Final push

slinuxuzerslinuxuzer Member Posts: 665 ■■■■□□□□□□
Well, just 12 short days between me and the CISSP, I feel pretty good about it to this point. Here is what I have done

1. Fully read the AIO 4th Ed. over about a six months stretch
2. Fully read the exam cram book
3. Taken various transcenders
4. watched a few cbt nuggets videos on certain things
5. Currently taking the exam cram practice tests to try and pinpoint any areas or technologies I might be weak on.

6. Currently combining and updating some of the cram sheets from cccure.org so I can start doing some hardcore memorization of certain stuff like differnt standards and facts.

I feel like I have a great understanding of the technologies, but I need to memorize fire standards like suppression methods and categories of fires and encryption algorithms.

Here is the weak and strong

Strong.

1. physical security
2. Operations security
3. Cryptography

Weak.

1. Security architecture and design
2. Applications security
3. Laws, regulations, and compliance

Any last minute tips?

Comments

  • carboncopycarboncopy Member Posts: 259
    From cccure.org
    There are 5 domains that are VERY important as far as the exam is concerned. They are:

    Information Security and Risk management
    Access Control
    Security Architecture
    Telecommunication and Network Security
    BCP and DRP

    If you do not do well on two or more of those top five domains you will fail the exam.

    You must master those five domains.

    Best regards

    Clement
  • slinuxuzerslinuxuzer Member Posts: 665 ■■■■□□□□□□
    Thats interesting, this is the first I have heard of the domains being weighted. I have actually posted this question before.
  • carboncopycarboncopy Member Posts: 259
    slinuxuzer wrote: »
    Thats interesting, this is the first I have heard of the domains being weighted. I have actually posted this question before.

    That was posted on October 20th of this year. Never heard anyone mention that before.
  • slinuxuzerslinuxuzer Member Posts: 665 ■■■■□□□□□□
    I guess I missed it with all my studies, I kinda figured it was weighted anyway based on alot of the feedback of people who thought they failed and then passed.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    The common opinion is that the items in each CISSP exam booklet do not provide an even coverage of the ten domains. For example, I've talked with people who have claimed they had a lot of questions on crypto, and other who said had very few questions involving crypto.

    I'm more of the opinion that exam candidates remember mostly the questions they had the most difficulty with (I certianly do). Therefore, someone who rememebers a lot of crypto items may have had an especially difficult time with the crypography domain, and someone who doesn't didn't. I'm also thinking that the presence of the 25 research questions also skews how people preceive the exam.

    I recommend studying first the domains that you do not know very well and finishing up with the domains that you know best. Never avoid studying any topic on a calculated gamble that you won't see it on your exam. Also, don't get too involved and over-study a specific topic. You do not need to know the intricate details of how things work (DSL, SNMP, viruses, business risk analysis, MLS, etc.) to pass the exam.
  • AymanNadaAymanNada Member Posts: 17 ■□□□□□□□□□
    JDMurray wrote: »
    The common opinion is that the items in each CISSP exam booklet do not provide an even coverage of the ten domains. For example, I've talked with people who have claimed they had a lot of questions on crypto, and other who said had very few questions involving crypto.

    I'm more of the opinion that exam candidates remember mostly the questions they had the most difficulty with (I certianly do). Therefore, someone who remembers a lot of crypto items may have had an especially difficult time with the cryptography domain, and someone who doesn't didn't. I'm also thinking that the presence of the 25 research questions also skews how people preceive the exam.

    I recommend studying first the domains that you do not know very well and finishing up with the domains that you know best. Never avoid studying any topic on a calculated gamble that you won't see it on your exam. Also, don't get too involved and over-study a specific topic. You do not need to know the intricate details of how things work (DSL, SNMP, viruses, business risk analysis, MLS, etc.) to pass the exam.

    Hats off to JD.

    I can't stress more on what JD just mentioned.

    DO NOT under estimate anything, and do not skip any material thinking it is not important. That made me fail my exam 3 weeks ago.

    Moreover, I highly recommend that you go through as much practice exam as you can.
  • stoked64stoked64 Member Posts: 22 ■□□□□□□□□□
    It sounds like you're ready. I think just about everyone has some weak areas. For me, it was Application Security. It seemed like I had so many questions in this area, but like JD was saying, most people probably remember the questions that tripped them up. I had questions from every domain that stumped me but If you have an area that you think your weak on, this test will find your weakness. Make sure you go over App. Sec and Law if this is your weak spot. Trust me you will see questions on both areas.
Sign In or Register to comment.