9
Certificate of Cloud Security Knowledge (CCSK) Ariel Litvin, CSA Israel December, 2010

Ariel Litvin - CCSK

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Ariel Litvin - CCSK

!Certificate of Cloud Security Knowledge!

(CCSK)!

Ariel Litvin, CSA Israel December, 2010

Page 2: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Basic Facts

• Online test of individual knowledge in cloud security

• Launched Sept 1, 2010

• 50 Questions, 60 Minutes, 80% to Pass

• The CCSK costs $295 USD (or $195 USD)

Page 3: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Required Knowledge

• CSA Guidance V2.1

•  ENISA’s report “Cloud Computing: Benefits, Risks and Recommendations for Information Security”

Download Links: •  CSA Guidance: http://cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf

•  ENISA: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment

•  CCSK Study Guide: http://cloudsecurityalliance.org/CCSK-prep.pdf

Page 4: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Examination Domains

Domain 1 NIST Definition of Cloud Computing (Essential Characteristics, Cloud Service Models, Cloud Deployment Models) Multi-Tenancy Cloud Reference Model Jericho Cloud Cube Model Cloud Security Reference Model Cloud Service Brokers

Domain 2 Contractual Security Requirements Enterprise and Information Risk Management Third Party Management Recommendations Domain 3 Cloud versus outsourcing Three dimensions of legal issues Contract enforceability eDiscovery considerations Jurisdictions and data locations

Page 5: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Examination Domains Domain 4 Compliance impact on cloud contracts SAS 70 Type II ISO 27001/27002 Compliance analysis requirements Auditor requirements Domain 5 Six phases of the Data Security Lifecycle and their key elements Data Remanence Data Commingling Data Backup Data Discovery Data Aggregation Domain 6 Key Portability Objectives of S-P-I Lock-In risk mitigation techniques by cloud delivery model Domain 7 Insider Abuse Business Continuity Management/Disaster Recovery due diligence Provider employee considerations

Page 6: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Examination Domains

Domain 8 Provider selection Resource sharing Patch management Technical support Domain 9 Recommended provider tools and capabilities Response tradeoffs Questionable provider offerings Domain 10 SDLC impact and implications Differences in S-P-I models

Page 7: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Examination Domains

Domain 11 Key management best practices Key management standards Encryption practices in S-P-I models Domain 12 Identity Federation Authorization Access Control Provisioning Domain 13 Virtual Machine security features VM attack surfaces Compartmentalization of VMs

Page 8: Ariel Litvin - CCSK

www.cloudsecurityalliance.org Copyright © 2010 Cloud Security Alliance

Additional CSA Projects

•  Enabling GRC in clouds, leveraging key CSA projects

•  Suite of tools, best practices and technology

•  Consolidate industry research & simplify GRC in the cloud

•  For cloud providers, enterprises, solution providers and audit/compliance

Page 9: Ariel Litvin - CCSK

www.cloudsecurityalliance.org

Thank you!


Object-Oriented Programming and Data Structures Programming and Data Structures Maria Litvin Phillips Academy, Andover, Massachusetts Gary Litvin Skylight Software, Inc. Skylight Publishing

Object-Oriented Programming and Data Structures Programming and Data Structures Maria Litvin Phillips Academy, Andover, Massachusetts Gary Litvin Skylight Software, Inc. Skylight Publishing

Documents
Algorithms Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by Maria Litvin, Gary Litvin,

Algorithms Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by Maria Litvin, Gary Litvin,

Documents
Lists and Iterators Copyright © 2011 by Maria Litvin, Gary Litvin, and Skylight Publishing. All rights reserved. Java Methods Object-Oriented Programming

Lists and Iterators Copyright © 2011 by Maria Litvin, Gary Litvin, and Skylight Publishing. All rights reserved. Java Methods Object-Oriented Programming

Documents
Learn ccsk course at jagsar international

Learn ccsk course at jagsar international

Education
Class Hierarchies and Interfaces Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by Maria

Class Hierarchies and Interfaces Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by Maria

Documents
SEAN SHERMAN, CISSP, CISA, CCSK DEFINING AND PLANNING

SEAN SHERMAN, CISSP, CISA, CCSK DEFINING AND PLANNING

Documents
Blogi evgenii litvin

Blogi evgenii litvin

Technology
Understand the CCSK Cloud Security Certification

Understand the CCSK Cloud Security Certification

Documents
Chapter 09 litvin python

Chapter 09 litvin python

Documents
Boolean Expressions and if-else Statements Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006

Boolean Expressions and if-else Statements Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006

Documents
by S. Gerald Litvin - American Bar Associationapps.americanbar.org/labor/annualconference/2007/materials/data/... · CASE PREPARATION & TRIAL OUTLINE1 by S. Gerald Litvin 1 The attached

by S. Gerald Litvin - American Bar Associationapps.americanbar.org/labor/annualconference/2007/materials/data/... · CASE PREPARATION & TRIAL OUTLINE1 by S. Gerald Litvin 1 The attached

