I stand corrected on the exam being covered by ISC2. I re-read the e-mail and my wishful thinking saw one thing, but in fact it is another. ISC2 will allow anyone who has taken their course and failed the test to re-attend I believe the class free of charge. It's not the actual test. We'd still be out the money for taking a 2nd exam.
I did pass the test on the first pass. It was brutal. I studied the infamous CSSLP CBK ans the All-in-One. The CBK had the models. I also read the CISSP book by Shon Harris.
I have been a developer for about 30 years. Most of it as a developer or a manager of developer. I have a fair amount of security experience from a management prospective,
I found the test to be about 25% book knowledge and 75% experience and common sense.
The security experience was the key for my passing. There were definitely were not covered in the books.
That should have read:
There definitely were questions that were not covered by the book.
The CBK was the 2nd edition.
I totally went the self-trained route.