Failed CCSP - Certified Cloud Security Professional

swish45swish45 Member Posts: 30 ■■□□□□□□□□
Hello all,

I've just completed sitting the ISC2 CCSP (Certified Cloud Security Professional) exam. Unfortunately, i scored 669 out of 1000, with the required passing mark being 700.

My thoughts.

A very difficult exam, that tested my comprehension of the English language rather then the content. Very wordy, with long story based questions.

I studied for this exam using only the "Official (ISC2) Guide to the CCSP CBK" from Amazon.

A word of warning, you will not achieve a passing score on this exam confidently, let alone a top grade using this book.

The fact that i got so close to a pass, was solely due to my own experience in this space.

To prove my point, i have just cross referenced the domains that ISC flagged as being my weakest with the domains in the above book to see the specific areas i can improve on and i can not see any information that remotely relates to the concepts/questions i received in the exam.

ISC2 are offering the "Official (ISC)² CCSP student workbook (electronic version)" as part of their on demand training package for $495. I have no idea if this is identical to the other "official content" sold on Amazon that i used. I'm assuming "official" has another meaning to the folks at ISC2.

I'm going to re-sit this exam in 30 days, but not sure what to use to study.

Comments

  • havoc64havoc64 Member Posts: 213 ■■□□□□□□□□
    Hello Swish,

    First Sorry for your experience, hang in there.

    Secondly, I can relate to your experience with the book. I had a very similar experience with the CISSP books and test. The Official (ISC)2 Study guide was not good enough as a single source of material to pass the test, and as per (ISC)2 it's not meant to be. I took the official (ISC)2 5 day class and the class book, although better than the official guide, still was lacking. Fortunately for me, there is an abundance of material out there to study for the CISSP. That is not the case with the CCSP. As a newer certification we are caught with the situation of not enough study material. That fact that you scored so well with a limited study reference shows that you are experienced and have a lot of practical knowledge and you should feel proud that you did as well as you did.

    Take what you can from the test, brush up on those areas, and strike again is what I'd recommend. Good Luck.
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
  • cwelbercwelber Member Posts: 38 ■■■□□□□□□□
    This forum and the combined notes helped me pass CISSP, so hopefully as more of us try it there will be a cloud combines notes.
  • madhavanragmadhavanrag Registered Users Posts: 4 ■□□□□□□□□□
    Hi Swish45,

    Sorry to hear you fail, but I wish you all the best and am sure you'll clear the exam next time around.

    Are you doing the ISC2 on demand training? I have heard it is good summarisation of CBK though the real exam is structured to be more of scenario driven..(as you would expect so given the ratio of 4 hrs exam to 125 qs)..

    Can I ask your background? E.g. cloud sec.exp , info sec exp.
  • swish45swish45 Member Posts: 30 ■■□□□□□□□□
    havoc64 wrote: »
    Hello Swish,

    First Sorry for your experience, hang in there.

    Secondly, I can relate to your experience with the book. I had a very similar experience with the CISSP books and test. The Official (ISC)2 Study guide was not good enough as a single source of material to pass the test, and as per (ISC)2 it's not meant to be. I took the official (ISC)2 5 day class and the class book, although better than the official guide, still was lacking. Fortunately for me, there is an abundance of material out there to study for the CISSP. That is not the case with the CCSP. As a newer certification we are caught with the situation of not enough study material. That fact that you scored so well with a limited study reference shows that you are experienced and have a lot of practical knowledge and you should feel proud that you did as well as you did.

    Take what you can from the test, brush up on those areas, and strike again is what I'd recommend. Good Luck.

    Thanks Havoc,

    Appreciate the kind words. Having read the CCSK material after the exam, i would say the CCSK material and NIST reference sheets would be more appropriate then the Official CCSP CBK found on Amazon.

    Especially, the NIST material. There was a lot of overlap with the exam in terms of depth required.

    Having to wait 3 months before i can resit the exam is horribly agitating. I'm itching to get back at this exam and score highly. I wont be satisfied with a pass... :)
  • swish45swish45 Member Posts: 30 ■■□□□□□□□□
    Hi Swish45,

    Sorry to hear you fail, but I wish you all the best and am sure you'll clear the exam next time around.

    Are you doing the ISC2 on demand training? I have heard it is good summarisation of CBK though the real exam is structured to be more of scenario driven..(as you would expect so given the ratio of 4 hrs exam to 125 qs)..

    Can I ask your background? E.g. cloud sec.exp , info sec exp.

    Hello madhavanrag,

    I'm contemplating the on-demand training offered by ISC2. But i hope its not a rehash of the "Official ISC2 CBK" found in Amazon. Because if thats the case, then it wont be worth the price.

    I currently work heavily in the cloud security space. To be honest. What killed me in the exam is the legal and compliance domain.

