Final push

Well, just 12 short days between me and the CISSP, I feel pretty good about it to this point. Here is what I have done

1. Fully read the AIO 4th Ed. over about a six months stretch
2. Fully read the exam cram book
3. Taken various transcenders
4. watched a few cbt nuggets videos on certain things
5. Currently taking the exam cram practice tests to try and pinpoint any areas or technologies I might be weak on.

6. Currently combining and updating some of the cram sheets from cccure.org so I can start doing some hardcore memorization of certain stuff like differnt standards and facts.

I feel like I have a great understanding of the technologies, but I need to memorize fire standards like suppression methods and categories of fires and encryption algorithms.

Here is the weak and strong

Strong.

1. physical security
2. Operations security
3. Cryptography

Weak.

1. Security architecture and design
2. Applications security
3. Laws, regulations, and compliance

Any last minute tips?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

carboncopy

From cccure.org

There are 5 domains that are VERY important as far as the exam is concerned. They are:

Information Security and Risk management
Access Control
Security Architecture
Telecommunication and Network Security
BCP and DRP

If you do not do well on two or more of those top five domains you will fail the exam.

You must master those five domains.

Best regards

Clement

slinuxuzer

Thats interesting, this is the first I have heard of the domains being weighted. I have actually posted this question before.

carboncopy

slinuxuzer wrote: »

Thats interesting, this is the first I have heard of the domains being weighted. I have actually posted this question before.

That was posted on October 20th of this year. Never heard anyone mention that before.

slinuxuzer

I guess I missed it with all my studies, I kinda figured it was weighted anyway based on alot of the feedback of people who thought they failed and then passed.

JDMurray

The common opinion is that the items in each CISSP exam booklet do not provide an even coverage of the ten domains. For example, I've talked with people who have claimed they had a lot of questions on crypto, and other who said had very few questions involving crypto.

I'm more of the opinion that exam candidates remember mostly the questions they had the most difficulty with (I certianly do). Therefore, someone who rememebers a lot of crypto items may have had an especially difficult time with the crypography domain, and someone who doesn't didn't. I'm also thinking that the presence of the 25 research questions also skews how people preceive the exam.

I recommend studying first the domains that you do not know very well and finishing up with the domains that you know best. Never avoid studying any topic on a calculated gamble that you won't see it on your exam. Also, don't get too involved and over-study a specific topic. You do not need to know the intricate details of how things work (DSL, SNMP, viruses, business risk analysis, MLS, etc.) to pass the exam.

AymanNada

JDMurray wrote: »

The common opinion is that the items in each CISSP exam booklet do not provide an even coverage of the ten domains. For example, I've talked with people who have claimed they had a lot of questions on crypto, and other who said had very few questions involving crypto.

I'm more of the opinion that exam candidates remember mostly the questions they had the most difficulty with (I certianly do). Therefore, someone who remembers a lot of crypto items may have had an especially difficult time with the cryptography domain, and someone who doesn't didn't. I'm also thinking that the presence of the 25 research questions also skews how people preceive the exam.

I recommend studying first the domains that you do not know very well and finishing up with the domains that you know best. Never avoid studying any topic on a calculated gamble that you won't see it on your exam. Also, don't get too involved and over-study a specific topic. You do not need to know the intricate details of how things work (DSL, SNMP, viruses, business risk analysis, MLS, etc.) to pass the exam.

Hats off to JD.

I can't stress more on what JD just mentioned.

DO NOT under estimate anything, and do not skip any material thinking it is not important. That made me fail my exam 3 weeks ago.

Moreover, I highly recommend that you go through as much practice exam as you can.

stoked64

It sounds like you're ready. I think just about everyone has some weak areas. For me, it was Application Security. It seemed like I had so many questions in this area, but like JD was saying, most people probably remember the questions that tripped them up. I had questions from every domain that stumped me but If you have an area that you think your weak on, this test will find your weakness. Make sure you go over App. Sec and Law if this is your weak spot. Trust me you will see questions on both areas.