+ Reply to Thread
Results 1 to 19 of 19
  1. Junior Member Registered Member
    Join Date
    Mar 2013
    Posts
    1
    #1

    Default Hardest CISSP Domain?

    Hi everyone,

    I realize my question is quite subjective, but is there a general consensus on which of the ten CISSP domains is the most difficult? I am in the early stages of assessing whether to take the deep dive into the material and take the exam, and I've done a reasonable scan of the domains to determine if any of the material is just way over my head. I haven't encountered anything to scare me off, not yet anyway.

    My interpretation is that there are six or seven "hard" domains and three or four "soft" domains, the former ones being highly technical and the latter ones more focused on policies, procedures, legal, ethical and other "corporate" types of topics. It would seem to me that many people with deep technical skills but not much corporate management skills would master the "hard" domains and have trouble with the "soft" domains, while management-type people would have trouble with the "hard" domains and breeze through the "soft" domains. My guess is this is why the exam is so challenging, because relatively few people have a mastery of both the technical and the managerial.

    So what do people think are the hardest domains for each of those two groups of people? I have a good amount of experience in both realms, but most of my technical knowledge has been gained informally over many years, through osmosis of working with and managing others with deep technical knowledge (admins, coders etc). Would it be fair to say that the crypto domain would pose the greatest conceptual challenge for someone like me?

    Thanks!
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Member
    Join Date
    Mar 2013
    Posts
    69

    Certifications
    CISSP , PMP , ITIL v3 Foundation
    #2
    Hi
    It depends what your core areas or strengths are.In my opinion all 10 domain need to be focused for the CISSP examination. Mainly Cryptography ,Security Architecture and Design are two domains where I had some difficulty in understanding them.
    The Exam is challenging as here we need to remember/understand many things from all 10 domains (mile wide and inch deep) and while answering we really need to focus and carefully read the questions and the options provided.Time is another aspect we need to take care of.

    Cheers
    ssehg
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Feb 2012
    Posts
    1,855
    #3
    Welcome to TE forums.

    I don't think you are likely to get a consensus since every exam candidates background and experience will factor into what they will find difficult.

    For me personally, the Physical Security domain was the most unfamiliar since my background didn't include too much. It wasn't necessarily difficult and I found that domain very interesting but it wasn't a topic that I had to deal with. The Security Architecture and Design topics were relatively straight-forward for me with the exception of the materials about architecture models which I was unaccustomed like Bell-Lapadula.

    Good luck in your studies...
    Reply With Quote Quote  

  5. Member RanMic's Avatar
    Join Date
    Feb 2013
    Location
    boring state
    Posts
    57

    Certifications
    CISSP, MCITP: EA, MCP, VCP5-DCV, NCDA
    #4
    I agree with Paul and SSEHG, it really depends on your background and what you "just get". I am not a full time Cyrpto guy but it comes easy for me, but Networking doesn't. I have to work really hard at networking and the next guy may not. I think you will find everyone has different areas of trouble, but overall I think everyone will agree that the exam is very challenging.
    Reply With Quote Quote  

  6. Paper cranes for everyone the_hutch's Avatar
    Join Date
    Dec 2011
    Location
    We all live in a yellow submarine...
    Posts
    804

    Certifications
    BSIT (CNSS 4011, 4012) / Sec+, Net+, CFOI, CEH, ECSA, CHFI, CNDA, CISSP, OSCP
    #5
    Crypto was my most difficult.
    Reply With Quote Quote  

  7. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    2,715

    Certifications
    GCIH, CISSP, MCSA 2012, MCSE Private Cloud, MCITP:EA & SA, MCDST, MCTS, CCENT, Network+, Security+, VCA-Cloud, VCA-DCV
    #6
    I don't think you are likely to get a consensus since every exam candidates background and experience will factor into what they will find difficult.
    This. In my case it was Crypto and Software Dev Sec precisely because I was unfamiliar with the material. It is essential that you identify your individual weakest areas and work on them.
    Reply With Quote Quote  