    I sensed that because the exam engine has a habit of generating questions from domains that you answered incorrectly.

    So if you realise that your getting a whole bunch of questions from a particular domain, then you can beat that its your weak spot.
  • Falcon56Falcon56 Member Posts: 94 ■■■□□□□□□□
    Just throwing this out there. ITPro TV has video training that is 12 hours and 46 minutes. I haven't watched it, but if you are planning on any other certs, it may be worth it. If you are only planning on CCSP, the ISC package is probably a better option.

    Good luck on your next attempt at the exam. Sounds like you are really close
  • swish45swish45 Member Posts: 30 ■■□□□□□□□□
    Falcon56 wrote: »
    Just throwing this out there. ITPro TV has video training that is 12 hours and 46 minutes. I haven't watched it, but if you are planning on any other certs, it may be worth it. If you are only planning on CCSP, the ISC package is probably a better option.

    Good luck on your next attempt at the exam. Sounds like you are really close

    Thanks Falcon56
  • chickenlicken09chickenlicken09 Member Posts: 537 ■■■■□□□□□□
    is the CCSP cert gaining any traction? is it recognised much or useful for the cv?
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    eddo1 wrote: »
    is the CCSP cert gaining any traction? is it recognised much or useful for the cv?

    It's a few month old cerification with only 72 ccsp's in the US and 1-2 scattered across the other countries. Time will tell, 1-2 years.
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    eddo1 wrote: »
    is the CCSP cert gaining any traction? is it recognised much or useful for the cv?
    Cloud usage is increasing as companies explore cloud options. CCSK has been around longer and CCSP builds on it.
    I have seen job postings asking for CCSK but not CCSP. As @theForce mentioned, time will tell.
  • swish45swish45 Member Posts: 30 ■■□□□□□□□□
    eddo1 wrote: »
    is the CCSP cert gaining any traction? is it recognised much or useful for the cv?

    Time will tell. But the knowledge provided is certainly useful.

    Concepts such as Crpto-shredding which are covered in the curriculum, provide solutions to issues around the secure destruction of data that are specifically applicable to the cloud.

    When you owned and had physical access to the data stored in a data centre, you could remove the hard drive and physically destroy the hard drive.

    Folks don't have that option any more.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    TheFORCE wrote: »
    It's a few month old cerification with only 72 ccsp's in the US and 1-2 scattered across the other countries. Time will tell, 1-2 years.

    Where did you get the info, my Google game seems to be not worthy atm.
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Where did you get the info, my Google game seems to be not worthy atm.
    Scroll down to the CCSP section.
    https://www.isc2.org/member-counts.aspx
  • gudguy1agudguy1a Registered Users Posts: 3 ■□□□□□□□□□
    swish45 wrote: »
    Hello all,

    A word of warning, you will not achieve a passing score on this exam confidently, let alone a top grade using this book.

    The fact that i got so close to a pass, was solely due to my own experience in this space.

    To prove my point, i have just cross referenced the domains that ISC flagged as being my weakest with the domains in the above book to see the specific areas i can improve on and i can not see any information that remotely relates to the concepts/questions i received in the exam.

    I'm going to re-sit this exam in 30 days, but not sure what to use to study.


    Hello Swish45,
    see my reply on those very, very specific key points you raised, on this site:
    www.techexams.net/forums/isc-sscp-cissp/116570-ccsp-certified-cloud-security-professional-practice-questions.html
    I was hot to trot over my results as well -
    not a very happy camper...!!!

    Unfortunately, you will want to read the CSA v3.0 guide (177 pg) and the ENISA doc (125 pgs).
    Then of course, skim over that blasted CCSP book again, in case they ACTUALLY do have questions from the book on your next exam.
    Good luck.
  • User2097User2097 Member Posts: 41 ■■□□□□□□□□
    Thanks for the post. This was something I was going to look for in the future, but may have to wait for more stuff to come out.
    Cert Goals: CISSP-ISSAP (May 2016) | CISM (2016) | GSEC (2016) | OSCP (2017)
    College: MBA Project Management (2012) | Bachelors IT Management (2010)
    Experience: Cyber Security, Information Assurance, and IT Management Officer
  • JaggerJagger Registered Users Posts: 1 ■□□□□□□□□□
    Source material (CBK) alone will not do it. On line course is provides little preparation and is little more than a regurgitation of the CBK.
    Wordy "real life" situational questions abound. Same for me - 648 score due to experience with marginal value from course material.
  • LarryFormLarryForm Member Posts: 21 ■□□□□□□□□□
    Hi Swish45. I failed with 694 on August 17th. I have worked and currently work in a SaaS company and studied for this exam carefully but still failed.
    I like your analysis of the exam. Too wordy as they were testing language and not subject matter.

