Cissp exam Domain weight

My question (I hope it's ok to ask). Are all domain weight equal. Or should I focus on larger domains more (Telecom, Access control)?

Find more posts tagged with

Comments

TheProfezzor

According to my own research and knowledge, the following are the most important domains and you should cover them well. The domains are listed according to their importance, coverage of the exam.

Telecom and Network Security
Information Security and Risk Management
Access Control
Application Development Security
Business Continuity and Disaster Recovery
System Architecture and Design
Operations Security
Laws and Regulations
Cryptography
Physical Security

sojourn

Clement said these are the top 5 in 2009. I am not sure if this is still current?

Information Security and Risk management
Access Control
Security Architecture
Telecommunication and Network Security
BCP and DRP

It doesn't exactly match with yours above. Personally I would be quite surprised if Application Development Security is higher rated than either BCP/DRP or Systems Architecture.

TheProfezzor

sojourn wrote: »

Clement said these are the top 5 in 2009. I am not sure if this is still current?

Information Security and Risk management
Access Control
Security Architecture
Telecommunication and Network Security
BCP and DRP

It doesn't exactly match with yours above. Personally I would be quite surprised if Application Development Security is higher rated than either BCP/DRP or Systems Architecture.

Basically, I established the list after getting info from 5 people, who recently appeared for CISSP. ISC2 is hitting application development security hard enough. But, you are right. BCP and DRP is equally significant. People going for CISSP can't ignore either of them.

voodoo26

Application Development Security and Laws and Regulations domains were my key domains (weakest) which cause of my first attempt failure. I suggest you to consider all domains are important and study them equally and seriously. One wrong answer from least important domain can change your exam result. And also do not consider to study those domain just for exam. All domains will broaden your security knowledge and you will use it for your company in your working life. This is my humble opinion for this topic

stryder144

@voodoo26...well thought out point. Many people I talk to have this tendency to only study what they think will be on the cert exam. That misses the point entirely. If you don't know the material to the greatest extent possible, you are only short changing yourself. Are you planning on retaking the exam?

voodoo26

@stryder144, Yes i will be retaking the exam at 17th April. Underestimating the domains can cause huge disappointment and there is no turning back once you are done. I failed with 670/700. I will see what will happen next

Grafixx01

If you get the Shon Harris 6th edition, latest release / printing, the CD in there has over 1400 questions. Do the exams on it a few times and see where your scores sit, as far as which domains you should re-read/study harder. That's what I did when I was going for the CISSP. It helped a lot to do that and then read the Eric Conrad 2nd Edition Cram Guide to get the knowledge I needed.

Jonnyg

sojourn wrote: »

Clement said these are the top 5 in 2009. I am not sure if this is still current?

Information Security and Risk management
Access Control
Security Architecture
Telecommunication and Network Security
BCP and DRP

It doesn't exactly match with yours above. Personally I would be quite surprised if Application Development Security is higher rated than either BCP/DRP or Systems Architecture.

I have taken the exam this year and would recommend you know all of the domains inside and out, regardless of importance. You may have some domains that are questioned more heavily than others, but there's no way to know what your exam will be like. Additionally, I think the domains are much closer as far as question percentages than they perhaps may have been in the past. I felt as though I received a roughly equal representation of all the domains. Don't forget that many questions can touch on more than one domain. You really just need to know it all.

JDMurray

All the the CISSP CBK domains are equally represented on the exam. People tend to remember the exam items they had the most difficulty with, which leads to observations such as, "My exam sure had a lot of crypto questions," and "I hardly had any questions on physical security." Just to make it more confusing, there is also the likelihood of exam items containing information from two (or more) domains, but only representing one domain in the exam item pool. When I took my CISSP exam, I attempted to tally the items by domain to check the spread, but gave up because it was too difficult to determine which domain some of the exam items belonged.

jvrlopez

I'm not taking any chances. I'm covering them all.

Some get more focus from me than others, but that's because I'm less familiar with them than others, not because I believe they'll be weighted differently. Rather over study than under.

Nabsh07

Thank you for the feedback. I'm studying all. I was confused because some of the domains are very large and others have small presence.

jvrlopez and voodoo26. Good luck.