Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Viewer II


I am so disappointed, I studied and understood the content of the CCSP coarse.  The problem I have is that ISC2 made this test ridicules and I remember the questions.  Nothing I studied prepared me for the type of questions and the content is not difficult but you guys are getting my $$ to try to take it again.


The problem is I don't know where to study to get prepared for the trick questions.  One question asked about content specific what I read and the correct answer was not there.  There were two close to the answer and should have been it but the answers were incomplete.


I did see now there is a book that is addressing the exam questions but there is no reason I should have to buy two books to prepare for an exam.  I know why the content is made this way and good job.  



4 Replies
Viewer II

Take time to identify all the misdirection of ISC2, they focus in on terms not defined specifically in their book.  I.E. Data Dispersion was covered in my test first question and there is nothing in the books index or glossary of terms that covers Data Dispersion.  


If it is soooo critical, why not focus on it in the book.  ISC2 has really done well in making this test ridiculously difficult and does not prepare you with its resources.


From my understanding, I cant pass and ISC2 CSSP coarse with the single book.  You have to get multiple books and other resources to pass.  That makes no sense and I teach for a living...  The coarse material is pointless if you want to pass learn to take the test not the content is what is being understood. 



Community Champion

Yeah, it's a very tough exam. I still maintain to this day it's the toughest one I've taken out of six ISC2 exams. I came out with a stinking headache due to the mind-bendingly abstract and incredibly verbose questions I faced.


I used the official study guide too, and due to the way I liked to study at the time also purchased the official practice tests book. The practice tests book highlighted some areas that were only skimmed over in the study guide so I found online references to help fill in the gaps.


There is also a lot of CISSP material tested on the exam which also isn't covered in the study guide to any great depth but that was fine as I knew that already.


I also had extensive experience in designing and deploying secure, cloud-hosted solutions in AWS and Azure and needed to rely heavily on that to help get me through.


I was incredibly happy to learn that I passed the exam as I was handed my results sheet as there was no way I wanted to go through that experience again so I can completely understand how you feel.


Since then, mostly due to the lack of good practice tests available for the subsequent certifications I have passed, I completely changed my study methodology. At the end of every ISC2 exam outline it's stated:


Candidates are encouraged to supplement their education and experience by reviewing relevant resources that pertain to the CBK and identifying areas of study that may need additional attention. View the full list of supplementary references at


I now exclusively use the suggested reference list for my study material and read as many references as possible. All questions and correct answers you will face on any ISC2 exam can be traced back to information found in one of those references. I can't tell you how much easier it makes an exam when there's nothing in there you haven't read about before.


Good luck with your next attempt!


Newcomer I

I agree with Alec, it would be extremely difficult to pass the CCSP by reading just 1 book.  I studied from 4 or 5 different sources for 4 months, then took the 6 day Boot Camp (by  The Boot Camp introduced a hundred new things that the other books and videos didn't cover.  I passed on my first attempt.


When I took the exam, I kept seeing questions that were not covered in my numerous other sources. Those were probably the questions that didn't count. 


The CBK Suggested References ( are DEFINITELY a good thing to look through.  You probably won't need them all, but reading several of them is recommended. 


I also highly recommend a boot camp.  Then take the exam within a week before all that knowledge drains out of your head.


Rottweiler  CISSP, CCSP

Contributor II

You know what ?


I completely disagree with this.


If the ISC sells books that are supposed to be the "official study guides", then the exams should follow the book.


they should not require you to start searching the ether to find additional information that was not even in the book to start with.


That is pure malarky and bs, to put it as mildly as I can.


I was considering taking the exam after purchasing the book, but I have decided to drop it. I can do without the additional certification in this case.


When I did my CISSP back in 2004, which was probably the hardest exam I've ever taken in my life (and I matriculated on Shakespeare), the material in the book was the material in the exam. I did not need any additional references.


I did the course because I wanted the group thought process, but I didn't have to.


So if it's different now, I don't need the headache (not before or after).


thanks for the heads up.


Mike Glassman, CISSP
Iguana man