The Certificate of Cloud Security Knowledge (CCSK) is comprised of (12) subject-matter domains, each of which is further broken down into multiple sub-topics
Below is the complete outline to the CCSK as it’s defined in the official CCSK Study Guide from CSA, with links as needed to resources and information on that specific topic.
1.0 Domain 1: Cloud Computing Concepts and Architectures
1.1 Defining Cloud Computing
The CCSK refers to NIST SP 800-145 ‘The NIST Definition of Cloud Computing’ as part of it’s definition of what cloud computing is and what aspects define the concept. It’s a good idea to at least scan the document, a .pdf of which is located HERE.
1.2 Cloud Computing Models
1.3 Cloud Security Scope, Responsibility & Models
2.0 Domain 2: Cloud Governance and Strategies
2.1 Cloud Governance
2.2 The Governance Hierarchy
2.3 Cloud Security Frameworks
2.4 Policies
3.0 Domain 3: Risk, Audit and Compliance
3.1 Cloud Risk Management
3.2 Compliance & Audit
3.3 Governance, Risk, Compliance Tools & Technologies
4.0 Domain 4: Organization Management
4.1 Organization Hierarchy Models
4.2 Managing Organization-Level Security Within a Provider
4.3 Considerations for Hybrid and Multi-Cloud Deployments
5.0 Domain 5: Identity and Access Management
5.1 How IAM is Different in the Cloud
5.2 Fundamental Terms
5.3 Federation
5.4 Strong Authentication & Authorization
6.0 Domain 6: Security Monitoring
6.1 Cloud Monitoring
6.2 Beyond Logs – Posture Management
6.3 Cloud Telemetry Sources
6.4 Collection Architectures
6.5 AI for Security Monitoring
7.0 Domain 7: Infrastructure & Networking
7.1 Cloud Infrastructure Security
7.2 Cloud Network Fundamentals
7.3 Cloud Network Security & Secure Architectures
7.4 Infrastructure as Code
7.5 Zero Trust for Cloud Infrastructure & Networks
7.6 Secure Access Service Edge
8.0 Domain 8: Cloud Workload Security
8.1 Introduction to Cloud Workload Security
8.2 Securing Virtual Machines
8.3 Securing Containers
8.4 Securing Serverless and Function as a Service
8.5 Securing AI Workloads
9.0 Domain 9: Data Security
9.1 Primer on Cloud Storage
9.2. Data Security Tools and Techniques
9.3 Cloud Data Encryption at Rest
9.4 Data Security Posture Management
9.5 Object Storage Security
9.6 Data Security for Artificial Intelligence
10.0 Domain 10: Application Security
10.1 Secure Development Lifecycle
10.2 Architecture’s Role in Secure Cloud Applications
10.3 Identity & Access Management and Application Security
10.4 DevOps & DevSecOps
11.0 Domain 11: Incident Response & Resilience
11.1 Incident Response
11.2 Preparation
11.3 Detection & Analysis
11.4 Containment, Eradication and Recovery
11.5 Post Incident Analysis
12. Domain 12: Related Technologies & Strategies
12.1 Zero Trust
12.2 Artificial Intelligence