I realize my question is quite subjective, but is there a general consensus on which of the ten CISSP domains is the most difficult? I am in the early stages of assessing whether to take the deep dive into the material and take the exam, and I've done a reasonable scan of the domains to determine if any of the material is just way over my head. I haven't encountered anything to scare me off, not yet anyway.
My interpretation is that there are six or seven "hard" domains and three or four "soft" domains, the former ones being highly technical and the latter ones more focused on policies, procedures, legal, ethical and other "corporate" types of topics. It would seem to me that many people with deep technical skills but not much corporate management skills would master the "hard" domains and have trouble with the "soft" domains, while management-type people would have trouble with the "hard" domains and breeze through the "soft" domains. My guess is this is why the exam is so challenging, because relatively few people have a mastery of both the technical and the managerial.
So what do people think are the hardest domains for each of those two groups of people? I have a good amount of experience in both realms, but most of my technical knowledge has been gained informally over many years, through osmosis of working with and managing others with deep technical knowledge (admins, coders etc). Would it be fair to say that the crypto domain would pose the greatest conceptual challenge for someone like me?