Passed CCSP on the 3rd try

fadsterfadster Member Posts: 12 ■■■□□□□□□□
Long post...  TLDR....Passed CCSP on 3rd try

Last post was in Jan 2021 where i failed CCSP for the first time.
Retook the CCSP the 2nd time on 27 May 2021 and.....failed again..i felt lousy for a few days and did not bother looking at the CCSP materials for 2 weeks.
Had to wait for 60 days before i could book the 3rd time, which is today 28 July 2021.
Took for the 3rd time and thank God..Passed. 

Here is what i did for the 3rd try.

  • Read the 152 paged CCSK PDF. This document is quite informative and presents some extra information to augment the CBK.
  • Look through the CCM and understand what the different domains are and the purpose of the CCM.
  • Read the CBK. Didn't read line by line but have a good understanding of what each of the domain is trying to tell a story. Must read. Reading this is the purpose of taking CCSP.
  • Subscribed to Edusum 2 weeks before the exam and did the practice paper. No need to rush through but do the questions then refer to the domain/paragraph that the question is asking. Do the questions and revise the section from the books.
  • Read the official CCSP guide and do the questions at the back.
  • Read CCSP for Dummies with Online Practice - Not bad..i used the test bank from Wiley that comes with the book. Some of the questions that requires memorizing exact standards can be safely ignored.
  • Used CCSP Official Practice Tests (2nd Edition) - IMO THE BEST...1 question from the practice came out word-for-word in the exam..So it is REALLY an official as marketed on the cover page.
Exact question was:
You are the security manager for an organization with a cloud-based production environment. You are tasked with setting up the event monitoring and logging systems.
In your jurisdiction, private entities are allowed to monitor all activity involving their systems, without exception. Which of the following best describes a logging scheme you would recommend? :)
  • Subscribed to Cybrary (Kelly Handerhan) and took the 13 hour CCSP videos. Did the practice questions.. Not bad..
  • Used Carter's CCSP AIO (so-so material and didn't really used the book much..still in pristine, clean condition)

It is ok if you don't read the chapters cover to cover multiple times...It can be super dry and boring and trust me nothing will get into your head.. Spend max 45min to1 hr reading whatever chapters that you like or what ever chapters that you think you are weak at. But do read the chapters\domains in full at least twice.

The main idea is practice as many questions as you can and that automatically forces you to read the CBK\Guide\materials or especially when you got the question wrong. Do the questions and revise the section.

Only my CBK is a physical copy, the rest of the materials are all in PDF. Do a search and compare the explanation across the different books\guides after doing the questions and getting the answers.
Eg when you do a search for the word "archive". This will turn up in sections like "Cloud Secure Data Lifecycle",  "Data archiving procedures and mechanisms", "PLAN AND IMPLEMENT DATA RETENTION, DELETION,AND ARCHIVING POLICIES", "Data Retention Practices". These sections all appear in various books. 

After taking the CCSP 3 times, it turns out that some of the questions are repeated.
These are not the exact questions but somewhere along that line.
1. What is a Bull's eye concept in security?
2. What is the BEST and fastest way to transfer\move a VM across 2 different CSPs with no downtime?
3. Know the diff between a reverse proxy and a forward proxy
4. Understand what is the Privacy Shield used for

Read carefully and slowly and go through ALL the answer options. My first and 2nd attempt i had an extra 40 to 45 mins left. On my 3rd attempt i only had 5 mins left. Spent extra time to re-read the questions especially those long ones. The answer options to some of the questions are REALLY close. You need to choose the BEST answer and you need to have a solid grasp of whatever concept is being asked.

I already passed my CISSP 2 years back and some prerequisite knowledge did help. For example questions on PKI, digital signatures to ensure confidentiality and integrity, asymmetric keys vs symmetric keys, diffie-hellman, hashes, message digests, etc...

No 2 ways about it to pass..I find the CCSP trickier than CISSP...somehow. CCSP is  NOT easy.

In short, practice, practice, practice (do at least 1000 questions from various test banks\end of chapter questions or from where ever)..

