Register and Prepare

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 59 minutes
Difficulty
Intermediate
Video Transcription
00:00
>> This is it. This is the final video.
00:00
Congratulations for making it here.
00:00
I'm going to cover some tips,
00:00
tricks and walk through the specifics of getting
00:00
you set up to actually take the CCSK exam.
00:00
We're going to start out by creating an account on
00:00
Cloud Security Alliance and
00:00
registering and purchasing your exam tokens there.
00:00
Just a side note that there is a free waiver
00:00
for US military veterans.
00:00
You don't have to pay the exam fee.
00:00
I highly encourage you to set a date,
00:00
put something on the calendar,
00:00
put a goal, something that you can go ahead and achieve.
00:00
Don't just say I'm going to take the exam,
00:00
but actually put it on the calendar mark off that
00:00
time that you're going to go and do that.
00:00
You don't belabor and put it off and then
00:00
subsequently forget a lot of
00:00
the information that we've
00:00
talked about and we've learned,
00:00
keep in mind you do have two attempts to pass.
00:00
You buy the token, you have two attempts.
00:00
It's not the end of the world if you do fail the exam.
00:00
You will even get another try if you fail the exam,
00:00
and you'll get a better bearing on areas you
00:00
need to focus information and materials
00:00
that you want to better have
00:00
a stronger grasp of for
00:00
the second time that you take the exam.
00:00
The material we've been discussing has really
00:00
been pulling from the CSA guidance.
00:00
You're going to want to download and study
00:00
this guidance several times over,
00:00
I encourage you to even take out a highlighter,
00:00
whether you do a digital or it's a physical highlighter.
00:00
When you're reading, you can take some notes,
00:00
jot down some thoughts.
00:00
A lot of this should be information that's
00:00
a reiteration of what you've already learned,
00:00
but you may pick up on a few new things just because
00:00
the wording and the phrasing
00:00
is a bit different in that guidance.
00:00
Review any associated videos in this course that
00:00
you have in any areas
00:00
that you've read in the guidance and it's not clear.
00:00
Hopefully between the two,
00:00
you can find a good ground and a better understanding.
00:00
If not, you can always search
00:00
the Internet a little bit to
00:00
try to get a better grasp on the concept,
00:00
87 percent of the CCSK exam
00:00
is going to be pulled from material in the guidance.
00:00
Here I have a link to the guidance.
00:00
You're just going to go to
00:00
the website, request to download.
00:00
You have to enter your own email and information,
00:00
but it's completely free for you.
00:00
In addition to the guidance,
00:00
six percent of the test is on the ENISA risk report.
00:00
You're going to make sure that you download
00:00
that and at least give it a skim.
00:00
You don't have to read it word for word because
00:00
it is only six percent of the test.
00:00
However, you will want to understand the topics and
00:00
just get a general feel for what are
00:00
the information points that exist within
00:00
this report so that when you're actually
00:00
taking the exam yourself,
00:00
you then have a feel for
00:00
this is something that I need to look at
00:00
the initial report for and I
00:00
believe it's covered in this area.
00:00
Here we also have the website that you
00:00
can go to and download it.
00:00
Again, it's a free publication that you can download it.
00:00
It's of no charge, much like the CSA guidance.
00:00
You're definitely going to get some questions on
00:00
the cloud control matrix.
00:00
Again, this is something you're going
00:00
to want to download as well.
00:00
Take a review at it firsthand,
00:00
read each of the 16 different domains,
00:00
read the 133 controls,
00:00
that's each one of the rows defined in
00:00
the Cloud Controls Matrix.
00:00
You don't have to look at all the compliance mappings.
00:00
That would be way overkill.
00:00
But certainly take a look at one or two.
00:00
Maybe you're interested in Fed ramp.
00:00
Maybe there's an ISO certification that's applicable.
00:00
Take a look at those and get a feel for okay,
00:00
I understand how the mapping,
00:00
I understand the controls from the CSA.
00:00
I understand how they map into
00:00
the different compliance regulations so that you really
00:00
do feel comfortable exploring the CCM and
00:00
knowing what materials it
00:00
covers and what it doesn't cover.
