I started reading CSA guidelines around the first week of May 2020. Due to my work commitments, I was having a hard time sitting down and read the material properly. A lot of interruptions happened during my CCSK studies. It was then I understood the importance to have a fixed schedule and dedicated time to do things. From June 2020 onwards, I promised myself that I’d dedicate at least 2 hours per week for the exam and finish up the material by July end.
Coincidently, around same time, Cyberfrat announced that CCSK training classes shall be starting from July 2020 month. I intensified my studies to around 4 hours per week and had covered around 2/3rd of the CSA guideline stuff back then. For last 2 weeks in July, I intensified my studies for last 4 chapters and ENISA document and completed them. CCSK training classes helped me to revise and reinforce my concepts for first 5 chapters which gave me good confidence about my preparation.
I tried practicing questions for CCSK by google search and going through free practice tests. However, I found the answers were frequently referring back to the preparation documents in exam prep kit. I decided to drop my plan for practice questions and instead focus on learning exam preparation documents better.
Finally, on 31st July 2020 late night, I started my exam. Using a disciplined approach, I started answering questions one by one. A few of them had some confusing options as distractors. I marked them for later review and moved ahead. With 30 min remaining, I inched towards my last 60th question.
Now the fun part came. When I started my review marked questions, a lot of them required careful reading which took me by surprise. I made sure that I was reviewing them properly using the 3 documents recommended by CSA. By the time I reached last 8 questions, the clock showed 2 mins remaining. With 4 seconds on the clock, I quickly submitted my last review question. Last few seconds were feeling like full minutes to me.
At last, the screen appeared with a pass grade of 81% from the 80% cutoff score. A huge wave of relief and excitement came over me. I literally jumped from my chair. I had successfully cleared the CCSK exam around 20 mins past midnight of Aug 1, 2020.
FAQ on CCSK exam
Q1) What started your interest to go for CCSK exam?
Understanding Cloud from security perspective in easy, common sense language was the thing I was searching for a long time.
The challenge with Cloud is that each vendor uses its own jargon terminology for same things which makes a bit difficult to understand the building blocks.
CSA guidance documents are amazingly simple to understand resources which provide much needed clarity in vendor neutral tone. I found CSA guidance in particular very nicely designed and searchable document. That’s how I got interested to pursue CCSK.
Q2) There are plenty of cloud certifications in industry right now, why should I go for CCSK?
The thing with Cloud in general is that many cloud service providers (CSP) are aggressively pushing their flagship solutions based on their core competencies and strength.
From an enterprise perspective, it is important to recognize the importance of a common sense approach which can make an informed decision about which cloud service provider (CSP) to go for based on business use case, what are the risks involved and what things can go wrong in long term.
Hence we need a vendor agnostic approach to understand these security fine points before approaching cloud migration.
CCSK guidance documents fill these gaps very nicely and puts all of this into simple, easy to understand language, regardless of vendor specific jargon and terminology which can get very confusing at times.
Q3) From an information security perspective, how useful have you found CCSK?
CCSK helps to clear the air around what can go wrong if informed choices are not made at the very beginning during cloud migration strategy itself.
A disciplined well thought out foundation strategy needs to be in place to enjoy the fruits of the hard labour later on.
While moving to cloud definitely brings lot of benefits and opportunities to improve the security posture of any enterprise, the challenge remains to fine tune and balances the shared responsibilities part with your cloud provider.
You are no longer on your own, but are taking advantage of flexibility offered by your CSP to grow and scale your business.
The first few chapters in CSA guidance put a lot of emphasis on this careful planning.
For instance, having too many test instances running due to lack of governance oversight or sheer carelessness will drive up your bills real quick when it is time to scale up while serving your customers.Proper housekeeping and maintenance is essential here.
Q4) I’m interested to go for CCSK exam, what should be my starting points?
The first step would be to go to the CSA website and download the exam prep kit. This will give you all the documents necessary for exam preparation.CCSK exam chiefly hinges on three documents:
Read all three documents carefully. Highlight important points and make notes if needed. For difficult to understand concepts, search YouTube videos to get better hang of things.
Working as a team for achieving common goals always helps.
This really helps to clarify things and everyone wins. Personally, I’ve followed a self-study approach for any certification. It has been deeply satisfying every time while going for any certification.
Q5) Where can I practice CCSK exam questions? Are any dumps available?
A thorough understanding of the three CSA recommended documents should be enough for your preparation.
Although I did some practice questions by googling some free practice tests, I found that those were frequently referring back to these 3 documents. Since this is an open book exam, I decided not to pursue any more tests and instead rely on my understanding of these 3 documents.
Around the same time, I signed up for Cyberfrat CCSK training classes which helped me a lot by clarifying a lot of core concepts via visual representation of them. My confidence grew and I decided to go for the exam by selecting a date much sooner.
A quick warning about the “exam dumps” though. As a general rule, I would recommend you to stay away from “exam dumps” which typically are priced around 10% of the actual exam fees.
CCSK is a conceptual exam. So avoid any shortcuts in your preparation.
Q6) CCSK is an open book exam, doesn’t that make it a “less” of an exam?
Though this might be the first impression which most people (myself included) may get, looking closely however, this is not the case.
Cloud is very dynamic and agile place to change with technology and we need to “go with the change” to understand its moving parts better.
Fortunately, when proper visibility is available from your CSP, it gives you a chance to quickly maneuver your architecture to your ever-changing business needs.
While giving CCSK exam there were many “Oh my God” (OMG) moments for me when I started reviewing my marked answers with the exam prep documents.
Perhaps that’s why CCSK gives you two chances to pass the exam and has the open book nature.
Q7) While preparing for the exam, I tend to forget things often. How do I fix this?
For reinforcement of concepts the best thing is to go out and learn the things visually. I have found this to be effective in remembering things.
In addition, following things can be helpful.
1) Make and write your own notes.
2) Discuss with others
More you discuss your difficult areas with your colleagues and friends, more confidence you would gain. It is a win-win situation for everyone.
3) Join an exam preparation study group
Cyberfrat CCSK learning classes helped me to gain confidence that my preparation for CCSK exam was good enough and inspired me to book exam date sooner.
Q8) What would be your top 3 takeaways for CCSK exam?Following things I leaned from my CCSK journey:1) Be honest to yourself
2) Time management is the key to pass the exam.
3) Be disciplined and focused.
Remember, DISCIPLINE matters in CCSK exam.
If A=1, B=2 …then below metric will ensure you pass the exam successfully. All the best!