Booked my CCSP Exam - PASSED

I have registered for CCSP, 7th of January.

Been studying for a while, but couldn't sit for the exam due to several non-exam related issues. Stopped studying three months ago.

I started again but I feel that I still at a very similar stage to where I left three months ago, except for some little details that I have encountered in real life and need to be memorized (export laws for example)

The thing is I really feel so comfortable with all topics, I am using the official book and done the Cybrary which was a bit useless for CCSP as it is the same CISSP videos.

Now I am really worried when I read about people with decent experience, CISSP and studied the official material but failed. and the comments that the official book is not enough.

I am mainly using the official book and the official test exam and really doing great.

I really appreciate hints on why the official material is not enough, what would go wrong if I am a CISSP (therefore familiar with the ISC style) and feeling comfortable with all of the topics? For experienced CISSPs, what could've done to avoid failing the exam?

I have done over 10 exams, from CCNA all the way up to CISSP and never failed any, so I really want to avoid CCSP being my first time.

One last thing, any free Youtube or other video material that shuffles through the whole material? as a revision.

Find more posts tagged with

Comments

Mike7

You can check out Cloud Security Alliance CCSK documents at https://cloudsecurityalliance.org/education/ccsk

CCSP was developed by both ISC2 and CSA.

ecuison

Good luck on the exam.

SDee

Thanks for your replies and wishes.

As I have taken a break from studying, at this stage I am reading and refreshing one chapter from the official study guide, two chapters left. Once that is done I plan to shuffle through the CBK and start doing as much of practice exams as possible and do a targeted further reading on topics I feel that need enhancement.

The practice exams that I have are the CBK's and the Official Practice tests.

COBOL_DOS_ERA

Good luck on the exam!! once done, don't forget to share your exam experience with us.

SDee

Just finished reading the first 10 Chapters (Out of 11) of the official study guide and thought to try the first practice test of the official study guide practice test (Chapter 7: Practice Exam 1)

Scored 80, not bad, but while answering I felt I have done better. Marked my wrong answers and will review them tomorrow and check my weak points for further readings on the CBK.

Would appreciate any guidance. It is sad that the online material and communities of CCSP are incomparable to that of CISSP, but this is totally expected. Struggling to get guidance, free video material for pre-bed viewing which aided a lot while preparing for CISSP.

COBOL_DOS_ERA

Some study materials for CCSP, that I believe will be beneficial for your exam prep.

https://cromwell-intl.com/cybersecurity/isc2-ccsp/cloud-data-security.html

https://workflowy.com/s/ccsp-bootcamp/0uyTlM9ex1c0uRbY#/a03e9b4b3b47

https://www.greycampus.com/blog/information-security/owasp-top-vulnerabilities-in-web-applications

SDee

promethuschow said:

Some study materials for CCSP, that I believe will be beneficial for your exam prep.

EXCELLENT! Just what I was looking for.. I really appreciate it!
Just wishing to find something similar as a video..

Just finished Chapter 8: Practice Exam 2, was focusing on speed, did not revise any of the answers.. scored 85%
Feeling comfortable. Still a room for improvement, but leaving some topics for the last 48 hours before the exam, things that require memorizing a lot of details.

maxfred

I'm looking to book by exam in the next week so am at a similar stage but am testing myself with the CSSK first.
You may want to see the Skillsoft CCSP video course (however it covers 14 domain) I found it a good start before reading CSA v4.

SDee

Just finished another sample test exam, attempted the first 20 Questions of each chapter within CCSP Official ISC Practice tests, scored an 78.
Need extra reading on the operations domain, missed a lot of questions that were related to OECD which I had no clue about!

Honestly some questions lacked extra context, for example a question on Privacy Shield, and it was as simple as "Mandatory or Voluntary for non-EU companies" I totally understand the concept, it is mandatory if this company wants to run a business with EU while nothing obliges this company to join the privacy shield otherwise. Got it wrong as I stated it is mandatory, but the question seriously lacked extra context and the word 'Voulntary' was absolutely a bad choice for a correct answer.

Wishing not to encounter similar questions in the exam, missing something you totally understand is frustrating.

Will do some extra reading on the Operations domain, OECD and check the rest of wrong answers.

Still feeling comfortable with the material.

SDee

Another sample test exam, questions 21-30 from each chapter in the official practice exams books, scored: 82
Operations is still my weakest domain, luckily it has the least weight in the exam!

One of the question regarding Data Center temperature had all relevant temperatures in (F), for those who attempted the exam, for similar questions are the values provided in both (C) and (F) or it can be only in (F). It doesn't make sense to memorize numbers that I have no idea on what they represent!

SDee

Finished a 125Q exam on the Mobile App, scored a 97% the questions basically end of chapter questions included in the official study material. Not the best indicator, but a good practice.

I honestly don't like the official practice exam although am scoring good, some answers are justified by a long scenario coming from the authors mind while other answers can be similarly justified, hopefully, I will not encounter similar questions in the exams.

Any free online mock exams that have a similar look and feel compared to the exam's question?

SDee

I am really annoyed by some non-common-sense questions and answers within the official practice tests book,

For example, stating that "Resource Exhaustion" is a risk that is found in the cloud but not on legacy networks! COME ON!
Because "It is possible that a cloud provider will be unable to handle an increased load during contingency situations" SERIOUSLY?
The risk of having such a condition in legacy networks is absolutely much higher!

I just wish the official exam will make more sense.

