Note-to-self: CCSK vs CCSP

Just for easy, future reference… the difference between CSA CCSK and (ISC)² CCSP, quickly explained:




CCSK – DOMAIN 4 (Compliance and Audit Management) reference material


Preparation tool kit (with registration): https://cloudsecurityalliance.org/artifacts/ccskv4_exam_prep_kit

Separate downloads:

(ISC)² Belux Chapter

2019-04-04 meeting presentation on CCSP-CCSK


Additional Reading


Download PCI-DSS  without registration: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf

Documentation library: https://www.pcisecuritystandards.org/document_library



Microsoft Azure – Cloud Security Compliance (Trust center)


Documents download: https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3


Regional & country compliance: https://www.microsoft.com/en-us/trustcenter/compliance/regional-country-compliance

Google Cloud Security Compliance

Google Cloud security compliance – general

ISO27001: https://cloud.google.com/security/compliance/iso-27001/


ISO Standards



ISO27017 (Cloud security)

ISO27018 (Personal data)

ISO27032 (Cybersecurity)




Interesting collection of documents & references on compliance and standards: here,  including, HIPAA, PCI-DSS, ISO27001/27002, …




Note-to-self: MVA Learning Path – Security for the Chief Security Officer (CSO)

From a LinkedIn connection (thx Jeff and congratz on the achievement) I received an interesting pointer to a set of courses on MVA, Microsoft Virtual Academy.

An MVA ‘learning path’ is a combination of learning courses.
Just recently MVA published the ‘Security for the Chief Security Officer (CSO)’ learning path.

Check it out at : https://mva.microsoft.com/learning-path/security-for-the-chief-security-officer-cso-21

It combines 6 courses (better make sure to access them from the learning path):

  1. How to Harden Your Enterprise in Today’s Threat Landscape
  2. Cybersecurity Reference Architecture
  3. Cloud Security from the Field

BTW: have a look on the ‘security’ based content on Microsoft Virtual Academy, you’ll be surprised how much you can (continue to) learn.

See: https://mva.microsoft.com/search/SearchResults.aspx#!q=security

Note-to-self: free MS Press eBooks on Microsoft Virtual academy

Looking for some Azure reference material, planning for Azure certification exams, …? Have a look at the eBooks section on Microsoft Virtual Academy (MVA)…
Short url: http://aka.ms/freemspress

It has a quite interesting collection of free eBooks you can download…


And while you’re there, also check the learning stuff for identity:


And bookmark this link for security related learning material:



Happy learning!


Note-to-self: 2014 MCT Program changes, Requirements, Software & Services, Fee Changes

Source: http://www.microsoft.com/learning/en-us/mct-certification.aspx

From the recent Microsoft Learning newsletter to MCTs, I would like to share some news about the changes to the MCT program.
You’ll find more information, more details on the link I mentioned above.

Effective March 1, 2014, there are imporant changes / updates the the MCT certification requirements.
The new MCT Program Guide will be available soon. The guide provides detailed information regarding MCT program requirements.
Please find the details at: http://www.microsoft.com/learning/en-us/mct-certification.aspx#item-ID0ECAAAAACA (Section: Requirements effective March 1, 2014)

As the Technet Subscription has been retired, there is also an important change to the MCT benefits, software & services availability.
Read more at: MCT Software & Services available March 1, 2014 (http://www.microsoft.com/learning/en-us/mct-certification.aspx#item-ID0EEAAAAACA)

“In recognition of the role MCTs play in actively training   students worldwide on Microsoft products, starting March 1st, 2014 MCTs who   renew or enroll in the MCT Program will receive a subscription for MCT   Software & Services. This is a uniquely tailored subscription that   utilizes software and services offerings across Microsoft to provide   exclusive access to resources that help MCTs further develop technical   expertise and training skills.

Two subscriptions are available based on the MCT’s specific   training focus and provide MCTs with enhanced resources including non-time  bombed software and Windows Azure monthly credits.

Note-to-self: An Overview of Modern Cryptography on Data Encryption Summit (by BrightTalk)

Encryption, certificates and PKI become more and more import in current day to day operations.

If you got some spare time for learning online, the items below might be of interest.

10 interactive webcasts on Modern Cryptography are now available to view on-demand at BrightTalk.

Recorded 5/may/2011

About this Data Encryption summit

“With the ever-increasing volume of data and the adoption of new devices used to access it, effective security is becoming more challenging than ever. Encryption remains one of the best tools to protect sensitive personal and corporate data, but is implemented with varying degrees of success. Our presenters will discuss best practices for using encryption to achieve maximum security by exploring different products, solutions and use cases.

Over 1000 global attendees enjoyed the expert line-up of speakers discussing “modern cryptography“, “protecting corporate assets“, “encryption and social media“, “data leakage-WikiLeaks” and many more. As encryption remains one of the best tools to protect sensitive personal and corporate data, is it implemented with varying degrees of success? Review the topics below and hear our presenters discuss the best practices for using encryption to achieve maximum security by exploring different products, solutions and use cases”

The list of webinar includes:

    Keep in mind, you need to be registered with BrightTalk to watch the sessions.

Enjoy !