    I truly don't know what else to read but I will try to remember a few challenging questions. Some have to do with:

    - Hyperjacking
    -FedRAMP
    -ISO 17799
    -DevOps

    I wish I can remember more. There are two ISC2 official books on Amanzon and I have both. I read one before the exam and now going over the other one.

    I will take the exam as soon as I have extra cash. Can't wait to get over this one and start studying for CISA and CISM.

    Thanks again.
  • bk6662bk6662 Registered Users Posts: 1 ■□□□□□□□□□
    I know this is an old post but I just had to respond. I took a CCSP class a couple months back, where they used the brand new (published 2017) ISC2 Official Exam Guide to the CCSP. Had a busy few months, so finally got around to taking the exam today. I felt extremely comfortable with the material in the book, so was confident when I walked in. Walked out with a score of 618 icon_sad.gif

    I'm really disappointed with my results, but also with the exam. I understand the concept of "Best Answer" but in many cases, there was no best answer. I only saw a handful of questions that I recognized from the book; the rest were foreign. Fortunately I have a lot of experience in InfoSec (but not Cloud sec) or I'm sure I would have scored much worse. But at this point I don't know if I'm going to bother taking another attempt. It's a ridiculously expensive exam, and not really that much benefit (to me) to gaining the certification. Just wish I could say my failing the exam was due to lack of preparation, but that's not really the case (although in hindsight I guess I should have found additional material to supplement the "official" study guide).

    Swish45 I'm curious - did you ever go back and prevail? What material did you (or anybody else here) find helpful? Please advise if you think it's worth a retake.

    Thanks!
    BK
  • luciano.feluciano.fe Member Posts: 7 ■■■□□□□□□□
    Add me to the failed CCSP list. I agree with @bk662 that the "Best Answer" is some cases does not exist. I would like to meet and give feedback on who prepared the questions, as 10/15 of them English is very poor. You do not even understand what the question is asking. I sent an email to ISC2 support to include a feedback windows for each question, because guys, people trying this certification are not stupind and they have experience and knowldge in this area. I am in the security field more than 10 years and some questions were without sense or with not "best answer" as the question does not give enough information about the scenario. I will try again next october. icon_sad.gif
  • vCISO2017vCISO2017 Member Posts: 51 ■■■□□□□□□□
    Luciano.fe,
    Agreed on a number of your points having both failed and passed this exam - have a look through my posts on the subject - the key is unlocking the ISC2 questioning method, the answers then begin to present themselves.
    CITP | CCSP | CCSK | AWS CCP | VCP | CISM | CGEIT | CIPM | PMP | MCSE, etc.......
  • SdudeSdude Registered Users Posts: 1 ■□□□□□□□□□
    I also can be added to the failed CCSP failure list. Any suggestions on”how to unlock the questioning method”. Does anyone have suggestions for a CCSP boot camp?
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Bootcamps have limited value depending on your expertise. How did you study for this test? Also, what is your IT background?
  • bjpeterbjpeter Member Posts: 198 ■■■□□□□□□□
    cyberguypr wrote: »
    Bootcamps have limited value depending on your epxertise. How did you study for this test? Also, what is your IT background?

    I agree with cyberguypr. I have never used a bootcamp. I used the official (ISC)2 books and Quizlet to help me pass my exams.
    2021 Goals (2): SSCP, eCPPT
    Achieved (27): Certified Associate in Python Programming, Microsoft Certified: Azure Fundamentals, PenTest+, Project+, CySA+, Flutter Certified Application Developer, OCP Java EE 7 Application Developer, CCSP, OCP Java SE 11 Developer, CISSP, Linux+/LPIC-1, CCSKv4, OCE Java EE 6 JPA Developer, CSSLP, Server+, Cloud+, Arcitura Certified Cloud Professional, CASP+, Mobility+, Storage+, Android Certified Application Developer, OCP Java SE 8 Programmer, Security+, OCM Java SE 6 Developer, B.S. and M.S. in Computer Science
  • vCISO2017vCISO2017 Member Posts: 51 ■■■□□□□□□□
    Hi,Sorry to see that you missed this pass mark - What I mean by "unlocking the questions" is you have to read, pause and then re-read the question. Look for the particular use of verbs. Remove non-required content. A lot of questions on the exam are not in the books and are not straight forward rather are re-worded variations and require interpretation. My advice for what its worth would be to take a break during the "cool off" period, zoom in when you are ready on your three weakest domains, really understand the fundamental concepts and go at it again with the question analysis method. You might be pleasantly surprised the 2nd time around, fingers crossed!
    CITP | CCSP | CCSK | AWS CCP | VCP | CISM | CGEIT | CIPM | PMP | MCSE, etc.......
Sign In or Register to comment.