cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bentan74
Newcomer I

Passed my CSSLP exam today (Just sharing)

Would like to share my approach for the exam, passed today on my first attempt.

 

1. I attend the ISC2 class and read the student guide v5 and also read the 2013 official ISC2 CSSLP CBK. Read both books twice within 2 weeks and attempts all their questions to resolidify my understanding.

2. Also read OWASP Top 10, SAFECode material to under them more.

3. During the exam, think as a security manager/PM since their questions are more testing your experience and knowledge in SDLC, security concepts and project management.

 

Hope it helps, good luck to all.

 

Study hard and earn it, you will feel a sense of satisfaction.

 

Ben

32 Replies
Early_Adopter
Community Champion

Sorry to hear that - did the system provide feedback on which domains you needed to work on? I used a part time online review seminar with ISC2, 'Threat Modeling' and the CBK and didn't have any issues, but I'd worked as a PM for about five years at that point and handled a lot of bug fixes across multiple products with supply chains in multiple countries.

These might be helpful:

https://www.isc2.org/Certifications/csslp/Certification-Exam-Outline

https://www.isc2.org/-/media/ISC2/Certifications/Exam-Outlines/CSSLP-Exam-Outline-Sept2020.ashx?la=e...

https://www.isc2.org/certifications/References - I would focus on NIST and OWASP here first.

swh5a01
Newcomer III

I would say, draw a map for your understandings for the exam outline. Linking all the nouns in the exam outline and explain to others. This method helped me to passed CSSLP and CCSP

Rohit_CSSLP
Newcomer III

Thank you so much for your response. Could you please share your experience as to what study material and practice tests you referred for the exam preparation.

I attended Bootcamp training from a vendor called Training camp and studied thoroughly the ISC2 official study material (edition 5), but still failed.
Rohit_CSSLP
Newcomer III

Thank you so much for your post. Could you please share your experience as to what study material and practice tests you referred for the exam preparation.

I attended a Bootcamp training from a vendor called Training camp and studied thoroughly the ISC2 official study material (edition 5), but still failed.
swh5a01
Newcomer III

I only used exam outline and CBK. CBK only the dictionary to me and exam outline helps a lot. And, of course, the experience of putting all things together would help. Thinking strategy should be you are going from DevOps to DevSecOps, what should we do and why? This question is the huge help

Early_Adopter
Community Champion

DevOps is just a series of pipelines...
Kyaw_Myo_Oo
Contributor III

Hi Ben,

Congratulations. Thanks for sharing.

 

 

Kyaw Myo Oo(Mr.)
CCIE 58769 | PCNSE | CCSE | CISSP | PMP

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | SAA-C03 | CCSM | CISSP | PMP
swh5a01
Newcomer III

Yep, but in DevSecOps, what kind of test you should do and why is the more important. The reasons behind the test should be related to mitigates some of the risk in the whole picture. So, that's how the exam benefits me and helping me to leading the DevSecOps project in my company.

Early_Adopter
Community Champion

Yes. Sorry, I was just riffing on "The internet is a series of tubes..." rather than necessarily saying anything about the process or security.

CSSLP I think is probably to me the most useful ISC2 certifications I hold simply because, it's CBK has quite a narrow focus but binds together a lot of disparate areas, and it helps you to quickly articulate what is going wrong and how best to fix it.
Rohit_CSSLP
Newcomer III

Could you please recommend a trusted site for the sample exam practice question?