Oh wow, both relies are from overseas, it seems this qualification is very "exporting" friendly 😃

Hi Sam - 

I agree that CISSP is not enough, and I am pursuing my CCSP this year and CGRC next year. With ISC2, I would also like three certs, so my CPEs would apply to all of them, and you only have to pay 1 membership fee. This would be an excellent path for me since my role has been in IT management for 25+ years.  

Ultimately, I want to pursue my C|HE cert, but will see what happens. Any suggestions or studying tips on the CCSP exam that you can share? 

I am much older than you and YK so learning and memorization are SLOW. I ask myself, why didn't I pursue this 10 years ago? Well, it's never too late 🙂

Here is a picture of me and (ISC)2 CEO Clara R last month at our LA Chapter meeting. We meet monthly, and it has been a great community of Cybersecurity professionals. When I retire 🙂 I will probably want to do some volunteer work with (ISC)2. 

Best, 

Daniel K. Leung

Hi Daniel,

I would say, CCSP is the one that easy to crack once you got the CISSP. The question foundations is same, but only a little bit of the cloud terms and some new workflows like data management lifecycle and virtualization vs container setting out. 

For the method I used to crack the CSSLP and CCSP, I just go directly to the exam outline and write my own notes on it. Such method could help to investigating what you are not familiar on and google, currently ChatGPT, it later. I think this method could help and it would better for understanding.

Just like the certificate in ISC2, CCSP is not the one that you can pass if you remember everything, it always asking why you made that decision and how to control he risk only.

For the CEH, I am not really suggest anybody go for the EC-council certificates since the certification body is not that respect copy rights and original writings. If you had the needs, go to SANS. If you really want to learn some hacking techniques, I suggest you go forward to OSCP. For the practices on OSCP, Hack the Box would be a good start and it definitely helped me a lot on my tasks. 

I am not sure my suggestion is good for you but, at least, I will go for the OSCP after I got all the CISSP concentrations in coming 2 years.

Just let me know in any channel and I am happy to share with you.

Sam

Hi Sam - Thanks for the feedback and information. Yes, SANS is another well-respected institute in Cybersecurity. I am attending the ISC(2) security congress this year in October, so looking forward to that and adding more CPEs. 

Daniel 

By the way, these are the 2 main sources that helped me passed my exam, and they both have content for CCSP @dkleung :

1. Exam APP

–Android

§https://play.google.com/store/apps/details?id=com.learnzapp.cissp

–Apple

§https://apps.apple.com/us/app/id1555533017

2. YOUTUBE channel that structured my understanding:

(I liked how they scripted the mind map, very easy for me to absorb and recall.) 

https://www.youtube.com/@destcert/about

As you 2 might tell from my writing, except for the sensors based IoT product development projects I touched, I at least had 6 domains that looked like strangers to me when I was learning. And thanks @swh5a01 for the tips, I am also highly interested to pickup more hacking skills.

The apps is same as the OSG and it's practice questions. I think you could ignore it once you got the OSG. For the hacking skills, go to hack the box and you would definitely found another new horizon and it's fun