  8. Senior Member bobloblaw's Avatar
    Join Date
    Dec 2012
    Location
    Memphis, TN
    Posts
    166

    Certifications
    CISSP, CEH, Sec+, A+
    #7
    Crypto. Initially read like gibberish until I wrapped my head around it, and surprisingly became interesting.
    Reply With Quote Quote  

  9. Member
    Join Date
    Mar 2013
    Posts
    69

    Certifications
    CISSP , PMP , ITIL v3 Foundation
    #8
    Hi
    Best would be to focus on your weak areas and work towards passing the certification.
    Reply With Quote Quote  

  10. Member
    Join Date
    Dec 2012
    Posts
    39

    Certifications
    ITIL v3, CISSP
    #9
    I thought crypto would be my hardest but actually it became one of my strongest, I think I had a little problem with the Security Architecture & Design domain, mainly around the Common Criteria, EAL etc
    Reply With Quote Quote  

  11. Senior Member Humbe's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    192

    Certifications
    CISSP, CCNA, CVE, MCTS
    #10
    Crypto for me due to the fact not every day you deal with the subject.
    Reply With Quote Quote  

  12. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,019
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec (CNSS 4011, 4013)
    #11
    I've noticed over the years that Applications Development (now Software Development Security) is consistently mentioned by people as being difficult to understand. It's tough for anyone who isn't a software developer to understand what's really going on with the form, fit, and function of any software application, so I'm not surprised.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Oct 2012
    Location
    Lexington, KY
    Posts
    403

    Certifications
    CISSP
    #12
    The software dev security was the toughest for me since I had no background in programing at all, so it was the most amount of new stuff to learn.
    Reply With Quote Quote  

  14. Member
    Join Date
    Mar 2013
    Posts
    69

    Certifications
    CISSP , PMP , ITIL v3 Foundation
    #13
    I would agree with you . In my opinion attending a classroom / online boot camp helps.
    Reply With Quote Quote  

  15. Junior Member
    Join Date
    Dec 2012
    Posts
    16

    Certifications
    CISSP, CNSE (Palo Alto Networks)
    #14
    From the perspective of just trying to get a straight answer, I found the BCP/DRP quite challenging. It seems that most resources interpret the steps and frameworks differently. I'm a concrete type of person, I need to know the exact definition of something, so it was difficult when all these different sources would have slightly different interpretations of the BCP/DRP steps along with the various related frameworks. Cryptography was much easier for me since its concrete.
    Reply With Quote Quote  

  16. Reading Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    2,024

    Certifications
    CISSP, CCNP R&S, CCDP, CCNA:RS/S/V/DC, CCDA, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #15
    BCP was my hardest domain and every other question on my test seemed to be BCP-oriented. There were a few times i was like "Here's my Hail Mary answer!!!!" Crypto, Access Control, and Governance were probably my strongest. Physical security was boring to learn but I probably answered those questions decently. Law I didn't see at all.
    Master of Science: Information Security and Assurance
    Bachelor of Science: Information Technology - Security
    2014 Goals: CCNP Data Center
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Aug 2012
    Posts
    6
    #16
    Cryptography is the hardest master it well if you also have intentions of doing ISSAP
    Reply With Quote Quote  

  18. Member
    Join Date
    Mar 2013
    Posts
    69

    Certifications
    CISSP , PMP , ITIL v3 Foundation
    #17
    I would again say that it all depends on your experience. For some Application Security is toughest for others it could be Cryptography.
    Read books and may be attend boot camps. I attended one by Simplilearn.
    Reply With Quote Quote  

  19. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,019
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec (CNSS 4011, 4013)
    #18
    OK people, please discuss which were your most difficult CISSP CBK domain(s) only and not what you saw on your actual CISSP exams.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  20. Cliffhanger Thistleback's Avatar
    Join Date
    Jun 2012
    Location
    Washington
    Posts
    150

    Certifications
    CISSP
    #19
    Software Development LifeCycle was hardest for me, because of no prior experience in that field. Crypto was also not as familiar, but I found it fascinating to learn, and enjoyed the studies for that domain.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks