Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Newcomer I

Slang, linguistic tricks and idioms makes it much harder than necessary

I consider my self a decent speaker of the english tongue, but I really have my problems with some of the question. I am ISO 27001 Lead Auditor and I certified in many international certification from AWS, IBM, RedHat, Cisco, Checkpoint over the past 20 years... And I never had suchlike issues with any of this.

Not only in very specific language of compliance, laws, legal and contracts - where I could understand it, but through every domain.


Things like linguistic tricks, idioms, double negatives, hairsplitting and subtleties only native speaker would understand should neither be in the exam nor in the documentation. Since, this is meant to be an international thing about IT skills not an exam in neo-english studies, right?

I by myself have written literally hundreds of page of security related concept, process documentation, and user guides this year alone - I work in a global team from Europe, India, China, US, South America... if I do so it is crucial to write in a simplified, clear and transparent way. And not, to point it out a bit in a harsh terms, in "insider jokes".


I would suggest, putting all the paperwork in google translator - translate to Chinese followed by Hindi, than German and than back to English. As long as this do not end in input equals output CCSP people have work to do here. (This is basically my approach, when writing documents.) 


5 Replies
Contributor III

I think the idea is to catch people who memorise texts, but aren't able to apply them in the real world. The question writers try to phrase things in a manner that won't trigger anything that's been memorised from a textbook, but an experienced practitioner should understand what they're asking.

That said, I do recall the CCSP questions as being of a lower quality than ISC2's other exams. I was hoping that this would improve with the fulness of time.
Newcomer I

Well, ok, than they should offer multilingual questions.

The worst thing is, that in some questions I saw in there official app they shoot themselfs in the food. One example is: Mixing the terms security and safety. The question was what has highest priority in "security" of a data center.
The "correct" answer was "health and safety of employees" - other answer had been redundant connectivity, power, hvac... and this is simply not true in multiple contexts - since CCSP is not a saftey nor a construction/architecture certification...  nor does anyone of us will ever have to deal with construction side safety of data centers. There is no S in CIA...

Community Champion

It happens all the time in everyday conversations (at least in English speaking ones).


  • Is the data safe/secure
  • Is this website safe/secure
  • Is this feature or product safe/secure

In regard to health and safety, it should always be the #1 priority in any situation. I think that's what the question was trying to convey. 

Community Champion

@BeepPleep wrote:

... linguistic tricks...and subtleties ... should [not]... be in the exam 

That is dealt with by the way that questions enter the test bank.  New questions are initially unscored and only start to count after they have proven themselves "deterministic".  A deterministic question is one that tends to be answered correctly by those who pass and tends to be answered incorrectly by those that fail. If a question has linguistic tricks, country-specific knowledge or even flat-out errors, more people will answer it incorrectly and it will get flagged for rewriting or for disposal.


@BeepPleep wrote:

Well, ok, then they should offer multilingual questions.

They do.....


... the (ISC)² Certified Cloud Security Professional (CCSP®) certification exam will be available in four additional languages—Chinese, Korean, German and Spanish. Currently, the CCSP exam is available in English and Japanese.... [cite]


Newcomer I

That is all new to me. Great Input.
All testcenters I contacted here in Germany stated "test is english".
I guess I have to find a provider for german language tests.... 

In the meantime I had another example with the saftey/security issue,
opening up another dimension.

I had a question that ask "what is the biggest risk of having no disciplin in cable management in data center".

I only remember parts of the answers but basically:
A) It is a risk to worker, they can hurt himself badly.
B) It might waste HVAC resources.
C) It could result in maintenance errors.   
D) Regulative incompliance

Coming from the previous question 
a) is the biggest risk... someone can break his neck, a person is dead and the family sues you into bankruptcy
b) Your electricity bill will raise 1% or something insignificant... so I do not care. Will simply raise service prices.
c) Very valid. But if you do not run something whats downtime potentially kills people it is not the biggest risk.I saw 2 data centers going down because wrong cable plugged (2 time same week) because routing protocol went wild and in succession fail over protocol of perimeter did some questionable decisions. - Your SLA should be ready for that - than it´s okayish.
d) Yes, I experienced the case that an auditor switched of a big data center because of problematic cabling (It was about electric installation safety.) That is a threat... but more a black swan. If you consider HA important you have 2 of this data centers 😄

So what is the right answer.
It is b).... yeah well.