video]. YouTube. https://www.youtube.com/watch?v=SvppXbpv-5k An Illustrated Guide to OAuth and OpenID Connect [Video]. YouTube. https://www.youtube.com/watch?v=t18YB3xDfXI

b. APIs might be little difficult to understand

SOAP & REST API

What is a REST API? [Video]. YouTube. https://www.youtube.com/watch?v=SLwpqD8n3d0

c. Privacy Laws/Agreements

  1. ENISA Cloud Security Guide for SMEs : This is about 40 page, small PDF and crucks of it is to understand broad level 11 security oppurtunities for Small amd Medium Enterprise which can leverage on cloud. 11 security risks and 12 security questions, these organizations should understand before hosting on cloud
  2. CCM # Cloud Control Matrix : It is an excel sheet where the security domains and associated controls are mapped against, you dont need to remember anything but just know that this is available for organizations to refer. Since this is a open book test, you can refer the sheet during the exam based on questions.

I hope the above information helps you, happy learning and good luck with your test. You may DM me if you need any clarifications on any of the topics, dont worry i dont charge any fee. Do note i have shared the links which helped me and have no association with them.