My CCSP experience and comments

Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
I took and passed the CCSP exam this morning. This is my second (ISC)2 exam after CISSP and CSSLP.

My main study guide is the CCSP All-In-One with the CCSP CBK as supplementary reading, with a brief read-up on CSA Guide v3.
The AIO was published in Nov 2016; I bought the eBook from Google Play Store in Jan and started studying in Feb. I had experience with AWS, web programming with REST/SOAP and SAML, and had interfaced with customers while working in a PaaS vendor environment. Which means that I only have to focus more on about 3/4 out of the 6 CCSP domains, i.e. architectural concepts, data security and legal/compliance.

Comments? The CCSP exam is "most appropriate for those whose day-to-day responsibilities involve procuring, securing and managing cloud environments or purchased cloud services." (taken from ISC2 CCSP site). In short, what are the new security considerations when moving out to the cloud or using cloud services? What are the new risks from cloud computing? These security considerations can be technical, policy compliance and even jurisdiction. Cloud computing has advantages. At the same time, organisations lose some control when moving to cloud. What control do they lose? What are the options available to address these new cloud-related risks? Who is responsible for what aspects of security? Cloud provider or cloud customer? How does an organisation ensure their data in the cloud is secure? The location of cloud provider DC is important from a legal, privacy and compliance perspective. How does one ensure compliance with different laws?

Hope this helps those interested in the exam. :)

Comments

  • djcarterdjcarter Member Posts: 44 ■■□□□□□□□□
    Congrats on passing the exam!
  • scascscasc Member Posts: 461 ■■■■■■■□□□
    Nicely done - do you think the AIO book is enough to pass?
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    scasc wrote: »
    Nicely done - do you think the AIO book is enough to pass?
    The AIO is easier to read than CCSP CBK and serves as a good starting point. If you have the cloud experience, and read up on the weak areas, I believe it is possible.
  • scascscasc Member Posts: 461 ■■■■■■■□□□
    Many thanks for the response. I will check out the AIO guide and perhaps supplement this with the other docs like CSA/ENISA/NIST to ensure all bases are covered. But will mainly focus on the AIO guide and dip into the others as I need to get the cert for work purposes and don't have much time to go through so many things.
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    You're welcomed. All the best and hope to see your "pass CCSP" post soon.
  • scoobydoesscoobydoes Member Posts: 25 ■□□□□□□□□□
    Congratulations! I have this exam on the back burner for now, but appreciate the information on it.
  • kukkukukku Member Posts: 130 ■■□□□□□□□□
  • scascscasc Member Posts: 461 ■■■■■■■□□□
    Many thanks my friend. Will def do a post when I can as I have a few other things going on at the moment - but will get there :).
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • TreySongTreySong Member Posts: 65 ■■■□□□□□□□
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    djcarter wrote: »
    Congrats on passing the exam!

    @djcarter,

    From djcarter's profile
    Certifications:CISSP, CCSP, CISM, CISA
    Location:Maryland

    And your posts are all CCSP related.

    From CCSP All-In-One book
    Biography

    Daniel Carter was born Ohio, and has lived Missouri, New Jersey, Connecticut, and now Maryland for over 20 years. He has worked in the IT and Security fields for over 20 years, and holds a degree in Criminology from the University of Maryland, and a Masters degree in Technology and Security Management from the University of Maryland, University College. Daniel currently holds the CISSP, CCSP, CISM, and CISA certifications


    One and the same?
    If yes, thank you! Your book helped me pass the exam!


  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Nice investigative work!
  • djcarterdjcarter Member Posts: 44 ■■□□□□□□□□
    Mike7 wrote: »
    @djcarter,


    One and the same?
    If yes, thank you! Your book helped me pass the exam!


    Maybe :) yes, one in the same!

    I am so glad to hear that it helped you pass, and congrats!
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
  • boy123iboy123i Registered Users Posts: 2 ■□□□□□□□□□
    hey mike
    how are u doing mate?
    i need to speak to asap its very important
    can u plz add me on skype of fb
    skype : heart.specialist2
    fb: https://www.facebook.com/PentesterHanan

    its about ecsav9
  • boy123iboy123i Registered Users Posts: 2 ■□□□□□□□□□
    Mike7 wrote: »
    Cool! :)


    hey mike
    how are u doing mate?
    i need to speak to asap its very important
    can u plz add me on skype of fb
    skype : heart.specialist2
    fb: https://www.facebook.com/PentesterHanan

    its about ecsav9
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    boy123i wrote: »
    hey mikehow are u doing mate?i need to speak to asap its very importantcan u plz add me on skype of fbskype : heart.specialist2fb: https://www.facebook.com/PentesterHananits about ecsav9

    Hello! You can post your questions to the EC Council section. A number of TE members have taken and passed ECSAv9 exam and are willing to assist. I already did a mini review at http://www.techexams.net/forums/ec-council-ceh-chfi/123986-ecsa-review.html



    Please do not ask about exam questions, brain **** or how to do the hacking challenges. Thank you!
Sign In or Register to comment.