Passed CCSP

cyberguyprcyberguypr Mod Posts: 6,928 Mod
Well, this one is done. It was particularly hard for me because my mind was on this issue: http://www.techexams.net/forums/jobs-degrees/127704-got-entry-level-infosec-job-dont-guy.html]this

Still, I answered everything without skipping, but flagging for review in a little bit over 2 hours. I then spent 30 minutes reviewing 50 tagged questions, changed only 7 answers. I think I had 5 questions that I totally gambled on because I had no idea what they were. I studied on and off totaling maybe 2-3 months.

My background:
- 17 years in IT
- Worked at SaaS company
- Currently an Infosec ninja (in my mind at least)
- Involved with cloud at $currentjob, mainly with CASBs and AWS.
- Familiar with ISC2 style thanks to CISSP

Study material:
- AIO by Daniel Carter – very good resource. I used this as the main source
- Cybrary CCSP videos – just OK, very high level, nothing special
- Manual for the official ICS2 course – dry, superficial IMO
- Flashcards – MEH!
- Official CCSP CBK – not a fan. Hard read, a bit fragmented, superficial in some areas.
- NIST 800-144,145,146 – mainly as review. This stuff repeats through all the CCSP books
- CSA 3.0 guide – this was very useful. The “recommendations” section in each domain provides very good guidance on best practices and mitigating risk
- https://www.cccure.education practice tests. I paid their trial membership for 3 days for a total of $15. Went through the 132 questions in 2 days averaging 80%. Questions are OK, way easier than the ones in the test. Some had typos but still a good resource
- Last but no least: the “Passed CCSP” threads here – Thanks to all who contributed.

How to drive it home.
- As other have said think RISK. This is the equivalent of thinking “human life always comes first” within the CISSP context.
- What you or the CSP think NEVER matters. The only thing that matters is what the contracts and SLAs say.
- The earlier you start talking security, the better
- Always pay attention to the dreaded BEST, MOST, LEAST qualifiers. They completely change the tone of the question
- Understand SDLC
- Understand cloud challenges and how to address them

On to AWS Solutions Architect Associate.

Comments

  • SkyBlueSkyBlue Member Posts: 73 ■■□□□□□□□□
    Great job done! Congratulations.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats cyberguy! CCSP is definitely one I'd love to go for. Do you work in CloudSec now or are you trying to angle for a CloudSec job?
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Thanks. Currently working with some CASBs and AWS stuff. We are expanding our cloud footprint so this fits right in.
  • djcarterdjcarter Member Posts: 44 ■■□□□□□□□□
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Congrats!
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

    Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • useravuserav Member Posts: 56 ■■□□□□□□□□
Sign In or Register to comment.