Tomorrow is my scheduled CCSP test, so I thought that this would be a good time to document my test preparation activities.
I passed the CISSP last year and you can find my preparation information for that test at the link below.
Of course, I was able to use the Contract, SDLC and Legal knowledge gained from the CISSP to support CCSP efforts. Since my job functions are engineering focused, these are my weakest areas of knowledge.
In late April 2017, I watched the free Kelly Handerhand, (ISC)2 CCSP video series from https://www.cybrary.it and found it very good.
In May of 2017, I started watching the video on demand course for CCSP On-demand video course from (ISC)2. The course was well done but for some reason, my mind would wander during the videos. I wanted to speed up the videos to 1.3 to 1.7 times speed like I do for podcasts but that control was not available.
I read the PDF book for the course and found it very useful.
I also purchased the following books:
CCSP Certified Cloud Security Professional All-in-One Exam Guide by Daniel Carter
CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide by O'Hara
Before the (ICS)2 Congress (September 23-24), I took the two-day CCSP preparation class with instructor Dr. Lyron Andrews. This was a five-day class condensed into two days. Unlike the video class that I wanted to speed up, this one I almost wanted to slow down the delivery. To say the least I was fully engaged and scribbling notes as fast as I could. Dr. Andrews is a premier instructor and I wholeheartedly recommend any class he teaches.
This class provided me another book to use, the new CCSP Student Guide. This book has at least two issues, there is no index and it has a number of errors. Like on page 609 under ISO/IEC 27001:2013 Domains where it states "...ISMS Information Management Security System...". It should read "...ISMS Information Security Management System...". The book does use a very nice font for my old eyes.
On October 10, 2017, I took and passed the Cloud Security Alliance - Security Guidance for Critical Areas of Focus in Cloud Computing V3, (CSA CCSKv3).
In December, the Cloud Security Alliance will release the test for CCSKv4. Since it has been less than 12 months since I passed the CCSKv3, I will have the opportunity to take CCSKv4 for free!
The O'Hara book allowed me access to an online test engine to validate my ability to remember (or not) the unique vocabulary used in cloud computing and get into the right mindset for the test. I have been using this practice test engine during the past few weeks to probe my weak areas of knowledge.
Lastly, I have used a second test engine on my iPhone and iPad. I purchased it from "learnZapp" and it is called "CCSP Study - (ICS)2 Official App". A good test engine that does a fair job.
Neither test engine prepares the candidate for the critical thinking needed to answer the scenario questions that are used in these tests but experience and preparation helps.
One document that seems to stand out is "NIST Special Publication 800-146" while reading Chapter 4, I created scenario questions in my head and answered them. I will find out tomorrow if this helped me.
Either way, tomorrow I must comply with the CCSP NDA.