Passed CCSP

Dan-in-MDDan-in-MD Member Posts: 52 ■■■□□□□□□□
I took and passed the CCSP exam yesterday. One word of caution: in my opinion, the ISC2 official study guide probably covers about 50-60% of the knowledge content required. I found myself relying on my existing knowledge and experience for much of the test. I skimmed through the CSA V4 document (to reinforce my prior studying) the day before the exam.

I studied for this exam the week prior and to gauge my understanding, took about 350 questions from the online Sybex exam, scoring 87%. I think this exam could easily give one false confidence. The Sybex exam was based (not surprisingly) on the book’s content and was much easier than the actual exam. I also checked out CCCure’s CCSP practice exam, but it was awful—spelling mistakes and poorly worded questions. (That said, I DO recommend CCCure for their CISSP 2015 test bank.)

I see that there is a CCSK exam, but I’m not sure about its value proposition. The CCSK seems like an ITIL Foundations type exam.


  • Dan-in-MDDan-in-MD Member Posts: 52 ■■■□□□□□□□
    For the heck of it, I just took the CCSK V4 exam--no study time. Passed with an 83%.

    This exam is totally focused on CSA v4 and the ENISA Benefits Risks and Recommendations for Information Security.

    Unlike the CCSP, I didn't feel like there was much in the way of practical application of knowledge being tested--it was definitely NOT experiential. It reminded me of my ITIL expert exams in that it used an overabundance of words. Can I have my money back now? icon_wink.gif

    CSA doesn’t appear to use Acclaim digital badges, which isn’t very nice of them considering what we’re paying (and they only issue PDF certs, and no cute pin to join your desk collection). For external verification purposes, you need to reveal an email and certificate code. On LinkedIn, I certainly don’t want to post my email address.
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • Dan-in-MDDan-in-MD Member Posts: 52 ■■■□□□□□□□
    Regarding the CCSP vs CCSK exam experience... With the CCSP, you're sitting in a Pearson Vue test center. You have 4 hours to complete 125 questions. When you have more questions, for each question you can answer quickly, you effectively generate a "bank" of time you can apply to other questions. I "walked" across the finish line at 3 hours and didn't recheck any questions. I had two or three questions where a scenario was presented and three different questions were asked about it (coming at the scenario from different angles). I thought it was a challenging, but well-designed test.

    Regarding the CCSK V4, I felt like it was pure knowledge recall. In this case, you have 60 questions and 90 minutes. Maybe it's my familiarity with ISC2 and ISACA exams, but I didn't like CSA's questions (no analytical question). Further, with fewer questions, there isn't as much "time" to put in the "bank" for questions you need to ponder. The questions involving ENISA required reviewing a very Euro-centric document which was overly wordy. I think ISC2 has the "economy of words" thing nailed.

    I have a feeling that the CCSK is going to fade away. ISC2 can leverage its CISSP population to market this exam (and you can usually apply the same CPEs to multiple ISC2 certs). Having to re-take the exam every couple years is a drag. I'm busy enough at work and taking continuing training is enough. No digital badges--seriously? BTW, ISACA provides an 8-Hr CPE "Passer" certificate for those that pass their certs. CSA's website mentions 1-Hr for CCSK.
Sign In or Register to comment.