Passed CCSP

cyberguyprcyberguypr Senior MemberMod Posts: 6,927 Mod
Well, this one is done. It was particularly hard for me because my mind was on this issue: http://www.techexams.net/forums/jobs-degrees/127704-got-entry-level-infosec-job-dont-guy.html]this

Still, I answered everything without skipping, but flagging for review in a little bit over 2 hours. I then spent 30 minutes reviewing 50 tagged questions, changed only 7 answers. I think I had 5 questions that I totally gambled on because I had no idea what they were. I studied on and off totaling maybe 2-3 months.

My background:
- 17 years in IT
- Worked at SaaS company
- Currently an Infosec ninja (in my mind at least)
- Involved with cloud at $currentjob, mainly with CASBs and AWS.
- Familiar with ISC2 style thanks to CISSP

Study material:
- AIO by Daniel Carter – very good resource. I used this as the main source
- Cybrary CCSP videos – just OK, very high level, nothing special
- Manual for the official ICS2 course – dry, superficial IMO
- Flashcards – MEH!
- Official CCSP CBK – not a fan. Hard read, a bit fragmented, superficial in some areas.
- NIST 800-144,145,146 – mainly as review. This stuff repeats through all the CCSP books
- CSA 3.0 guide – this was very useful. The “recommendations” section in each domain provides very good guidance on best practices and mitigating risk
- https://www.cccure.education practice tests. I paid their trial membership for 3 days for a total of $15. Went through the 132 questions in 2 days averaging 80%. Questions are OK, way easier than the ones in the test. Some had typos but still a good resource
- Last but no least: the “Passed CCSP” threads here – Thanks to all who contributed.

How to drive it home.
- As other have said think RISK. This is the equivalent of thinking “human life always comes first” within the CISSP context.
- What you or the CSP think NEVER matters. The only thing that matters is what the contracts and SLAs say.
- The earlier you start talking security, the better
- Always pay attention to the dreaded BEST, MOST, LEAST qualifiers. They completely change the tone of the question
- Understand SDLC
- Understand cloud challenges and how to address them

On to AWS Solutions Architect Associate.

Comments

Sign In or Register to comment.