I sat for the CCSP exam this morning and failed miserably. I was below proficient in 4 domains and near in 2. This is really frustrating as I did not feel I was a reflection of my understanding of the material. Plus, there is not a lot of detail on the results. I have my CISSP and CISM certifications and am somewhat familiar with the ISC testing process. Knowing what I know about the ISC exams, and the cost, I did not take this exam lightly. I studied for over 2 months using the following materials:
Ben Maslow' s ISC Official Study Guide - Second edition. Read cover to cover.
InfoSec's Online CCSP course with over 12hrs or videos, study material, etc.
Browsed the contents of "Official CCSP CBK" by Gordon.
I did all the test questions in both books as well as the Wiley database that comes when you register the book. The InfoSec course had a lot of questions and exams. Udemy practice exams with over 300 questions, and Pocket Prep. I was doing fairly well with those scoring in the 80% area.
Sitting for the exam I felt pretty comfortable with the questions. A few zingers here and there, but all in all I didn't feel horrible. I felt when I finished I had passed. I received only one page from the proctor and thought that's good..if I had failed there might be multiple pages with domains to improve in. Nope!
Anyway, a little frustrated and trying to formulate a new plan since obviously my last one didn't work. I will scour through here but was looking for some guidance or where to start again.
Well I have joined the club too, failed 😞
I attempted yesterday and surprisingly, I received the exact same result as yours, below proficient in 4 and near proficient in 2. I passed my CISSP last year, and soon after that I started preparing for CCSP, even though I had been a little on and off in my preparations, but I did cover a lot and that includes the below;
1. ISC official Study Guide (Cover to Cover 2 times)
2. ISC CCSP CBK -2nd edition (Cover to Cover)
3. Various NIST Publishing (skimmed through 800-37, 800-40, 800-53, 800-145, 800-146)
4. Watched Adam Gordons videos, 2016 from ITProTV (35hours+)
5. CSK Security Guidance v4.0 (Quick Overview)
6. Over 4000+ Questionnaire from various sources including ISC Office Practice Test
Even after then and after failing the exam, I can comfortably say that my preparation was not enough as per the exam standards, because official study guide and the preparation materials and preparation questionnaire covers only the concepts of the topics, whereas the exam requires deep down knowledge of every single domain and topics, and I also feel that once MUST have hands on experience in those domains to be able to answer, and yes a lot of questions were very confusing the way they were written and asked and unlike CISSP, where it was easy to cross-out 2 wrongs out of 4, in this exam all seems to be very close match, specially when considering the questions carefully.
To validate and certify my knowledge I would be attempting CCSK exam next instead of going for 2nd attempt for CCSP. Wish me luck!
P.S. I do have one regret, that I was not able to get hold of 2nd Edition of ISC Official Study guide, I hope there is not much of difference.
What I found on my CCSP training course was that unless delegates had actually been involved in procuring colo space or building a data centre facility then they found some of the material difficult to relate to. The CCSP seems to assume pre-existing knowledge, which isn't in the books.
Good luck with the CCSK! I did read the ISC Official Study Guide 2nd edition cover to back, twice. Highlighted many areas for reference and referral. Not much difference.
Just reading the CBK and doing the official practice tests is not enough to pass any exam in my opinion.
I have read extra materials like ISO standards, NIST, OWASP, CSA, OWASP, Enisa etc. Also I have been involved in cloud projects where architecture and technical implementations were part of it.
I came across more technical architecture and implementation related exam questions than I was expecting.
I suggest to do CSA CCSK (includes CCM) first (materials are free to download), read the CCSP CBK and search for extra materials you are not so familiar with and pay attention to implementation best practices. AWS and Azure have some good online materials and also CIS benchmarks could be helpful.
I could not achieve a passive-scaled score of 700 due to my performances as below. I come with a strong background in infrastructure and Data Security domains having more than a decade of experience. I have read all the official books listed by ISC2 and official practice questions. Some of the questions in the exam did not make any technical sense to me. I hold multiple security certifications from EC-Council, CSA, Redhat, Microsoft, and CompTIA. Please advise:
Domain ------------------> Performance
Domain 1 -----------------> Below Proficiency
Domain 2 -----------------> Near Proficiency
Domain 3 -----------------> Near Proficiency
Domain 4 -----------------> Near Proficiency
Domain 5 -----------------> AboveProficiency
Domain 6 ------------------> AboveProficiency
Perhaps take the results as feedback and work on the domains in which your received the lowest scores. When studying for CISSP I took practice tests on domains, read the explanations irrespective of getting the answers right or wrong, then on domains on which I didn't get a comfortable passing score re-read the material and made supplementary notes. On retaking the practice tests my scores improved by around 10%. You may have to go through 3 rounds of practice tests per domain.