00:00
Again, the CCM is also a free downloadable spreadsheet.
00:00
You're going to go to the Cloud Security Alliance site
00:00
and then click on the CCM and download it from there.
00:00
Additionally, we have the CAIQ.
00:00
Between the CCM and the CAIQ,
00:00
you're looking at about seven percent of
00:00
the test material coming specifically about these tools,
00:00
read all 295 questions.
00:00
You've looked at the CCM,
00:00
you read about the domain and then controls,
00:00
read all the questions that the CAIQ has,
00:00
which extrapolates on each one of the domains and
00:00
allows you to understand how would
00:00
you realize this domain?
00:00
How can you assess the degree
00:00
of controls that are particular
00:00
Cloud provider has in place?
00:00
In fact, I would encourage you, moreover,
00:00
to look into the STAR registry and examine 2-4 providers.
00:00
Take a look at a few major Cloud providers.
00:00
You've got Amazon, you've got Azure, you've got Google.
00:00
But also take a look at maybe some of
00:00
the SaaS providers, or sales force.
00:00
There are real major SaaS provider for sure.
00:00
Any others that you work with on a day-to-day,
00:00
see if they even have entries in the STAR registry.
00:00
If so, check out their CAIQ and see how that lines up.
00:00
Similar to the CCM and this
00:00
is CAIQ questionnaire itself,
00:00
can be downloaded for free.
00:00
Just go to the Cloud Security Alliance site,
00:00
provide your email information
00:00
and it will be immediately available.
00:00
Finally, there's a CCSK Prep kit,
00:00
not nearly as comprehensive as this training.
00:00
It's free body of knowledge and it gives you
00:00
16 sample questions directly from
00:00
Cloud Security Alliance that could be on the CCSK.
00:00
It's something that you want to use
00:00
later before you take your exam,
00:00
but after you've done some of your study
00:00
and just answer those questions,
00:00
see if you can answer those questions without
00:00
access to any of the supportive materials.
00:00
It also gives you some additional resources
00:00
and some testing details there.
00:00
Like the other resources that I'm pointing to,
00:00
this is going to be found on
00:00
the Cloud Security Alliance web-page.
00:00
You just scroll down
00:00
there and you see we have self-study,
00:00
we have download the prep kit.
00:00
It's going to ask once again for some of
00:00
your email information and it will give you
00:00
the preparation kit with
00:00
a lot of the materials that you'll
00:00
need to make sure you are as ready as
00:00
possible for the CCSK exam.
00:00
Finally, I've put together a little
00:00
hands-on exam materials checklists.
00:00
Keep in mind, this is an open book.
00:00
If you have two monitors,
00:00
that's great because you can
00:00
have one monitor open with the test,
00:00
the other monitor open with
00:00
the variety of PDFs and materials.
00:00
Make sure the very minimum have these documents there.
00:00
Open in your PDF reader so
00:00
that you can search them if you do come across questions.
00:00
You don't want to be
00:00
searching these for each and every questions.
00:00
You will not make it through the 90 minute time-frame.
00:00
However, having them there,
00:00
having them accessible when you do need and you
00:00
want to search for a few keywords
00:00
is going to be very valuable.
00:00
Well, that wraps it up for this course.
00:00
I appreciate you so much for sticking with
00:00
me through this and we've covered a lot of materials.
00:00
CCSK exam really is a mile
00:00
wide and an inch deep on all things Cloud,
00:00
from governance, from technical,
00:00
from philosophical, just ways of thinking.
00:00
I really hope you get that certification.
00:00
In fact, if you want to connect out with me and
00:00
connect with me if you have any questions,
00:00
reach out to me on LinkedIn,
00:00
but do let me know this is regards to the Cybrary course
00:00
when you're sending the connect
00:00
because I get a lot of spam,
00:00
lot of people who I don't know,
00:00
and I may not accept it if I don't know you.
00:00
Just please do drop me a note.
00:00
Of course, if you have success,
00:00
please tag me in that posting on LinkedIn.
00:00
Tell the world when you get your CCSK.
Up Next
Course Assessment - CCSK
Assessment
30m