SDee

Another frustrating question I would like to share and please correct me if I am wrong. Being responsible for several PCI compliance projects I believe I have a broad understanding of PCI-related topics.

The question is about different PCI merchants tiers and what will this dictate,
A: Different type of audits / B: Different amount of audits

Their correct answer is B, however, it goes that way:
Tier1: Quarterly ASVs - RoC by a QSA - AoC
Tier2: Quarterly ASVs - SAQ - AoC
Tier3: Quarterly ASVs - SAQ - AoC
Tier4: Quarterly ASVs - SAQ - AoC

So the amount is the same, the 12 requirements and the 200+ controls are the same (per tier)
Can any body explain?

SDee

Just finished all of the exams within CCSP Official ISC Practice Tests.

I was answering them throughout studying, like 10-20 questions of each chapter daily. So I believe I would have done better if I attempted them after I finished all of my studying but I instead used them as a guidance of where to concentrate.

Scores are:

Domain1: 89

Domain2: 80

Domain3: 79

Domain4: 84

Domain5: 76

Domain6: 71

I kept writing notes on things I got wrong, and further reading of weak topics. Will now focus on reviewing all of the written notes before sitting for the exam tomorrow. feeling confident and well, but frustrated with the questions in the practice tests, hopefully, the test will make more sense.

maxfred

Good luck, I hear the exam questions are stiffer than the Official Practice tests with less dis-countable answers, so the high scores you're passing with should hold you in good stead.

SDee

Done the Practice Test 1 Again, scored a 93%, feeling comfortable.

Will review all notes, I feel I have got everything covered. Confident for tomorrow, but still dealing with this confidence with caution and trying to cover any information or concepts that I may have missed.

anthonx

SDee, good luck on your exam tomorrow.

SDee

PASSED!

Exam technique
In general, used the same technique I used in CISSP examination and it worked again.

During the first phase, I did not spend much of time reading the questions and answers thoroughly, I just read the question the answers quickly and answered immediately, finished the 125 during the first hour and had a 50-50 pass-fail expectations, I was not optimistic.

Took a long break, drank some extra coffee, returned back to review each question thoroughly, wrote question numbers and wrote a "/" on each question that I am confident of the answer, and a "." with questions that I was not confident about and realized I am really doing well.

Took another short break, and returned to review the questions that I marked with a ".", they were around 30, corrected about 5, and had different feelings regarding the questions.

Decided to end the exam, was semi-sure of a pass, and it was a PASS!
Really felt great.

=============================================

My opinion
Honestly, I did not like the exam, I think I answered 60%+ based on my work experience and common sense, it is one of the worst exams if we had to map the exam content to the study material content. I will not disclose the actual content, but several heavily included material in the official study guides had nothing in the exam, a single paragraph had many, and yes the wording is poor and sometimes using synonyms for things that have a clear terminology within the study material.

My 2 cents? if you don't have the experience don't consider sitting for the exam, like it is really useful to know the concepts and the material within the study guides and they absolutely provided extra knowledge and valuable information, but the exam is not a clear indication of how well you were prepared regarding the CBK covered material.

Overall, glad with the knowledge I got while preparing, but feeling that a 4-day reading of the Official Study Guide would've been enough to pass the exam.. Don't get me wrong, the exam is not easy! but that's due to the fact that it depends on your experience rather than preparing for the exam, so a well-prepared person has a high chance of failing if he doesn't have a broad experience.

JoJoCal19

Congrats on your pass SDee! My opinion on the exam is similar to yours. I felt my overall knowledge of cloud topics helped me answer far more than the study guide. I used the official studyguide and practice exam book too. I can understand why there have been quite a few people here on TE that have not passed the first time around.

SDee

Honestly, during the exam, I decided that if I failed I am not doing it again. I really enjoyed learning and studying the covered topics but I didn't like the fact that they are trying to make the exam hard by including non-CBK covered topics.

And as a side note, the technical questions ratio in the exam is way more than the technical material ratio in the study material, like 3x the ration (which was good for me, but didn't make sense!)

COBOL_DOS_ERA

Congrats on the pass, and thanks for sharing your invaluable test experience with us.

cyberguypr

Congrats! I am curious as to what you consider non-CBK covered topics.

maxfred

Congrats, it sounds like I should do some CISSP practice tests rather than a last minute read of the CBK for my CCSP exam this week.

Glad to hear there are more technical questions, these non-real world 'opinion based' responses you have to memorize the CBK is getting frustrating?

Well done.

Meggo

cyberguypr said:

Congrats! I am curious as to what you consider non-CBK covered topics.

I was about to ask the same question.

Also, congrats on the pass!

SDee

Thanks all! Well, regarding the non-CBK I honestly don't remember specifically, my main point is that the exam doesn't really test your readiness and understanding of the CBK, like in other words, if I failed the exam I'd never know what would've been done better in terms of preparation, and I am pretty sure that I would've failed if I didn't have the real world experience that I have, with the same CBK-guided preparation level

Info_Sec_Wannabe

Well done! Still waiting for that someone who will give a good review of this exam..

vCISO2017

@SDee - congrats on the pass - well deserved and prospective CCSP attendees should mirror your method.
@Info_Sec_Wannabe : Not many give a good review of this exam - because it's not a great exam - takes a combination of studying the material, having cloud\InfoSec experience and finally the ability to decipher exactly what ISC2 are looking for.
However it is well regarded in the market due to it's reasonable scarcity and level of difficulty.

mvparish

Nice work!

averageguy72

Congrats!

Dhara

Please advise what material do I need to use to get this CCSP in the bag