I think a lot of the asked questions would not have been so hard if they were written in plain understandable english.
What I mean by that is I remember a lot of questions written leaving out normal words found in questions like the word(s) "of" and "the" or "a" which are (prepositions, logical connectives) which made it hard to understand the question written and then having to go back and re-read the question(s) several times to try and make sense of what was written. Leaving out these important prepositions made it hard to understand the question(s).
I retook the exam again and did not pass. My performance was
Supply Chain and Software Acquisition: Below Proficiency
Software Deployment, Operations and Maintenance: Below Proficiency
Secure Software Requirements: Above Proficiency
Secure Software Implementation/Programming: Above Proficiency
Secure Software Testing: Above Proficiency
Secure Lifecycle Management: Above Proficiency
Secure Software Concepts: Above Proficiency
Secure Software Design: Above Proficiency
So even though on 6 out of the 8 domains I received Above Proficiency I still did not pass. This leads me to believe that on each domain you have to get at least a 70% or above to pass the whole thing. Which means that even if you get a 100% on one domain that does not factor in the total score. This scoring scale is very scary and makes this exam extremely hard to pass.
I will not take this exam again because of 2 factors. One, the scoring factor as mentioned above and two 75% of the questions I saw where never covered in any of the books I read or the boot camp I took or on any practice questions or study material I could find which leads me to believe that ISC2 is making this exam extremely hard to study for and pass on purpose. Not with the intent to test you of your knowledge from materials they say will be on the exam. So anyone who passes this had really good luck that day.
The only positive thing I saw about this exam was that the questions were not nearly as wordy or lengthy as the previous exam questions I took in the past, so at least I did not walk away from this exam with a head ache.
The questions from the exam that I received were mainly just one sentence but the questions still used deliberately confusing sentence structures and grammar to try to throw off the test taker and because of that I will never take another ISC2 exam again. These exams should practice normal sentence and grammar if they are to be taken serious.
I work with 4 other people who have taken this exam recently (within the last month). All have failed the exam and one of the person has a PHD from Duke in computer science and said the same things about this exam. Complete waste of time.
My end take away is that ISC2 is just trying to falsely make these exams too confusing which I believe is mainly profit driven (even though they say they aren't) and they are using questions that do not match the content that they preach and teach.
My advice - study and pay for another certification. This one is a complete waste of time.
I've read several of the comments in this thread and based on the comments I have decided not to pursue the CSSLP certification at this time.
Based on the experience of several people who have taken the test, it appears there may be some disconnect between what is in the study materials and what is on the test. It also seems there may be a quality issue when it comes to the language of the test as it concerns grammar and so-called "trick" questions.