Ok, I took the CSSLP exam. I got a 688 out of 700 today. I took the official online ISC2 course with a week's online webex training (which was different from the online work). I used the flash cards and all the resources. Out of the 175 questions there were quite a few questions not associated with the flash study cards or what appear to be from the office student guide. There were also questions about modeling (I will not name them due to not talking about what was on the test), but the models were never referenced in the official study guide. If I would have known I would have refreshed on the associated models. Not sure what is going on here, but I would expect the resources to review and understand to be successful in the exam would be in the Official Student Guide. It would hope someone from ISC2 would please comment on this concern.
Thought I would chime in here - I passed the CSSLP the first time, but I agree that there are a number of questions dealing with topics that show up nowhere in the official review material. How do I know that? Because I wrote a book on how to pass the CSSLP (Essential CSSLP) and read the guide cover to cover multiple times when writing the darn thing. In spite of knowing the official content by heart, there were probably 10 questions that I had to take complete guesses at and probably missed. However, there were quite a few other questions that were not covered by the guide that I was able to reason out based on my experience in software development. PMs and the such would not be able to do that, so unless you have developed software in a multi-tiered environment and worked in the cloud, you will most definitely be at a disadvantage. Not to say you can't pass, but be forewarned. The biggest problem I had with the exam was that a lot of the questions had two correct answers, depending on how much you read into the question. I am a major over-thinker, so I had to slap myself several times to take the questions at face-value only and not start twirling possible scenarios around in my mind.Great advantage as an architect, but not so much when taking a test.
At the risk of self-promotion, in Essential CSSLP I did include a lot of tidbits not found in the review material based on my professional software experience, so that might help some people. That experience probably helped me pass the first time.
You just nailed exactly what I saw. Also dropping my kid off to go to bootcamp since they re-scheduled it and taking the test an hour later was probably not a good thing to do. Thank you!
@spacegodzilla, Exactly, questions with 2 possible correct answers are really bad. You have to dial your level of analysis to just the right depth for the exam and don't read too much in the questions. Of course, it's easier said than done.
So like many others... I did a bootcamp, read the CBK cover to cover, looked for practice questions all over the place (note if someone has good ones, let me know). Took the exam Feb 5th and failed it (Supply Chain and SDLC got me). I have been a programmer for 26+ years, have a few other certs (MCSE for NT 4.0 if you want to make me feel old). I work DoD and interface with Cyber all day long. @spacegodzilla hit it really on the head, there are two very very similar answers; sometimes it felt like even maybe 3. But setting the right depth of analysis is the hard part, I guess I over analyzed the questions and now get to pay MORE money to retake it. I understand this exam is to prove you are good at understanding the SDLC process. However, when you make choosing an answer based on what verb is used; the test is no longer objective but subjective to how well you can guess.
I would be curious to know how you mentall sorted through the questions to arrive at the "best best answer"?
" However, there were quite a few other questions that were not covered by the guide that I was able to reason out based on my experience in software development. However, there were quite a few other questions that were not covered by the guide that I was able to reason out based on my experience in software development. "
For those less experienced in sw development do you have any suggestions as to what bodies of knowledge to study?
Thanks for any adivce you can provide!
Any suggestions on study material other than the Essential CSSLP? I've just finished that book and, while helpful, there were numerous exam study questions not referenced at all in the material. Having taken and passed the CISSP, CISM, and other tech certs, I'm very apprehensive to schedule my CSSLP exam. This is the most ill-prepared I've ever felt going into an exam.
Hi Jackaroo -
If you feel ill prepared, do not take the exam!
This test is extremely hard.
My background – I passed the CISSP the first time I took it in under 3 hours. I also have the PMP. Took the CSSLP 3 times and did not pass all 3 times.
Studied by taking a week long book camp, read the CSSLP CBK “twice” and took all the practice exams I could find online.
In my opinion and the biggest compliant I hear is - the confusing and complicated way the questions are written - period. It takes 2 times of reading each question to figure out what they are asking. I have read people who wrote - However, when you make choosing an answer based on what verb is used this makes the test obsolete (I totally agree) and yes there are 2 best answers and the best - best answer makes it extremely hard to figure out which answer to choose (so your down to a 50/50 chance). I think they need to completely rewrite the questions so that they are clearer to understand what they are actually asking.
I believe that the questions are written so complicated as to confuse people so that the fail rate is high and that people have to pay the fee to retake this test - period. Good luck to anyone taking this test because you will need it the way the questions are written.