Certificate of Cloud Security Knowledge v4 CCSK FAQ’s
CCSK v4 Exam Basic FAQ
What is the Certificate of Cloud Security Knowledge (CCSK)?
The CCSK is a web-based examination of an individual’s competency in key cloud security issues. Launched in 2010, the CCSK is a widely recognized standard of expertise and is the industry’s primary benchmark for measuring cloud security skillsets. The CCSK was recently lauded as the most valuable IT certification in terms of average salary by Certification Magazine.
Who should consider obtaining the CCSK?
The CCSK is intended to provide understanding of security issues and best practices over a broad range of cloud computing domains. As cloud computing is becoming the dominant IT system, CCSK is applicable to a wide variety of IT and information security jobs in virtually every organization. The CCSK is strongly recommended for IT auditors, and it is even required for portions of the CSA Security, Trust & Assurance Registry (STAR) program.
Is the CCSK a viable substitute for other industry certifications?
The CCSK is NOT a substitute for other certifications in information security, audit and governance. Many certification programs help personal development within specific professional roles and job duties, and also provide vetting of individuals, which the CCSK does not do. The CCSK augments these other credentialing programs by encouraging a competency in cloud computing security best practices, which we believe will help individuals better cope with the increasingly pervasive cloud computing issues they are now facing. The Cloud Security Alliance is a strong supporter of popular professional certification programs within our industry and looks forward to developing formalized relationships with these programs in the future.
Are there any plans to “grandfather” individuals with other certifications into the CCSK program?
No. The CCSK is not a user accreditation, but a certificate of knowledge for a specific topic. Grandfathering would not serve the purpose of encouraging competency in cloud security best practices.
Does the CCSK have industry support?
The CCSK in strongly supported by a broad coalition of experts and organizations from around the world. Since its launch in 2010, the CCSK has been adopted around the world and is the gold standard for demonstration of cloud security competency. The collaboration with ENISA means that the world’s two leading organizations for vendor neutral cloud security research are providing the foundation for the industry’s first cloud security certification.
What is the latest version of the CCSK examination?
The latest CCSK version, v4 of the examination was made available December 1, 2017.
How do I take the CCSK exam?
You can take the exam by completing the following steps:
- Prepare for the exam through self-study or by participating in a CCSK training.
- Register at the CCSK exam website.
- Purchase a CCSK exam token (unless one was provided in your training package).
Why can’t I see the correct answers once I have completed the exam?
In an effort to maintain the integrity of the CCSK exam the platform is designed to avoid giving out the answers to specific questions. In order to assist those that do not pass the test to study for future attempts the exam platform will provide the user with the number of questions asked from each domain and how many questions were answered correctly in each of the domains.
Is the exam timed? How many questions? Is it open book?
The exam is 90 minutes with 60 questions. As it is a timed test and some questions can be lengthy, it is recommended that you rely as little as possible on study materials.
Do I need to schedule a testing date or find a testing facility?
No, the exam is online. You can register here: CCSK Account Signup
Are the results of the exam immediate?
Yes, the results are immediate. You will know your score after you finish the exam.
Can you send me an invoice?
We do not send out individual invoices. Due to the high volume of requests, we only send out invoices for bulk purchased tokens. When you sign up for the exam online, you will receive a PayPal receipt that will work as an invoice.
v3 to v4 Changes
Why has CSA decided to update the CCSK content, exam, and training?
CSA is committed to providing the best guidance possible to its members and the greater information security community. Since its inception, the CCSK has served as a benchmark for information security practitioners, IT users, and decision makers. It is meant to reflect the changing landscape in cloud computing security.
Typically, within our organization, major industry changes are first captured in the Cloud Security Guidance and then reflected in the CCSK. We released CSA Guidance v4 in July 2017, and consequently updated the CCSK exam to v4 in December 2017.
I am already a CCSK certificate holder based on a previous version. Will I need to update to v4 in order to maintain my CCSK status?
A person who has successfully passed any version of the CCSK exam will continue to be considered a CCSK certificate holder. The actual digitized certificate that is awarded specifies the version of the exam that was completed. Because the v4 is considered to cover state-of-the-art knowledge, it is highly recommended that all existing v2 and v3 certificate holders begin planning to upgrade their skillsets and pass the CCSK v4 exam.
I have a previous CCSK certificate and I would like to update my certificate to v4. How can I do that?
To update your certificate to v4, you must pass the v4 exam and reference the new certificate.
I’ve already passed the exam, can I get a discount to upgrade to v4?
