云计算审计知识证书CCAK

CCSK CCPTP CCAK CZTP CDSP CBP CDPO

CCAK简介

CCAK（Certificate of Cloud Auditing Knowledge）云审计知识证书，是全球首个专注云审计的中立的技术认证，以专业的技能和证书，提升您的职业形象。

云安全联盟与 ISACA 强强联手共同开发的高质量证书，为从业人员提供亟需的云审计知识、培训和证书。CCAK 对现有的 CSA 和 ISACA成员以及证书持有者都有助益，因为它：

• 包含了 ISACA 经 ANSI 认证的证书如 CISA® 证书的部分内容；
• 包含了 CSA 的 FedRAMP 3PAO 评估员证书，以及 PCI-DSS 合格安全评估员证书，ISO 27001 主任审计师证书的部分内容。

课程价值

测评 : 了解测评和审计云环境与传统 IT 基础设施和服务之间的区别；

评估 : 了解如何使用云安全评估方法和技术对云服务在交付前和交付期间进行评估；

治理 : 了解将云引入生态系统对现有治理策略和框架有何影响；

合规性 : 了解云提供商和客户之间分担责任所产生的云合规性的独特要求；

内部安全 : 了解如何使用特定的云安全控制框架来确保组织内部的安全；

持续监控 : 建立架构，使您能够通过指标衡量控制有效性并最终实现持续监控；

课程对象

对于审计和 IT 专业人员来说，CCAK 是特别适时和重要的证书，特别是对于以下工作角色而言：

课程大纲

大咖评价

		CRAIG BALDING As former head of cyber risk for a global bank, I consider this new material essential knowledge for risk and control practitioners. CCAK provides the basis for a playbook for how to audit cloud environments and promises to be the shortest path to take a competent IT auditor and pivot them to cloud. CCAK not only provides a blueprint for how to think about risk and control in a cloud context, but empowers with practical advice for successful cloud audits. As co-author, my hope is that CCAK holders will differentiate themselves from their peers by demonstrating informed understanding to properly assess cloud risk and control issues. 作为全球银行前网络风险主管，我认为这些新的知识对风险和控制实践者至关重要。CCAK为如何审核云环境提供了一种基本的指南，并有望成为指导一个称职的IT审计员转向云的最短路径。CCAK不仅为如何在云环境中思考风险和控制提供了蓝图，而且还提供了进行云审计的实用建议。作为CCAK课程开发的参与者，我希望CCAK持证学员能通过展示了解如何正确评估云风险和控制问题的知识，使自己与同行区别开来。

		JOHN GUCKIANC Cybersecurity Architect(网络安全架构师） IT and security individuals, at any stage of their career, can possess the knowledge on how to apply a risk-based approach to the audit lifecycle process. Prepare for the techniques and gain the visibility into the mindset of risk and control stakeholders, customers, internal and/or external auditors, cloud service providers (CSP) and third-party service providers to better stand out during your engagements. 无论处于职业生涯的任何阶段，IT和安全人员都需要掌握如何将基于风险的方法应用于审计生命周期过程的知识，深入了解风险和控制利益相关者、客户、内部或外部审计员、云服务提供商（CSP）以及第三方服务提供商的思维方式。

		MOSHE FERBER CCSK & CCAK Instructor, Cyber Entrepreneur, Board Member and a Lecturer（CCSK和CCAK讲师，网络企业家，董事会成员和讲师） Auditors are usually good at understanding the high level risks but lack knowledge in the technical details. In CCAK we manage to bridge the gap between the two. CCAK professionals will understand both the risk management consideration along with the details of the cloud newly formed attack vectors and solutions. 审计师通常擅长理解高层次的风险，但在技术细节方面缺乏知识。在CCAK认证中，我们成功地弥合了这两者之间的鸿沟。CCAK专业人员将同时理解风险管理的考虑因素以及云计算中新形成的攻击向量和解决方案的细节。

		OMAR TURNER Director of Cloud Security Architects and Engineers - Microsoft(微软云安全架构师和工程师总监） As an IT and Cybersecurity professional that has kept up with certifications for the past two decades, I have read and reviewed many study guides. The Certificate of Cloud Auditing Knowledge Study Guide is one of those rare examples of a study guide that fulfills its core requirement of providing details on the domains included on the CCAK exam but takes it a step further by being a great cloud auditin and cloud security reference book as well. A wise investment indeed. 作为一个在过去二十年里一直保持各类认证的IT和网络安全专业人士，我已经阅读和评估了许多学习指南。云审计知识证书CCAK学习指南是罕见的学习材料之一，它不仅满足了提供CCAK考试涵盖的领域详细信息的核心要求，而且更进一步成为了一本出色的云计算审计和云安全参考书，这确实是一项明智的投资。