CSA Cloud Security Guidance document

The Cloud Security Alliance wrote the "Security Guidance for Critical Areas of Focus in Cloud Computing v4.0".

This document, the "CSA Guidance" for short, is the single most important document to read if you want to pass the CCSK exam. However, it is not necessary to read it now if you follow the course, so right now you should just download it. In later units you will be referred back to domains in this document.

If you want to print one thing of this course, print this document. It will also give you a place to make notes as you go through the online course. I find printing the other material less relevant.

You will need this document (plus the ENISA one and version 3 of the cloud controls matrix) during the exam, and you should by then be prepared to search in them through a proper PDF reader that allows searching for phrases, not just words. I am using the free Foxit reader (https://www.foxitsoftware.com/), available for many platforms (e.g. appstore on the Apple Mac), but use any PDF reader that fits your needs.

Version 4 of the CSA guidance was released in the fall of 2017.

While this is all the material that you formally need for the exam, you may also want to acquire the 'CCSK all-in-one guide' by Graham Thompson (note: I was one of the technical editors for it, but i am not getting royalties). It presents the material in an additional way, and it also comes with 200 test questions.

Discussion

6 comments