Module Weighting on the CISSP

Just curious, is there a document out there that shows the particular weighting of each module for the CISSP? I can't imagine the test covering all 10 domains equally. I'm asking because I'd like to know which module to focus on more than others. Any assistance would greatly be appreciated.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Sheiko37

If you're serious you'll study all domains equally.

cyberguypr

^ this. People here have come will all kinds of theories of which domains are "more important" than others. I really don't like this approach. Some questions are very convoluted and may cover things from several domains. Who know which one is the "correct" domain for that question. I rather err on the side of caution and assume they are all important.

GenrericSecurityGuy

Of course, you want to study and know them all backwards and forwards... Let's be realistic. If there's a module that has more questions or is graded heavier on the exam, then obviously you'd want to study that module just a little more than one that isn't quite as important.

If you have a limited amount of time between now and the exam, and you want to maximize your opportunity to pass the exam, what content would you focus on over another in order to pass.

cyberguypr

Well, I would focus on those domains where my confidence level is low.

GenrericSecurityGuy

*sigh*
So, there's nowhere posted on how the test is weighted. Just study.

E Double U

Paging b/eads

TheFORCE

GenrericSecurityGuy wrote: »

*sigh*
So, there's nowhere posted on how the test is weighted. Just study.

No that information is not public. What you can find though in the isc2.org website is that % by domain. However you should not be using that as your only decision making process of what to study. You might end up with 5 questions from the network security domain and each can weight 20 points but you might get 1 question on compliance and regulations that weights 40 points alone. So really it has been preached many times over on this site that for the CISSP you do need to know the various material at least on the concept level.

bpenn

The questions are completely randomized. You could get a majority of access control on one exam and then see a majority of Networking and Telecommunications on the next. Do yourself a favor and learn the material, not just to pass the exam, but to increase your knowledge and ability as a security professional. After all, the point of "certifying" is to increase one's knowledge. Right?