SecProve
ProfessionalVendor-neutralCloud Security Alliance· issued from US

CSA CCSK

Cloud Security Alliance Certificate of Cloud Security Knowledge

The CCSK from the Cloud Security Alliance is one of the most widespread vendor-neutral cloud security certifications worldwide. It is based on three core sources: the CSA Security Guidance v4, the ENISA Cloud Computing Risk Assessment, and the CSA Cloud Controls Matrix (CCM). The exam is fully online and open-book — this lowers the entry barrier but also means less practical proof than e.g. CCSP. No professional experience required, no expiration date. Good as an entry point into cloud security and as preparation for the CCSP, but not a strong career building block on its own.

Official page at Cloud Security Alliance↔ Compare with another cert
Exam fee
$295
Ongoing
Study time
40–100 hrs
Delivery
Validity

› Quality score

26.5 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
CSA Certificate of Cloud Security Knowledge — broad cloud-security ECO.
7.5/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
Largely MCQ; some applied scenarios.
3.5/10
Currency & upkeep
How aggressively content is kept current with the field.
Refreshed alongside CSA's STAR program updates.
8.0/10
Market recognition
How often this signal actually moves a hiring decision.
Recognised on cloud-security listings as an entry credential.
7.5/10

› Built for these roles

Cloud Security BeginnersIT Architects with Cloud FocusCCSP CandidatesGRC Analysts

› Exam format

Online, open-book, 60 questions, 90 minutes, 80% passing score

Passing score
80% (60/75 questions correct)
Retake policy
Fee: $0 per attempt
Wait: 0d between attempts

Exam token includes 2 attempts. Additional attempts $395 each.

› Recertification

No expiration date (lifetime certification)

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

DD-WRL-001OG-WRL-014IO-WRL-006
Recognition
Global
Exam languages
en

› Core domains covered

The 1 domain this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A5Cloud Security

AWS/Azure/GCP security controls, IAM policies, CSPM, container security, shared responsibility model.

› Prerequisites

Experience

None

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (0)

No de facto priors typically expected.

CSA CCSK
Cloud Security Alliance
Required by (0)

No certs require this one.

Recommended next (2)
CCSPISC2CSA CZTCloud Security Alliance

› Study materials

Curated starting points. Not exhaustive — vet each against your learning style and the current exam version.

Official guides
Training providers
Practice tests
  • CSA Practice Tests (free)

› Version & lifecycle

Current version
v5
Released
2024-04

v5 launched April 2024 alongside CSA Security Guidance v5.

› Salary signal

Cloud security analyst / cloud generalist, US, 2–5 years.

$90K$130K
median $108K

Robert Half Salary Guide + Glassdoor aggregations · 2024 · US base only · p25–p75 range

› How it compares

vs
CCSP

CCSK is the vendor-neutral entry point; CCSP is deeper and gates on experience verification.

↔ Compare side-by-side
vs
AWS CSS

Vendor-specific deep-dive (AWS) vs CCSK's vendor-neutral breadth.

↔ Compare side-by-side

› Careers that commonly pursue this cert

Cloud Security Engineer

Secure cloud infrastructure across AWS, Azure, and GCP. Specialize in the shared responsibility model and cloud-native controls.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications