Passed CCSP - Certified Cloud Security Professional

13»

Comments

  • manalsabrimanalsabri Member Posts: 6 ■□□□□□□□□□
    Please list the NIST publications that we should go through.

    Also please can you provide links to any other relevant tutorials, documents, videos that would supplement CBK.
    · Share on FacebookShare on Twitter
  • Old ManOld Man Registered Users Posts: 2 ■□□□□□□□□□
    steve.taylor wrote: »
    Gents,

    I'm thinking of doing this certification next. I have a couple of questions:
    1) Has anyone done the (on-demand) online training that isc2 offer? Is it any good?
    2) Has anyone done the training that itpro.tv offer? It looks as if it's taught by Adam Gordon, the author of the CCSP CBK (or someone with the same name). Is the training any good?
    3) Does anyone know if the second edition of the CCSP CBK is much improved over the first edition?

    Broad questions, I know, but I'd appreciate any feedback. I'm currently trying to figure out how I'll study for this certification. For all of my previous ones, I've just read the textbook, and that's been enough. However, I'm thinking of investing a bit more time in this area, since I'd like to become a full-time security architect.


    I just took the test and passed. I got my CISSP back in 2006, so any knowledge from that is long gone! I do program management for security implementations, so not hands on at all but still involved. I say all that as I took the ISC2 week long training and then took the test the next week and passed. The book from the class is much like the one that you can buy on Amazon, but is tailored for the class. One guy brought his that he bought online before the class and when we compared the two I noticed that the regular book was much more verbose. I studied nothing but the book (they provided 150 flash cards, but didn't find them helpful). One fact they mentioned in the class is that the fail rate was very high without the training, but not sure if that was to make us feel better about spending $1495 or was true. My class had 12 people and thus far three of us have taken the test and passed first time, the rest have yet to attempt. I can't speak to any of the other training, but the ISC2 class was worth it. I received $300-$400 off for already being a CISSP, so that helped make the decision to attend the class.

    My opinion is that you can study and pass just from the book (at least the book from the class), but without the advice such as "this fact is important to understand" and "spend less time on these" I think one would either over study or just by sheer volume of information not be able to retain everything.
    · Share on FacebookShare on Twitter
  • Old ManOld Man Registered Users Posts: 2 ■□□□□□□□□□
    Hougno wrote: »
    According to ISC2, The following counts reflect the number of members per credential as of July 1, 2016
    CISSP



    United States
    70842


    CCSP



    United States
    517


    Thanks for posting! When I took my test in July they still had the March numbers and there was only 273, so they are only adding around 200 a quarter int he US.
    · Share on FacebookShare on Twitter
  • mog27mog27 Member Posts: 302
    Old Man wrote: »
    I just took the test and passed. I got my CISSP back in 2006, so any knowledge from that is long gone! I do program management for security implementations, so not hands on at all but still involved. I say all that as I took the ISC2 week long training and then took the test the next week and passed. The book from the class is much like the one that you can buy on Amazon, but is tailored for the class. One guy brought his that he bought online before the class and when we compared the two I noticed that the regular book was much more verbose. I studied nothing but the book (they provided 150 flash cards, but didn't find them helpful). One fact they mentioned in the class is that the fail rate was very high without the training, but not sure if that was to make us feel better about spending $1495 or was true. My class had 12 people and thus far three of us have taken the test and passed first time, the rest have yet to attempt. I can't speak to any of the other training, but the ISC2 class was worth it. I received $300-$400 off for already being a CISSP, so that helped make the decision to attend the class.

    My opinion is that you can study and pass just from the book (at least the book from the class), but without the advice such as "this fact is important to understand" and "spend less time on these" I think one would either over study or just by sheer volume of information not be able to retain everything.

    I took the on-demand ISC2 training and the instructor (Adam Gordon) never said which areas to concentrate on for passing the exam. I wish he did. Can you tell us which areas are important? :)
    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Ben Franklin

    "The internet is a great way to get on the net." --Bob Dole
    · Share on FacebookShare on Twitter
  • mohrtekmohrtek Registered Users Posts: 1 ■□□□□□□□□□
    I just took this exam today and I was a little surprised when I did not pass. I got a 668 and needed 700 to pass. There was content in the exam that I did not recognize from the training manual that ISC2 uses when providing in-class training, which I had a copy of. I studied mostly on my own and have a no experience with cloud but general info-sec and risk background which did help. I have a CISA and ITIL cert currently but those exam were different. This was the only manual I used but I think you will need more than just the training manual to pass this unless you work in the field. Time is not an issue with this exam and I wish I went back and reviewed every question. Here are my comments:

    - Semantics plays a big role on ISC exams. They are actively trying to fool you with every question.
    - There are a lot of "What is the BEST answer" questions where 2 answers may be correct.
    - Many questions are scenario based as opposed to simple definitions, in fact there were no simple definition questions. They assume if you know what something is, then how should/could it be used given this situation? This is a bit contrary to what is in the training manual questions.
    - I would review CSA materials as well as NIST also which I did not do.
    - I felt the exam is passable if I were to take it again, but I'm not sure if its worth it yet given all the Symantec style questions.
    · Share on FacebookShare on Twitter
  • MarkMSMMarkMSM Registered Users Posts: 3 ■□□□□□□□□□
    Can someone let me know if this is the latest version of the CSA doc?

    https://downloads.cloudsecurityalliance.org/assets/research/security-guidance/csaguide.v3.0.pdf

    In addition, is this the latest version of the ENISA doc?

    https://www.enisa.europa.eu/publications/cloud-security-guide-for-smes/at_download/fullReport
    · Share on FacebookShare on Twitter
  • MarkMSMMarkMSM Registered Users Posts: 3 ■□□□□□□□□□
    Found them:

    CSA Guidance: https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
    ENISA: http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment
    · Share on FacebookShare on Twitter
  • sach2017sach2017 Member Posts: 16 ■■□□□□□□□□
    Hello All,

    Starting to prepare for CCSP and wish to check if the following should be a good starting point:


    1. CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide by O'Hara
    2. The Official (ISC)2 Guide to the CCSP CBK by Adam Gordon

    What additional material should i cover?

    Thank you in advance.
    · Share on FacebookShare on Twitter
  • Mike7Mike7 Member Posts: 1,108 ■■■■□□□□□□
    Is the official study guide available? Last time i checked it will only be released in May.

    I had success with the All-in-one, CBK and CSA reference.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.