I joined this forum a couple of weeks ago, while I was preparing for my CCSP exam - which I had today and passed 🙂 I would like to sum up my personal recommendations for having good chances of passing the exam. Please do not take these notes as a general "recipe", it's just how it worked out for me.
Reading this post very thoroughly detailed by Radioteacher (who also recently passed the CCSP exam) - btw, congratulations from my side also! - I got a bit scared that maybe I am not doing enough for my preparation. The thing is: it very much depends on your previous experience and if you already have other credentials, like CISSP (or aquivalent). And more training is never bad, it's just a matter of perspective. In the end, what matters is if you go with a "clean mind" to the exam, meaning you feel you have done enough to prepare.
Long story short: I used the following materials to LEARN:
And to PRACTICE I used:
I did not participate in any classroom training and did not use any other resources for learning or practicing. But I must mention that I earned my CISSP credential last year in december, which helped a lot during learning and in the end at the exam. And I have approximately 6 years of experience in the IT Security field.
My recommendation: do NOT rely solely on the Official Study Guide, it simply does not cover all topics as thoroughly as the CBK does. Read the CBK at least 2 times to make sure you did not miss any important concepts.
Both books are, in my opinion, well written (like a story), with enough examples from the real world, so I would definitely recommend them both.
How much time I invested? Hard to say (I lost track...), but I started at the beginning of September 2017 and learned every week approximately 6-8 hours, starting with November a lot more (maybe 20 hours a week?) + a bit more in the last week prior to the exam. So I would assume I spent somewhere around 150 hours of study to pass the CCSP exam.
Is the exam time of 4 hours enough? Yes, in my opinion it is more than enough to cover the exam, 1-2 short breaks and a bit of buffer in the end.
I hope this information helps you in getting prepared for your CCSP exam. Wish you all the luck! Let me know if you have questions which you think I might be able to answer (except of those related to the real exam questions, which I will not disclose...).
Sounds like a good plan. I failed the CISSP in 2010 and never retook. I am deciding between CISM and CCSP of which is more my strength and is easier. I am full time worker and mom so I need to plan better and study the right stuff. If you know how this might compare to CISM by Isaca maybe one is better than the other for me.
Thanks and congrats.
just compare the Guide to CISM certification (http://www.isaca.org/info/CertificationPlanningGuide/cism_planning_guide.html?icid=bani_1223388&appe...) with the CCSP Exam outline (https://www.isc2.org/-/media/ISC2/Certifications/Exam-Outlines/CCSP-Exam-Outline.ashx). You will quickly see that there are pretty big differences between them. The first focuses on the more General security management concepts and the latter only talks about cloud concepts. If I were you I would start by asking myself where I am heading to. If you are heading for a management Position in the next months, maybe CISM would be more appropriate. If you are rather interested for cloud technology, pick the last one.
I really don't know which one is "easier" - CCSP was not easy, but can be mastered if you dedicate some time. By the way, I am also working in full-time and mainly learned after work in the evenings and during weekends.
I also networked with someone who passed both exams. He did say that CISM was less technical in nature. I am also learning now the CISM is more geared for the manager. I just started the free learning library on Cybrary so I think I'm definitely headed in the right direction! 1. I've already done IT management before and 2. About 50% of what is being talked about I know already. Thanks to the CISSP exam and also the annual cyber security exams my company makes me take.
I think I will pursue CCSP cloud security if I go into that arena or figure out what jobs call for that certification. It doesn't hurt to have both at some point.
Very Good Advice..!!
(ISC)² and the Cloud Security Alliance (CSA) developed the Certified Cloud Security Professional (CCSP) credential to ensure that cloud security professionals have the required knowledge, skills, and abilities in cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks
Thanks! Wish you all the luck for your exam!
Congratulations on passing your exam. As someone who has passed many exams, I am particularly frustrated with the CCSP. It doesn't seem like any (ISC)2 exam I've taken or written exam questions for. I went through the video course 2x and read the CBK, answered questions; even got the official Q&A. First time, missed by 30. Second time, missed by 20 and that is when I felt best and knew I had answered the questions correctly. Still, no joy. Of course I can't find out the logic the writers behind the questions used, but something doesn't add up right now. I'm taking it again in two weeks
I hold both the CISM and the CCSP. They are surely different animals all together. As previously stated the CISM is more management oriented. As I recall, there was an emphasis on understanding IT organizations, so you could steer your IS staff to the correct people to get the required data/documents/audit findings etc. There was also emphasis on understanding IT business in general.
The CCSP of course was cloud oriented. Much of it centered on differences between old school Data Center type organizations and more modern cloud centric organizations. As A CISA and also a CISSP, I had to wrangle some of my old thought process and get it aligned with more current cloud thought. Not as easy as you might think. 😞