Do the questions, revise the sections. It worked for me.

All the best to those who are still struggling. It took me more than 7 months to eventually pass and after the 3rd attempt.

Spent quite a fair bit. Much more than my cissp. I am neck deep in this ccsp so might as well press on instead of quitting. Just the exam itself i paid 3 x 599usd plus books, subscriptions etc..Convert to Singapore Dollars and those could easily get me a high end gaming rig..LOL..

Do the questions, check the answers and revise the sections. AND don't quit. Press on. Hope this pointers help someone.

Now on to the next challenge.. Any suggestions on what to embark next? Would AWS Certified Solution Architect Associate be a good continuity to CCSP or should i take something more management related?

Do suggest. Thks.



  • SteveLavoieSteveLavoie Member Posts: 1,005 ■■■■■■■■□□
    Congrats.. 3 times.. you are perserverant! 
  • fadsterfadster Member Posts: 12 ■■■□□□□□□□
    @SteveLavoie Thanks....was even mentally prepared for a fourth try but my strategy works so all is well. thrice is a charm.
  • AMJAMJ Member Posts: 2 ■□□□□□□□□□
    I would be inserted to know the brief of your study materials ? 
  • fadsterfadster Member Posts: 12 ■■■□□□□□□□
    @AMJ it is in my topmost/first post in this thread.. Shared some details and what i did there.
  • E Double UE Double U Member Posts: 1,936 ■■■■■■■■■□
    Took me the same amount of attempts for CISSP. Good job of sticking with it. Congratulations!
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, and more.

    2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • gengenbengengenben Member Posts: 1 ■□□□□□□□□□
    edited August 22
    fadster said:
    Long post...  TLDR....Passed CCSP on 3rd try

    We are from the same country from what you mention about the SGD currency and should be around the same age range since you used gaming rig for comparison. 
    I too failed CCSP have to spend $599 again and for the example you given how to you find the answer as I couldnt find any clue in the CBK or the OSG text book.
    eg. 2. What is the BEST and fastest way to transfer\move a VM across 2 different CSPs with no downtime?

    so even if I were to see the same question again I won't know how to answer correctly.
  • fadsterfadster Member Posts: 12 ■■■□□□□□□□
    @gengenben yes..i am from Singapore. Not so young either... late thirties. The gaming rig was just for comparison..LOL..i have no time to play games even if i wanted to. too much work and commitments.

    Anyway you are won't know how to answer to some of the questions as it also depends on work experience in general..i used quite a bit of vmware hence was able to relate to the concepts..Also i made a mental note of what i could not answer during my prev 2 attempts. will google for the best anwer after the test..

    I dunno about others but for all the 3 tests that i took, about 4 to 5 of the qns were repeated or they look very familiar. and 1 qn came straight out of the official practice paper.

    Just press on and don't give up.

  • promethuschowpromethuschow Member Northern VA, NYCMember Posts: 195 ■■■■□□□□□□ they say, 3rd time is the charm! and hats off to you for not giving up. 
  • thepawofrizzonthepawofrizzon Member Posts: 6 ■■■□□□□□□□
  • Falcon56Falcon56 Member Posts: 94 ■■■□□□□□□□
    Thank you so much  for this fantastic write up! More importantly, CONGRATS on passing the exam and hats off to you for staying with it. This post sure got my attention. I have re-scheduled my exam for mid-October and I am going to use this as a guide for my prep. Been hammering the Official Practice Tests since you posted this. 

    Also, I think the decision to do the AWS Solutions Architect is a great "piggy-back" to the CCSP. I am going to be headed into the Azure arena if I ever get this exam out of the way. Again, awesome post and way to go on the pass! 
  • E Double UE Double U Member Posts: 1,936 ■■■■■■■■■□
    Falcon56 said:
     I am going to be headed into the Azure arena if I ever get this exam out of the way. 
    I did the same and found it rather easy to go in this direction. I completed CCSP in May 2019 and did AZ-900 in January 2020 and noticed the CCSP foundation definitely helped. 
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, and more.

    2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
Sign In or Register to comment.