Before you start looking for a tissue to hand me because you think I need to wipe tears away, think again. Failing twice stinks! That's it. I'm over it.
If you are going to pursue this certification, the first thing you are going to find out is IT'S HARD!
English isn't my first language and I remember sitting in my U.S. Citizenship interview pointing out the grammatical errors on the English test they were giving me. Definitely had a couple of those situations today that I had to get past. I say "1 and 1 = 2" while other English speaking countries say "1 +1 = 2". Had a few of those types of questions today.
Here is my advice, so fasten your seat belt!
When looking at training options, evaluate carefully!
1. If its free (youtube), I usually can't afford it. I found a free course from a person that works at a Regional bank. Nice looking documents, but some errors in the videos and the documents that are very distracting. Be careful with free.
2. If you subscribe to a course and in one of the early video's the person spend several minutes telling you about a beverage they drink every night and that you may hear them opening a can of it, well, probably best to do what I did and cancel the subscription. At one point, I pointed out a very wrong statement in their material. Although the author seemed to agree, they brushed me off and stated if a few more people pointed it out, they would consider making a change.
3. Do you use Udemy? There is an older course there that covers "what you need to know" and you can get the new course from that person's website. Spoiler alert: what I did the worst on in both CCSP attempts is not covered in that course. At least 3 sections of the Exam Outline on ISC2 list the missing materials as being testable.
4. When you find a course, paid or free, look at some of the other courses from that person. How many courses do the have? What are they certified in? I usually listen to the first hour or so of the other courses and if they tell me that passed CISSP (or anything else) back when it was all done on paper and you had to wait for the grade, that's a complete give away that they haven't sat for the test recently. As for me, anyone remember Novell? I was one of the first 1,000 CNE's ever certified, so I have taken a cert test or two.
I get that there is a huge bank of questions from which only 125 are selected, but I promise, my two tests were as different as night and day. I can't point to one set of materials that have made me successful, because I haven't been successful. Personally, I am a hardware/admin kind of guy and have done very little programming (see Domain 4, section 4.2, 4.3 etc.), but a lot of security. Maybe that's where I am tripping. I'm a big boy, I'll dust myself off and try the test again at some point in the future.
If you read this far, then go here: https://www.isc2.org/certifications/ccsp/ccsp-certification-exam-outline
Read it closely, start over at the top of my email, read the exam outline again, and then figure out the best approach/materials for you!
Recently, I attended a webinar where the presenter stated that the test writers, the study materials and the actual test are not aligned and may not be communicating that well; I agree. They also pointed out that this is not an R & R (read and regurgitate) test which is what you are used to from the academic world. This certification is about learning how to apply a massive amount of concepts and a handful of definitions.
Those are my thoughts and my opinions, I welcome yours.
