+ Reply to Thread
Results 1 to 9 of 9
  1. Junior Member Registered Member
    Join Date
    Jun 2016
    Posts
    5
    #1

    Default CCSP Pass on July 22, my study materials

    Passed CCSP test last Saturday 7/22. Offering a quick info dump to pay it forward.

    Very typical (ISC)2 test and in the same vain as the CISSP/SCCP tests. My general opinion is you need to have a comprehensive knowledge and have a good understanding of the major technologies that support the Cloud. My test was not a “definition” test but more of an application test. They had some very good questions where I had to figure out the answer by writing down all I knew of the topics in the question to find the common thread. Tip, for multiple choice don't go looking for the answer but answer the question on your own and the select choice that best fits your answer. If you don't know the answer -- move on. Only as last resort should you look for the answer in the choices -- your choice should verify YOUR answer.

    One of the biggest challenges is most of the material is dry and boring. So as I read a whitepaper or material I have my favorite flashcard app also open and then cut n paste questions directly to the flashcards. Then I review the flashcards. I probably had 15 sets of flashcards that I reviewed.

    For me, there was no one source of study material. I tend to over study since I do not get reimbursed for a failed test and at $540 that would be a big loss for me.

    The books are helpful but I needed more. Although they do put the material in one place, the level of detail is insufficient if you are new to the concept. My study list was as follows

    NIST and CSA are the major sources of material. Refer back to these and make sure you have a deeper understanding of the technologies involved i.e., just learning the definitions. This might seem like a lot but it becomes very repetitive.

    https://www.nist.gov/itl/nist-cloud-...d-publications

    https://downloads.cloudsecurityallia...guide.v3.0.pdf

    https://cloudsecurityalliance.org/me...version-3-0-1/

    https://cloudsecurityalliance.org/do...nnaire-v3-0-1/

    https://www.owasp.org/index.php/OWAS...ctive_Controls

    https://www.owasp.org/index.php/Cate...ease_Candidate

    https://www.enisa.europa.eu/publicat...isk-assessment



    For the underlying technologies

    https://www.pingidentity.com/en/lp/s...e2IaAh1e8P8HAQ

    https://www.oasis-open.org/committee...0-draft-06.pdf

    Cloud Computing - AICPA

    https://collaboration.opengroup.org/...model_v1.0.pdf

    https://www.tutorialspoint.com/sdlc/sdlc_tutorial.pdf

    https://www.slideshare.net/nitin_ste...rstanding-rest

    JSON

    https://www.w3.org/TR/2000/NOTE-SOAP-20000508


    https://securosis.com/blog/multi-clo...-and-migration

    Other

    UDEMY.COM CSSK Course – found a deal for $10 -- good if you are new to the cloud subject.

    CCSP – Daniel Carter book, CCSP CBK --- these books are similar and different each emphasizing different topics. Since the put the basic knowledge all in one place they are handy to have. For me I would not have passed the test just relying on these books.

    Reviewed basic security knowledge from Security+. Wanted just the technology review and this is a good source that captures all of it. Not a bad idea to take this cert first if you don’t have a CISSP/experience in the cloud. The material is applicable to cloud.

    I have a CISA/CISSP/CISM/CCNA/SSCP/Security+ and still found it a challenging test.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Nov 2011
    Posts
    813
    #2
    You're a beast!
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Apr 2011
    Location
    DMV
    Posts
    216
    #3
    Great job Foley..
    Reply With Quote Quote  

  5. Member
    Join Date
    Mar 2016
    Location
    New York
    Posts
    40

    Certifications
    Associate of (ISC)2 (CISSP), Passed (CISA & CISM), Security+, Network+, Linux+, LPIC-1
    #4
    Congratulations Foley. Thank you for your review. I am taking mine on Friday.
    Reply With Quote Quote  

  6. I'm Batman clarkincnet's Avatar
    Join Date
    Jun 2014
    Location
    Raleigh, NC
    Posts
    251

    Certifications
    CISSP, CISM, CRISC, ITIL-F 2011
    #5
    Awesome!
    2015 Goals: CISSP [X], 2016 Goals: CISM [X], 2017 Goals: CRISC [X]
    2018 Goals: eCPPT [ ]
    Five Year Goals: CSXP, OSCP, GPEN, eWPT
    "Distrust and caution are the parents of security" - Benjamin Franklin
    Reply With Quote Quote  

  7. Member
    Join Date
    Feb 2017
    Location
    Maryland
    Posts
    38

    Certifications
    CISSP, CCSP, CISM, CISA
    #6
    Congrats!
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Dec 2014
    Location
    Laurel, MD
    Posts
    9

    Certifications
    CISSP, CASP, CCNA (R/S), C|EH, C|HFI, ITIL, Sec+, Net+
    #7
    Congrats Foley!!! I passed the exam this morning and agree with what you've said. As for me, I read the CCSP Participant's Guide, CSA document, and the CCSP Study Guide by Ben Malisow as my main resources. Overall, the test wasn't too difficult, but there were some that had me scratching my head. Flagged about nine questions, circled back to them, and submitted for grading. Took about 2hr 40 from start to finish.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Sep 2013
    Posts
    732

    Certifications
    MBA | CISSP | PMP | PMI-ACP | CISM | GMON | GCIH | Sec+ | MCITP: SA | MCSA Win 7 | CCNA
    #8
    Out of curiosity, how much of the NIST documents did you dive into. For instance the first link you sent goes to a collection of NIST documents, many of which are 100+ pages and 3-6 years old.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Nov 2016
    Posts
    106

    Certifications
    AWS DVA, AWS SAA, CISSP, CCSP, CCSK, CASP, CEH, SEC+, NET+, A+
    #9
    Congrats!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks