Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ISC2 Team

CISSPs: How did you prepare for the CCSP exam?

As a CISSP who studied for and passed the CCSP exam, how did you prepare?  What did you find valuable?  Did you learn through self-study, if so, what books did you buy?  Did you attend an official training course, if so, which one?  What was your study plan?  What's your secret for success?  We want to hear from you! 



98 Replies
Viewer II

I took the review course that SANS offers.
Viewer II

Where can I starts? in my case, on the job experience helped. I self-study for about a month. My resourses included the CISSP Training podcast on iTunes (free), Mohamed Atef CISSP Course and exams on Udemy and an enrollment in The sunflower document provide by Dr. Mohamed is really a great resourse.


Keep in mind studying questions is not going to help you out with any ISC2 exams. understanding the concepts whitin each subject is the only way you will concur the beast. Good luck! 

Viewer III

Not being sure of what was on the test, I decided to go to a boot camp.  While at the boot camp, I discovered that basically the CCSP is the same as the CISSP content-wise.  My experience with the cloud environment and dealing with Cloud Providers bridged the gap in the knowledge I needed to take the CCSP exam.  I will say this though - the boot camp was great because part of the teaching was techniques for taking the exam which is what I needed reminder about the most.  The CCSP book is horribly written and appears that the chapters were written in isolation and repeat content throughout the chapters.  And since all of the test are taken from submitted questions from professionals, you never know what questions you will get or what answer the submitter expected (even if it goes against what you know from experience).  By taking the boot camp and going back over exam techniques, it reminded me that I need to forget my experience in the field and go by what the book said.


But overall, if you are confident in your ability to take the exam and analyze the questions for the correct answer, I feel that there is no need for a boot camp.  Just remember that the CCSP book is written horribly but there are plenty of other sources (other books, online, etc.) that you can utilize to study for the test.  I also used these in the evenings when I wasn't in class.


Shane C. Williams, CISSP, CCSP

Enterprise Information Systems Manager (ISSM)

J612 CyberSecurity Program Management Assurance

Defense Logistics Agency


Hello!  I have been in IT industry for a while but the best advise that was given to me was to take the exam as manager/ management and not tech/admin. Exam is partially technical but I personally would not consider it as technical. Also I purchased sybex books and practice exam book that accompanied the book. Exams gave me idea how answer elimination works and yes every exams have their own way how answer/options can be eliminated. Here I noticed you will be left with in most cases 2 options and to make the final decision I remember recalling information on one of the two answers to narrow down and make the final decision. Hope this helps.

Viewer II

I took the OnDemand course and followed up with reading the CBOK from both ISC2 and CCSA. Practice tests were a good way to find/focus on areas where my knowledge was still incomplete. A great aid for me was a couple of testing apps I downloaded to my mobile devices to run through quizzes and flashcards whenever I had a chance to review. I was also actively working on cloud implementations so reading about Azure, AWS, etc. and the online material from both ISC and CCSA helped me to link the CBOK with what I was seeing in the vendor offerings. That tends to cement the concepts and understanding.


Test taking approach is also key. Answer everything you are confident in first and take another pass to pick up those questions you skipped. That leaves the most time to think about those questions/topics that seem harder to answer.


Finally; get a good nights sleep before the test. That will provide you a better edge than cramming in a few extra hours of study time.

Newcomer II

Good day,


As mentioned the Official Study Book from ISC2 is not enough.


You have to read both NIST 800-145 and NIST 800-146.


Read the Cloud Security Alliance Security Guidelines Version 3 (the exam is not updated to version 4 yet)


Read the ENISA guide as well.


Do quizzes to get familiar with all of the topics.

Best regards






Owner and Founder of the CCCure Family of Portals
Our quiz engine is at
Our Learning Portal is at
Viewer II

I took an official isc2 5 day training course with the test administered on day 6.

Newcomer I

I'm using the official study guide, for self-training.



Viewer III

For studying, I used


  • Adam Gordon ISC2 videos - (3 or 3.5 out of 5)
  • CYBRARY Kelly Handerhan CISSP course (3.5 out of 5)
  • ISC2 CCSP flash cards (3.5 out of 5)
  • Official ISC2 CCSP Training Guide / CBK (2 out of 5) -> ISC2 really needs to be rewrite this. 

Having a CISSP certification and the experience of having taken that exam definitely helps with the CCSP exam taking. For actually passing the exam, I found that it was my practical, hands-on experience at work with private and public cloud setup and implementation, cloud strategy and governance, and cloud provider evaluations that made the difference.  


Without the actual experience and the CISSP, the CCSP exam would be tough for a newbie (to cloud computing) as it requires application of knowledge that is not available through book learning. An instructor led class would be necessary in such cases IMO.


Viewer II

Planned for 6 months of intensive preparation.


1st month

  • Started with CISSP Official Study Guide.
  • Took advantage of the online access to tests and flash cards.
  • Flash cards were a great way to memorize the content, but tests were a great way to validate my understanding of the concepts.
  • Read all chapters. Did not skip anything. Internalized the concepts.

**At this time I booked the exam, put skin in the game because I was quickly losing motivation at this stage.**


2nd month

  • Took many notes, digital and written. Kept going through the notes every day.
  • Started the CISSP training by Kelly Handerhan. The videos are very high level but Kelly explains the concepts beautifully with analogies and humor.
  • Kept memorizing the content using flash cards.
  • Started taking exams from online websites. CCCure and Skillsets (Always aim to take 100 questions at a time and then go on to 200 and more. The actual exam is going to be long. Most people take all of the 6 hours available to them. Your patience and perseverance is going to be tested. I realized this late in the study cycle and was really stressed about sitting in one place giving the exam for that long.)
  • The facebook group CISSP Exam Preparation Study Notes and Theory was a great forum to learn from others experience taking the test, ask clarifying questions and discuss various topics.
  • Created memory maps and tables for memorizing content and concepts.

3rd month

  • Continued to take exams. I was by now scoring 85% and higher.
  • I felt good and believed that I had memorized the flashcards and clarified all concepts.
  • Kept reading my notes and adding more to them.
  • Kept the positive attitude and keep telling myself that I will pass the exam with a great score! My wife was a great support throughout the study. I could not have passed the test without her support.
  • Took a break for 1-2 day just to rest and relax a weeek before the exam. This greatly helped reduce the stress and got me rejuvenated for the last mile.
  • Took the exam in October 2017. It took me almost 5 hours to complete the exam. It was very tiring but I was thrilled to get the result.