+ Reply to Thread
Results 1 to 14 of 14
  1. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    2
    #1

    Default CCSP - Failed TWICE. I'm done.

    Hey peeps.

    Failed the CCSP yesterday on my second attempt with a 681 (700 required to pass).

    My first attempt scored a ~618.

    I took the exam the first time after completing my Master's Degree in Information Assurance with a focus on cloud security and using the ISC2 Official CCSP Study Guide by Ben Malisow. The official study guide is worse than useless. If I had completely memorized every single page of the study guide, I would only know about 20% of the material presented on the test.

    After the first failure, I began a hardcore study program that included the following:Altogether, I drilled on the practice questions in these resources (about 700 questions in all) and scored 90%.

    Maybe 5% of the test questions I used appeared on the actual exam in some form. So, the practice questions will create a very false sense of confidence.

    THE EXAM:
    As others have noted, it is a poor quality test. Many questions are constructed with poor grammar (obviously from someone for whom english is not a first language). There are probably 10 questions or so written specifically to confuse or deceive you with the wording. There were MANY questions on REST and SOAP APIs that were more detailed than ANY of the information about REST and SOAP in the study materials. You will either need to be an application developer and intimately know how to use these APIs or use a separate programming resource to study how they work and why. There are matchy-match questions about what security standards/laws go with what country (easy if you memorize - but be sure to memorize ALL of them). There were two sets of questions (about 4-5 each) based on a detailed real-world scenario and how to accomplish a specific goal in the MOST secure manor. I have no idea how I did on these because either every option seemed right or none of them did. The study material spend a LOT of time on which storage types go with which platform, but the questions on the test on these topics are all asked in ways the material doesn't prepare you for (i.e. don't expect to be able to match volume and object storage with IAAS). If you are security professional active in the field, I would say you are at the greatest disadvantage for this exam - because you may know a right way to do something but the test question is looking for the answer based on the CCSP CBK, not the "real world."

    I have $1500 in test and materials now and I will NOT be attempting it a third time. There would be no satisfaction for me to pass the test on a third attempt, and if I failed it a third time I would probably drive into oncoming traffic.

    I have a number of colleagues who have passed the exam after taking the ISC week-long bootcamp class with the exam at the end. I assume the ISC instructor basically gives you the info for the test questions they know will be on the test since it's their exam. If your goal is to get the cert to check a box or get the credential, I would recommend doing the bootcamp. These forums are full of stories of very competent security pros who didn't pass this exam the first time around, so you're likely looking at $1200 to take it twice anyway. Might as well go all the way on the bootcamp cost and feed the ISC money machine.
    Reply With Quote Quote  

  2. SS
  3. Member
    Join Date
    Nov 2012
    Location
    Seattle
    Posts
    34

    Certifications
    A+, N+, S+, P+, CIW Web Foundations, MS MTA: OS Fundamentals, CCENT
    #2
    You're literally on the cusp, don't give up. We've all struggled with an exam before. It's about what you take out of it as a lesson rather than accepting it as a failure.
    Reply With Quote Quote  

  4. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    6,101

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #3
    Maybe 5% of the test questions I used appeared on the actual exam in some form. So, the practice questions will create a very false sense of confidence.
    Wait, what? Were you expecting actual verbatim practice questions to show up on the test?
    There were MANY questions on REST and SOAP APIs that were more detailed than ANY of the information about REST and SOAP in the study materials
    This is why you supplement with external material.
    If I had completely memorized every single page of the study guide, I would only know about 20% of the material presented on the test.
    Again, that's why you supplement with the other docs. Plus it's a CBK, youy focus on applying concepts, not a memorization thing.
    If you are security professional active in the field, I would say you are at the greatest disadvantage for this exam - because you may know a right way to do something but the test question is looking for the answer based on the CCSP CBK, not the "real world."
    Not a secret. This works the exact same way with Microsoft and a multitude of other vendors. Three ways to do things: the right way, the wrong way, and the way the exam provider says.

    In regards to the bootcamp I'll be curious which one they took, because the official ISC2 6 of my coworkers took was a rehash of the training guide provided in the class and the instructor provided zero inside knowledge that would be of benefit for passing.
    Reply With Quote Quote  

  5. Senior Member Nutsy's Avatar
    Join Date
    Mar 2013
    Location
    Null0
    Posts
    123

    Certifications
    CCIE DC/R&S Written, CCDP, CCNP-DC/RS, CCDA, CCNA-DC/RS/S, Security+, Network+, ITILv3F, BIG-IP F5-CA, VCA6-NV, and VCP6-NV
    #4
    Sounds like a typical testing experience.
    Reply With Quote Quote  

  6. Senior Member mbarrett's Avatar
    Join Date
    Apr 2016
    Location
    DC
    Posts
    392

    Certifications
    CISSP CEH CCNP Security
    #5
    This is the only thing that comes to mind. Don't cry to quit, cry to keep going and get the reward.
    https://www.youtube.com/watch?v=5fsm-QbN9r8
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    1,069

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #6
    All of that is more or less fine, except poor English as it may (and in my case I think it did) affect the outcome if a question is not understood properly. This is especially annoying, given that it doesn't seem to be a hard to fix type of issue and yet it's still there despite many reports and complaints over the course of a few years.

    Almost as if (ISC)2 envies EC-Council's poor products and processes and decided to go down to the same level of quality or should I say inferiority with their most recent and hyped offering.

    It also throws me off from putting enough efforts into preparations. If I don't respect the exam I tend not to perform well and vice versa, even for particularly hard exams I prepare very thoroughly and pass them with high scores if I respect them a lot. Not the case with CCSP because of that.

