Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ISC2 Team

CISSPs: How did you prepare for the CCSP exam?

As a CISSP who studied for and passed the CCSP exam, how did you prepare?  What did you find valuable?  Did you learn through self-study, if so, what books did you buy?  Did you attend an official training course, if so, which one?  What was your study plan?  What's your secret for success?  We want to hear from you! 



98 Replies
Contributor I

For me, I obtained my CISSP back in 2008 and the CBOK's have changed a little bit.


I used Mike Myers Passport to CISSP (about 200 pages) to educate myself on the concepts of the various CBOKs.  When I couldn't understand a concept, I refered to the LARGE CISSP book by Shon Harris to learn additional materials and to use as reference. 

Additionally I had the reference materials from (ISC)2 and the training company I used for the bootcamp. I also discovered that I could teach the material to friends / family / colleagues, it helped enforce the material and allowed me to pass.


Have a least 2 CISSP books and take regular assessments to see how well you're understanding the material.


Review, assess, and review again.


Thanks for asking your question.  My journey to the CCSP was different than most.  I had been working hands-on in/with the Public Cloud space for a number of years prior to the CCSP.  My primary reference for preparing for the exam was the ISC2 CCSP CBK.  I had a very consistent study program following the SQ3R method framed within 20 minute study sprints (pomodoros, for those who are familiar with them,) and boiled the CBK down into mnemonic-friendly chunks, then memorized it over 3 months.  This is not as difficult as it may seem but rather a matter of consistent formal habit. 

Newcomer I

I'm using the official CCSP study guide.  I earned my CCSK many years ago and teach CISSP material to IT professionals at the U of Washington (Seattle).  I've worked in the cloud security space for 12 years and I am planning to do a light review of the book and give the exam a shot. Time will tell if I'm overconfident. 



Peter H Gregory | Senior Director – Cyber GRC
Newcomer I

I took a short course, and joined a free study group through the Austin OWASP chapter. Each person in the study group took turns presenting one of the domains, that was the most effective part of my preparation.


In addition the practice exams helped.


I took a 7 day bootcamp that was intense. Exam was on the last day. For me it was an excellent way to learn and was very effective. But that intensity isn't for the faint of heart. We were in class 8:00 am - 9:00 pm each day Mon-Fri and again from 8:00 am - 2:00 pm on Saturday. The test was on Sunday. My wife always has fun when we watch a TV show based in Boston (where my class was). She asks if I saw whatever we saw on TV when I was there. I flew in on Sunday night before class started. Never left the hotel until the following Monday morning at 0600 (it was dark when I left too). I literally didn't see ANY of Boston while there!
Todd A Voge

I found that online practice tests helped the most after going through all the material and taking notes. I used my notes to study and practice tests to gain confidence.

Contributor III

Well, I bought the CBK, read it carefully, motivated a number of collegues to join me  and we establised a study group at my company. We hired a consultant who briefed us and gave us a good generic overview of all materials in a 3 day course. I then re-read the CBK, made extracts, recapped the materials and sat the exam. Passed on first try.

Heinrich W. Klöpping, MSc CISSP CCSP CIPP/E CTT+
Newcomer I

How I prepared &  Passed CCSP

I passed  CCSP (Certified Cloud Security Professional) on 18 March 2017.  I  live in India. In India only 3 person are certified for CCSP  as on 18 March 2017.

Earlier Mile stones :

  1. CISA (Certified Information Systems Auditor) – June 2016 (Score 632/800, in top 10%)
  2. CISM (Certified Information Security Manager) – Sept 2016 (Score 624/800, in top 10%)
  3. CISSP (Certified Information Systems Security Professional) – 5 Nov 2016
  4. CRISC (Certified in Risk and Information Systems Control) – 10 Dec 2016 (Score 584/800, in top

Background :

  1. Tech. (Computer Science ) -1990 with more than 25 years of Experience as Vice President / Sr Vice President –IT in manufacturing organizations with major focus on IT security & SAP implementations.

My CCSP exam  preparation :

Note : I am bound by NDA with ISC-2.  So  i will not talk about actual exam pattern  or topics. I will talk  about difficulty level.

  1. I started my CCSP exam preparation from 15 Dec 2016 after passing CRISC.  I faced a lot of problem during CCSP exam preparation due to lack of available resources.  This was not a case with CISSP as lot of resources were available. I started with official CCSP CBK by Gorden.  I had read some reviews  that CCSP CBK  is not good to read & exam is not based on ccsp cbk.
  2. In Feb 2017, I purchased All in one by denial carter. It contains approx 300 question.
  3. I also referred some NIST / iso documents. Viewed Cybary CCSP  videos
  4. I rate AIO questions little higher than CBK / CCCURE (140 questions). But actual exam questions are quite different & difficult.
  5. CBK  vs AIO :

They cover almost same topics. AIO  has skipped some topics of CBK.  AIO  is written in all paragraph style with less no of bullet points.  I found very few figures in AIO.  I  think Mr. 

Carter will include more diagrams in his next edition. Some topics are better explained in AIO.  I will give equal weight to both.

  1. Overall I found this exam most tough exam than any other certification exam e.g.  CISA,CISM,CRISC,CISSP. I rate this exam higher than others.
  2. You can not score much by merely reading CCSP CBK or AIO . Exam is totally conceptual. Your have to understand the concept.
  3. CISSP vs CCSP :

Since parent body ISC-2 is same for both ,  CISSP will  have some advantage of prior exam


  1. I believe that you need focus & concentration during your study which is applicable to all other exam also. I have made a lot of research on focus / motivation  & belief system.  This helps a lot in actual exam

Exam room Experience : ( Note : some cricket terms are being used to understand better)

  1. I had decided that I shall fight till the last minute. I usually give more time in Ist round.
  2. Ist hour of play was   I  scored  47  run  Ist Hour. 2nd Hour was really tough and reverse swing began to happen. At one time I had to flag  8-10 question in a row. After 2nd hr my score was 82.  I took break of 4-5 minutes and completed  ist round in 190 minutes. I had marked 37 questions for review.   I completed review before 12 mintutes.  In remaining time i reviewed some initial questions again & Pressed he final SUBMIT button on 240th minute.  I almost changed 7-8  answers in my 2nd review.
  3. At the end I was satisfied with my performance. When I came out, my dream certification success letter was in my hand.



Naresh Gupta


Email :


Newcomer I

I believe prior work experience matters as helps in material comprehension but is not a must.

I've used official ISC2 manual as well electronic version. I've downloaded from web any additional material I found (ex. The International CISSP Summary, CISSP All-in-One Exam Guide, 7th Edition...etc) as well I've try handwriting my own summaries.

The most help was from online quizzes, I personally used (paid version) as it has progressive learning with target score to be achieved. After I achieve 100% on Skillset I've paid couple of months on CCCure helps as you can increase tests difficulty and you can chose failed questions to be repeated as reinforcement. As well I've watched videos from

Some objectives are more difficult then others, as mentioned experience helps. Do not discount any objective, anything can be on test.

At exam time, take your time read questions couple of times to ensure comprehension.

Good luck!