The $50 annual payment is what ISC2 calls it's "AMF": annual maintenance fee.

Call it your membership fee. Without paying that fee, you are not allowed to say on your resumé that you're officially ISC2 CC certified. 

The same scheme applies to SSCP, CISSP and the other "big brothers" of the CC exam.

Of course the practice questions aren't on the exam! Why would ISC2 tell you explicitly the questions that will be on the test? No proper educational institution does that. 

Hi I read your post, men you are 100 percent correct. 

Do you have a specific c++ resource you can send to me? I took the CC exam two days ago I did not pass it. The assessment test is absolutely and totally different from the exam, and that was my mistake. I dependent on the self pace assessment learning but it’s a complete and total different question form the exam. it didn’t help me at all. I’m preparing for the second test next year 20223 so I need to do some thing differently in terms of practice, if you have any c++ resource kindly send to me.

taking exam on 11/7/24! Definitely in need of a study partner! I really love these flowchart  but started to realize that the ports and specific security controls are not on here and the practice tests have had technical like SIEM and PORT questions that really surprise!

let us study! first thing I've been hearing to re-study are the Canons! I did the mnemonic device: PAPA! protect, advance, provide and act!  *I had to switch to the next day so that I am not taking the test the day right after work! Also was able to stop at the Pearson VU testing center and confirm the test date and time! Don't forget to sign your second ID lol, ss card or debit card must be signed.

you have the mike Chappel guide! I am strongly considering getting another Linkedin subscription to access his course however Linkedin makes it impossible to get them to stop charging you lol, might be ok with his youtube videos while making sense of the material through notes!

@eagleseyes 

Is there a thread in the study group where its more appropriate to break out the mnemonic devices that i put together lol: 

for the OSI 7-layer model "please do not touch superman's private area" for physical, date, network, transport, session, presentation and application? which is by far the most fav/memorable..

little at odds with the armadillos take in new ants; it stays in the memory, but it may not line up exactly with the TCP stack ISC2 has:

application, transport, internet, network access... vs ISC2 "layers" application layer, transport layer, internet layer and network interface layer..

it seems even more important than the order or what they particular roles are but what the vulnerabilities/tools are appropriate for each level..

1 physical - cable manipulation to (CPTED[like those underwater servers of google?]) 

data link - vlan hopping to (vlan segmentation [overlapping vlans were an awesome use of switches])

network layer - DDoS attacks! to (access control lists, IDS and IPS [IDS typically being cheaper than the IPS])

Transport layer - port scanning to (secure transport protocols)

Session layer - session hijacking to ( session timeouts)

Presentation Layer - phishing to (cyber security training and secure coding practices)

7 Application Layer - cross-site scripting (XSS) to (regular security updates and patches)

that flow chart link was not made by me, but these notes were, sin embargo (nonetheless) I cannot yet vouch for their strength as I haven't taken the exam yet, and once I do I am pretty sure I cannot be submitting here which notes I felt helped the most with too much detail.

It seems other previous test takers kind of "on the nose" try to bring attention to the canons, not something you want to accidentally think you have in the back pocket and then not have them when you need during the exam... it seems that the CISSP (my goal for next cert) hugely bases an understanding of those canons to be present within the tester, so heres to getting started early! lol

pretty sure a moderator will redirect me if need be lol