    And why would I respect it, if (ISC)2 doesn't seem to respect it enough to proof read and offers us a half-baked product?
    Last edited by gespenstern; 01-23-2018 at 10:24 PM.
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    2
    #7
    Quote Originally Posted by cyberguypr View Post
    Wait, what? Were you expecting actual verbatim practice questions to show up on the test?
    Nah - certainly not verbatim. In the case of the CISSP, the sample questions on practice exams much more closely resemble the form and complexity of the actual test questions. I found the sample questions in the study books and on the websites to be nothing like the actual test.

    Quote Originally Posted by cyberguypr View Post
    This is why you supplement with external material.
    Do you have suggestions for prepping for the SOAP and REST content? Or did you already have this knowledge from experience as a developer?

    Quote Originally Posted by cyberguypr View Post
    Again, that's why you supplement with the other docs.
    I'm cool with that - I just need to know WHAT material to study.
    Reply With Quote Quote  

  9. Burn Baby Burn! Cisco Inferno's Avatar
    Join Date
    Oct 2010
    Location
    Denver, CO
    Posts
    1,026

    Certifications
    CCNA:R/S, MCSA:2012, MS Specialist: Server Virtualization, MCDST, A+, N+, S+, A.A:CIS
    #8
    you got it! dont quit now. you got that masters because youre badass. are you telling us youre not badass enough?

    and yes the test is ****.
    2018 Goals
    [X] Recertify Cisco CCNA
    [ ]Recertify CompTIA Security+
    [ ] (ISC)˛ SSCP [ ]LPI Linux Essentials [ ] Bachelor's Degree
    Reply With Quote Quote  

  10. Junior Member
    Join Date
    Dec 2017
    Location
    Chicago, IL
    Posts
    26

    Certifications
    M.A., M.S., CISSP, CISA, CISM, Security+, MCSE, A+, NET+, Project+, CIW
    #9
    Yes, just go with the flow man. So, you feel that you got screwed? Enjoy the screw and come out on top the next time. Never be discouraged.
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Dec 2015
    Posts
    11
    #10
    I know how you feel, I was angered by this exam and feel the same way about it as you. Poor English, A lot of application developer type questions that I did not feel comfortable in. Remember there is 25 throw away questions which I assume some of the app dev questions you saw are in that. I failed it 3 times and got it on the 4th time, I read a lot more people's passing post and tips and made my on list of things that I need to remember. I passed it the 4th time, I had to come to peach with the test and not hate it or think poorly of ISC2 so I would want to try harder. I got in the mindset don't do anything that fixes something only go with the management big picture route ... something is on fire, a server is infect what do you do? they will have a sexy tech answer but no you follow the policies set in place never skip processes that's what you are not about as a CISSP. Also it helped if I didn't think about what I did or saw in my years exp I thought I was in the CISSP perfect matrix world and that's how I would answer. I say read Sybex, watch Cybrary vids, do practice questions on the Sybex website and read 11th hour two days before the test.
    Reply With Quote Quote  

  12. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    1
    #11

    Default CISSP Failed Twice

    I too failed twice. Most of the topics were brand new to me so I really learnt a lot. I heard it is a Gold Certificate. So I don't plan on giving up. I never failed any exams before, it is very disappointing the way CISSP exam is formatted. But I don't blame myself for not passing I will keep trying until I pass. I am studying CBK, watching lots of videos on YouTube. All of them are good. I wish Powercert made animated videos for CISSP, they made some superb videos. Shon Harris audios are excellent source. I guess if I do CBK word to word I should easily pass (my mistake was I only watched videos but never read a full book). I took exam in old and new CAT formats. I felt I would have had better chance of passing in the old 250 question format. Following is grading I was given but no score.

    Security Operations-Below Proficiency
    Communications & Network Security-Below Proficiency
    Asset Security-Near ProficiencySecurity Engineering-Near Proficiency
    Identity and Access Management-Near Proficiency
    Security Assessment and Testing-Near Proficiency
    Security and Risk Management- Above Proficiency
    Software Development Security-Above Proficiency.
    Reply With Quote Quote  

  13. Member
    Join Date
    Jul 2015
    Posts
    50

    Certifications
    PMP, CISSP, CCSK, CISM, CRISC, CISA, ITIL Expert
    #12
    Sometimes the reason folks fail is that they need to improve their test-taking skills. There is a process to analyzing questions, eliminating answers, and so forth. Additionally, you need to get your mind into the zone of thinking from the correct perspective. Very often, thinking like a techie will result in failure. I took the CCSP a few weeks ago, and I thought it was a balanced and well-designed test. I didn't think any of the questions were out of bounds.
    Reply With Quote Quote  

  14. Junior Member Registered Member
    Join Date
    Oct 2011
    Posts
    3
    #13
    Just passed this exam on Friday 2/2 on my first attempt. My primary resource was the CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide. I also perused some of the NIST documents referenced in the book.

    This book comes with some practice questions and practice exams that I also utilized. Much like your experience, the questions on the exam were nothing like the questions on the practice tests.

    It was a very challenging exam and I wasn't sure if I had passed it until I read the printout. You may want to consider getting the book I referenced and giving it another shot.
    Reply With Quote Quote  

  15. Junior Member
    Join Date
    Aug 2013
    Posts
    24

    Certifications
    B.S. in MIS; CISSP, CCSP, Security+, Cloud+,Network+
    #14
    Quote Originally Posted by chaunce54 View Post
    Just passed this exam on Friday 2/2 on my first attempt. My primary resource was the CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide. I also perused some of the NIST documents referenced in the book.

    This book comes with some practice questions and practice exams that I also utilized. Much like your experience, the questions on the exam were nothing like the questions on the practice tests.

    It was a very challenging exam and I wasn't sure if I had passed it until I read the printout. You may want to consider getting the book I referenced and giving it another shot.
    Congrats, can you share more details about your material (probably in another thread) ?
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks