It is certainly a happy weekend for me. Glad to share that I provisionally passed the exam this afternoon. This one is special unlike other ISC2 certifications prepared with bootcamps. This time the preparation was completely based on the CBK material (read cover-to-cover once). Though, I subscribed for self-paced learning materials; I kept it for secondary reference if I had failed in the first attempt (availed Peace Of Mind Protection).    Next is to spend more time on threat modelling and related material reference in CBK, which is available towards the end of the book after chapter 8. 🙂      View More

Hi All,   Today, I provisionally passed the CSSLP exam. Below, I summarize my notes about my preparation and my exam experience.   Preparation: I read and practiced the following materials . First, I purchased and read through the CSSLP Certified Secure Software Lifecycle Professional All-in-One Exam Guide, Third Edition. The above book gave me free access to practice questions at Total Seminar Training Hub (https://hub.totalsem.com/). Unfortunately, these practice questions were hard to understand. the wording is very complex and sometimes they do not make sense, so I gave it up after some tries. The next book I purchased and read was the Official (ISC)2 Guide to the CSSLP CBK 2nd Edition, that I felt as a kind of out-of-date book to learn from. At the end I decided to buy a 180 day access to the Official ISC2 CSSLP Online Self-Paced Training which I think it generally worth to purchase. It included the following The CSSLP Official ISC2 Textbook, 6th Edition via the BookShelf mobile and desktop apps. This is a good book. Easy to read and understand and it generally covers a great material for the preparation. A Customized Certified Secure Software Lifecycle Professional (CSSLP) Learning Experience at https://obrizum.io/ . This online training is based on the lightweight version of the official textbook. So just completing the online training will not cover the whole official textbook above. The online training includes the following: Online material for all the 8 CSSLP domains Domain Catalog that is a lightweight extract of the official textbook Additional, recommended resource links (NIST, etc. materials) 35 practice questions per domain Full 150 exam practice questions at the end The practice questions generally are good and the analytics at the completion of practice questions (surveys at the end of the domains and at the end of the full practice questions) are helpful. They show which domain(s) you need to practice more and how you improve your knowledge over time. Please note that you only can answer a question 5 times. After that the question becomes unavailable. So, you may not be able to complete the full exam questions any time. After the fifth tries that question becomes inaccessible. My issues with some of the questions and the online training you can read here The actual ISC2 CSSLP Exam today used 180 minutes and 125 question. Surprisingly, after the registration and the security process, I started my Exam (the actual questions) around 12pm and finished around 2.40pm, just two minutes before the expiration - not sure how this was 180 minutes though. I did not find any questions from the Official ISC2 CSSLP Online Self-Paced Training and sometimes I found hard to understand the questions. They need some refreshments. And finally, my experience with the ISC2 Customer Support. After using completing the Official ISC2 CSSLP Online Self-Paced Training, because the practice questions became inaccessible soon, I considered and purchased a 30-day Extension for the earlier purchased 180-day Access Course to do some more practice questions. Unfortunately, after paying the USD $230 for the additional 30-day Extension, it turned out that purchasing the extension does not include re-establishing the access to the practice questions. I saved the screenshots of purchasing the 30-day Extension and none of the screens says what level of access will be given or what access restrictions the Extension will provide you with.   I sent an email to the ISC2 Customer Support for explanation, I asked them to reimburse my payment as I only purchase the extension for the practice questions, but they denied my claim. I offered to give an exam voucher for the same amount that I could have been used for my CSSLP exam, but this email was not even answered.   In summary: The CSSLP Certified Secure Software Lifecycle Professional All-in-One Exam Guide, Third Edition. book is a good book. The quality of the Total Seminar Training Hub's questions did not meet my expectations. The Official (ISC)2 Guide to the CSSLP CBK 2nd Edition is a bit obsolete. I don't recommend buying it. The Official ISC2 CSSLP Online Self-Paced Training covers a good material for the preparation (especially the official book via the BookShelf desktop and mobile apps and the practice questions) The limitation at the practice questions (answer 5 times only) is a big unfortunate so does the inflexibility of the ISC2 Customer Support. Here, I expected more the "Customer is always right" attitude. With a voucher, I would have spent that money for another ISC2 training or exam anyway which indeed will not happen unfortunately. I'm happy to answer any further questions.   Thanks   Norbert View More

I noticed many questions that comes within the self-paced online adaptive content have wrong answer selection and the explanation points out that another selection is the right answer than the one marked correct. see below screenshot   View More

Hi all, I've been preparing for the CSSLP exam for a while and would like to share some suggestions and comments about the material. I probably will not be able to summarize all of my suggestions in a single post, but am hoping that some of these will be addressed in the future to make the self-study material even more easily understood, comprehended and adopted.Unfortunately, I did not find a proper label for making suggestions/recommendations for content improvements. Hopefully, this also will be available sooner or later (or I may just use an incorrect place to do this - thank you for your understanding and patience).   From now on any of my suggestions will use the following structure:   Purpose: Why this suggestion is made. Current state: What the CSSLP material includes to help the area described under 'Purpose' Suggestion: Further improvements that can help the content even more accurate and optimized.   But first of all, I would like to thank ISC2 for creating the self-paced material and making available for the community.   = = =   Purpose: To receive more accurante feedback about the exam preparation material. Current state: The pages of the Domain Catalog at https://isc2.obrizum.io/org/csslp include a "Did you understand the content?" question at the bottom of all pages where the candidate can rate her/his understanding about the presented materal of the page in percentage (e.g.: 80%). Suggestion: While the percentage can provide some feedback to the content developers, it does not help about the exact areas where improvements may be recommended. I recommend adding a "Help us with your feedback" section on every page. This makes sure that the candidate has a fresh mind and idea about s/he found inappropriate or hard to understand, and a timely suggestion can be made to improve the content. View More

Just cleared ISACA CRISC in the last week and now looking forward to start preparing for CSSLP. I have Official CBK 2nd Edition with me and might be leveraging 180 days self study material from ISC2. Targeting to appear for the exam before March 2025. Curious to know if Exam peace of mind protection may be re-introduced any soon ? View More