For CCSK v3 certificate holders that passed the exam between December 1, 2016 and November 30, 2018, CSA will ensure one free attempt at CCSK v4. Check your account for a remaining attempt, and contact support if one is not available. Individuals who received a CCSK certificate prior to December 1, 2016, may purchase a CCSK upgrade token that has one attempt for the discounted rate of $75. This offer is automatically made available on existing accounts that have an existing successful exam attempt.
I have a CCSK v3 (or v2) certificate. Is there a way that I can obtain the material or training that covers only the new content in v4?
No. Given that each domain has undergone substantial revisions to address the current state of cloud security, an estimated 85% of the content is new. CSA therefore recommends that all students study the complete, updated body of knowledge.
I purchased a token prior to CCSK v4 release, can I use it to take the CCSK v4 exam?
Yes. Any token may be used to take any version of the CCSK exam.
I have already started studying for the CCSK exam based on the v3 material, will I still be able to take the CCSK test based on v3 of the exam after December 1, 2017?
Yes, the CCSK v3 exam will be available for an additional 12 months after the v4 launch, (until November 30, 2018).
Tokens
What is the cost of the CCSK exam registration (token)?
Effective December 1, 2017, the CCSK v4 exam token price is $395 USD.
How long is my exam token valid?
CCSK exam tokens are valid for 2 years from the date of purchase. We do, however, recommend that you take the exam within one year of your token purchase.
Do I have to take the exam immediately after purchasing or redeeming a token?
No, you may use your attempts at any time before your token expiration date.
If I fail my first exam attempt, will I get another chance?
Yes, standard tokens are good for two attempts at the exam. If you fail a second time you will need to purchase another token at $395 USD should you wish to attempt the exam again.
Study Materials
Are there study materials for the exam?
Yes, you can find all of the study material free of charge here: CCSK Study Materials
On what body of knowledge is the CCSK v4 exam is based?
The CCSK v4 exam contains material sourced from the CSA Cloud Security Guidance v4, the CSA Cloud Control Matrix and the ENISA Cloud Computing Risk Assessment report. Approximately 86% of the exam questions will be related to content included in the CSA Security Guidance. The test is comprised of a set of random questions that covers all of these documents. Each test is different. We suggest that you study the material and feel comfortable with all of it before you sit for the exam.
Are there training courses available? How much does a training course cost? Where can I find training courses?
There are different types of trainings courses available (online, instructor lead). To see offerings of individual training partners, go to the course schedule and select the register button.
Do I have to take a training class to take the CCSK exam?
No, you can prepare for the CCSK exam by self-study. The training courses are for a more in-depth understanding of the study materials. CCSK Study Materials
Do I need to take the CCSK Foundation course before I can take the CCSK Plus course?
No, the CCSK Foundation is a lecture course and covers the CSA Guidance, the CSA CCM, and the ENISA Document, as preperation for the exam. The CCSK Plus course will cover all of the foundation lecture material, and in addition will include hands-on labs to gain practical experience working in a cloud environment.
Is the CCSK exam token (test attempt) included in the training class, or do I have to purchase that separately?
Yes, the exam token is included in the cost of the training.
Certificates
Will my CCSK certificate expire?
No, your CCSK certificate will not expire. However, information technologies in general, and cloud computing in particular, are rapidly progressing fields, and it is advisable to stay up-to-date with the most current version of the CCSK certificate.
Can my employeer verify my certificate?
On the CCSK homepage under the “Redeem a Token” box, there is a “Validate a Certificate” box where your employer can put in the primary email address on your account, and the code you were provided upon passing the exam.
Can I have my certificate reflect my professional name and show my business email address?
Your CCSK certificate displays your name, primary email, and verification code.
Will I be mailed my certificate?
We do not send out hard copies of individual certificates. If you wish to see your certificate you can log into your account and download it in PDF format.
Are there testing accommodations for individuals with testing disorders who need extra time on the exam?
No, the feature to extend exam time does not currently exist. If you do not pass the exam on the first two attempts, please contact us and we will consider your circumstances.
Does the Cloud Security Alliance plan to offer other certificates?
Yes, CSA is developing education and certification programs in conjunction with industry partners and higher education on an ongoing basis. CSA’s Cloud Controls Matrix (CCM) training and Security, Trust and Assurance Registry (STAR) certifications and attestations are additional examples of CSA’s offerings. We are also working to develop educational programs in the areas of security architecture, audit and assurance, and software development.
Account
Can I change my password?
Yes, you can update your password once logged into your CCSK account under My Account > Security.
Can I change my email address?
Currently we do not allow changing your primary email address. You can however contact us to change it for you if required. You can also add or change a backup email address under My Account > Account Details (adding a backup email is highly recommended).
I cannot remember my password. Can you reset it for me?
Please use our Password Reset Form to reset your password.