Documents
Spread spectrum correlator for recovering CCSK data from a PN

Spread spectrum correlator for recovering CCSK data from a PN

Documents
Litvin - Impuesto a Las Ganancias

Litvin - Impuesto a Las Ganancias

Documents
Data Types, Variables, and Arithmetic Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by

Data Types, Variables, and Arithmetic Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by

Documents
ArrayList JavaMethods An Introduction to Object-Oriented Programming Maria Litvin Gary Litvin Copyright © 2003 by Maria Litvin, Gary Litvin, and Skylight

ArrayList JavaMethods An Introduction to Object-Oriented Programming Maria Litvin Gary Litvin Copyright © 2003 by Maria Litvin, Gary Litvin, and Skylight

Documents
An Introduction to Software Development Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006

An Introduction to Software Development Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006

Documents
Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on

Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on

Documents
Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by Maria Litvin, Gary Litvin, and Skylight

Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin Copyright © 2006 by Maria Litvin, Gary Litvin, and Skylight

Documents
Creativity in Mathematics - Noah Litvin

Creativity in Mathematics - Noah Litvin

Documents
CCSK Journée Infonuagique ISACA 2016 · CCSK : Certificate of Cloud Security Knowledge §Lancement en 2010, version 2.1 et 3.0 (2013) §Certification neutre (pas de orientée éditeur

CCSK Journée Infonuagique ISACA 2016 · CCSK : Certificate of Cloud Security Knowledge §Lancement en 2010, version 2.1 et 3.0 (2013) §Certification neutre (pas de orientée éditeur

Documents
LITVIN Diversity From Biology to Management

LITVIN Diversity From Biology to Management

Documents
Dr. Anton Litvin Chronic cough - COnnecting … · ProPowerPoint.Ru Chronic cough Dr. Anton Litvin Assistant professor Department of Internal Medicine V. N. Karazin Kharkiv National

Dr. Anton Litvin Chronic cough - COnnecting … · ProPowerPoint.Ru Chronic cough Dr. Anton Litvin Assistant professor Department of Internal Medicine V. N. Karazin Kharkiv National

Documents
Object-Oriented Programming and Data Structures · PDF fileObject-Oriented Programming and Data Structures Maria Litvin Phillips Academy, Andover, Massachusetts Gary Litvin Skylight

Object-Oriented Programming and Data Structures · PDF fileObject-Oriented Programming and Data Structures Maria Litvin Phillips Academy, Andover, Massachusetts Gary Litvin Skylight

Documents
An Introduction to Hardware, Software, and the Internet Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin

An Introduction to Hardware, Software, and the Internet Java Methods A & AB Object-Oriented Programming and Data Structures Maria Litvin ● Gary Litvin

Documents
An Introduction to Hardware, Software, and the Internet JavaMethods An Introduction to Object-Oriented Programming Maria Litvin Gary Litvin Copyright ©

An Introduction to Hardware, Software, and the Internet JavaMethods An Introduction to Object-Oriented Programming Maria Litvin Gary Litvin Copyright ©

Documents
Chapter 2 Designing Web Pages With HTML JavaMethods An Introduction to Object-Oriented Programming Maria Litvin Gary Litvin Copyright © 2003 by Maria Litvin,

Chapter 2 Designing Web Pages With HTML JavaMethods An Introduction to Object-Oriented Programming Maria Litvin Gary Litvin Copyright © 2003 by Maria Litvin,

Documents
Iterative Statements: while, for, do-while while (chapter < 8) chapter++; Copyright © 2011 by Maria Litvin, Gary Litvin, and Skylight Publishing. All rights

Iterative Statements: while, for, do-while while (chapter < 8) chapter++; Copyright © 2011 by Maria Litvin, Gary Litvin, and Skylight Publishing. All rights

Documents
Object-Oriented Programming and Data Structures · 2019-05-19 · Object-Oriented Programming and Data Structures Maria Litvin Phillips Academy, Andover, Massachusetts Gary Litvin

Object-Oriented Programming and Data Structures · 2019-05-19 · Object-Oriented Programming and Data Structures Maria Litvin Phillips Academy, Andover, Massachusetts Gary Litvin

Documents
Big-O Analysis of Algorithms Copyright © 2011 by Maria Litvin, Gary Litvin, and Skylight Publishing. All rights reserved. Java Methods Object-Oriented

Big-O Analysis of Algorithms Copyright © 2011 by Maria Litvin, Gary Litvin, and Skylight Publishing. All rights reserved. Java Methods Object-Oriented

Documents
CCSK Certificate of Cloud Computing Knowledge - overview

CCSK Certificate of Cloud Computing Knowledge - overview

Internet