Hi All,
Today, I provisionally passed the CSSLP exam.
Below, I summarize my notes about my preparation and my exam experience.
Preparation: I read and practiced the following materials
.
- First, I purchased and read through the CSSLP Certified Secure Software Lifecycle Professional All-in-One Exam Guide, Third Edition.
- The above book gave me free access to practice questions at Total Seminar Training Hub (https://hub.totalsem.com/). Unfortunately, these practice questions were hard to understand. the wording is very complex and sometimes they do not make sense, so I gave it up after some tries.
- The next book I purchased and read was the Official (ISC)2 Guide to the CSSLP CBK 2nd Edition, that I felt as a kind of out-of-date book to learn from.
- At the end I decided to buy a 180 day access to the Official ISC2 CSSLP Online Self-Paced Training which I think it generally worth to purchase. It included the following
- The CSSLP Official ISC2 Textbook, 6th Edition via the BookShelf mobile and desktop apps. This is a good book. Easy to read and understand and it generally covers a great material for the preparation.
- A Customized Certified Secure Software Lifecycle Professional (CSSLP) Learning Experience at https://obrizum.io/ . This online training is based on the lightweight version of the official textbook. So just completing the online training will not cover the whole official textbook above. The online training includes the following:
- Online material for all the 8 CSSLP domains
- Domain Catalog that is a lightweight extract of the official textbook
- Additional, recommended resource links (NIST, etc. materials)
- 35 practice questions per domain
- Full 150 exam practice questions at the end
- The practice questions generally are good and the analytics at the completion of practice questions (surveys at the end of the domains and at the end of the full practice questions) are helpful. They show which domain(s) you need to practice more and how you improve your knowledge over time.
- Please note that you only can answer a question 5 times. After that the question becomes unavailable. So, you may not be able to complete the full exam questions any time. After the fifth tries that question becomes inaccessible.
- My issues with some of the questions and the online training you can read here
- The actual ISC2 CSSLP Exam today used 180 minutes and 125 question. Surprisingly, after the registration and the security process, I started my Exam (the actual questions) around 12pm and finished around 2.40pm, just two minutes before the expiration - not sure how this was 180 minutes though. I did not find any questions from the Official ISC2 CSSLP Online Self-Paced Training and sometimes I found hard to understand the questions. They need some refreshments.
And finally, my experience with the ISC2 Customer Support.
After using completing the Official ISC2 CSSLP Online Self-Paced Training, because the practice questions became inaccessible soon, I considered and purchased a 30-day Extension for the earlier purchased 180-day Access Course to do some more practice questions.
Unfortunately, after paying the USD $230 for the additional 30-day Extension, it turned out that purchasing the extension does not include re-establishing the access to the practice questions. I saved the screenshots of purchasing the 30-day Extension and none of the screens says what level of access will be given or what access restrictions the Extension will provide you with.
I sent an email to the ISC2 Customer Support for explanation, I asked them to reimburse my payment as I only purchase the extension for the practice questions, but they denied my claim. I offered to give an exam voucher for the same amount that I could have been used for my CSSLP exam, but this email was not even answered.
In summary:
I'm happy to answer any further questions.
Thanks
Norbert
