Video Transcript
In this lesson, we're going to talk about the CCSK exam itself and I'm going to give you an overview of the materials it covers and some background on the exam as well. The exam is administered by the Cloud Security Alliance or I should say more specifically, the Cloud Security Alliance is who provides you with the actual CCSK certificate and they are the group that creates the test content of the actual exam. They've been defining and raising awareness for security Cloud best practices since about 2008, that's the real core mission. They're not specific to any particular Cloud vendor, in fact, they're not even specific to public Cloud versus private Cloud. More so the difference is that the Cloud concepts bring when it comes to security. They have chapters throughout the globe that host local, regional, and national summits.
Once you get your certification, even before you have your cert, go ahead and reach out. If you're interested in providing a professional networking group, they host educational workshops on a regular basis, they operate the CSA Security Trust and Assurance Registry, also known as the STAR. We're going to look at that a little bit later when we're going through content. It's a great registry centralized that takes a look at all the different vendors and Cloud vendors when we're talking about not just the traditional public Cloud vendors, the AWS, Azure, Google, DigitalOcean, Alibaba, and so on.
Also Cloud vendors that are providing SaaS-based services who may themselves be working within those public Cloud vendors. As I mentioned, 2008 is when the CSA started they officially formed in 2009. The first version of the security guidance for critical areas of focus for Cloud computing was subsequently issued in 2009 as well. We are going to be looking at Version 4 in this particular exam preparation, and in a few moments we're going to actually navigate to their site because I'm going to want you to get a copy of this guidance and even read it for yourself because it is what a lot of the exam questions are based off of the material in that guidance. 2010 is when they actually created the CCSK certification itself, and then in 2015, they worked with ISC organization to develop the CCSP.
One of the certifications I have, the CISSP, Certified Information Systems Security Professional is administered by a different group other than the CSA. Then once you get the CISSP, you can then get a specialized certification called the CCSP, which is the Cloud Certified Security Professional. ISC who administers the CCISP, they worked with the CSA to create that certification. Let's talk about the exam itself, it's administered online and it is open book. If you have good notes, if you take notes, if you use the notes associated with this course, if you collect some of the notes and materials that we're going to be acquiring in a few moments as well for additional studies, however you want do it, it is open-book. You only have 90 minutes to answer 60 multiple choice questions. That's a minute and a half per question.
Yes, you could try to Google away, but the reality is you're not going to make it through and find the answers to all 90 questions, or frankly, with a passing requirement of 80 percent score. Even 80 percent of those 60 questions, I think you're going to have a very, very tough time googling enough answers. You're really going to want to know some of this, you're going to want to have well-organized notes. If you do that going through answering the questions, the content, it'll be much easier.
It costs $395 to take the exam, it's not overwhelmingly expensive depending on your income, but it is an amount and it's not the thing you just want to be taking the exam and wasting away your time by failing the exam and taking it again and again because it will add up. When you do get the exam, there are no annual recurring fees or anything like that. That's the good part about the certification, once you get it, it does not expire. This course includes materials, sample questions, and study notes, but it's not an official study course for the CCSK exam being sanctioned by the Cloud Security Alliance. They themselves have some official study materials that you can download for free. In addition to what you get from this Cybrary course, I'm really going to recommend that you actually obtain the free materials from Cloud Security Alliance itself directly, but switch over to our browser, and navigate to those materials. Here we have the cloudsecurityalliance.org website.
You can navigate this and find out all different and additional information about the Cloud Security Alliance itself, up-to-date white papers that they publish, good information on events as well. For this purpose, I want to navigate to the education, the training, and certificates area, which provides more information around the CCSK exam. This is where you can purchase it and actually, the exam will get administered through this website as well. You can see some of the official training materials and instructions can be purchased here. There's a free prep kit definitely recommend you download that. More specifically if we go into the training and certifications and we drop into the certificate of Cloud security knowledge, we can see here's the Security Guidance Version 4. You're definitely going to want to download that and if I scroll down a little bit further, here's where you can download that, it's a PDF. That is the main body from which the materials on the exam are pulled.
There's two other documents that you're going to want to download too, go ahead and do that because I'm going to be referencing these as we proceed in some of the later lessons in this course, the ENISA recommendations for Cloud Security and the CCM, the Cloud Controls Matrix as well. The content of the security guidance itself is broken up into 14 different domains, which you see described here. In this course, we're going to be going through the content of each one of those domains one at a time, and then providing some online quizzes and some additional notes for you. In addition to those 14 domains, we're going to cover the Cloud Controls Matrix, which is a part and area of the CCSK exam and then the ENISA recommendations also, and those being covered in these additional documents here. Go ahead and download these three documents yourself now so you have them as reference while we're going through this course. Thank you and I look forward to getting into. Domain 1. See you shortly.