Wednesday, August 01, 2007

So, while I have been here I have discovered a couple things. One of the main problems with the CISSP is the level of knowledge that you need to know for the exam. The number of fields of knowledge involved in the CISSP cover more than any other security certification, so often the question is how much do I need to know in each domain/field.

In the field of encryption, you do not need to know the math involved in the various encryption algorithms, but you do need to know the differences between all of the major encryption systems. For example, you need to know the differences between AES and Diffie-Hellman, in terms of block size, type of algorithm, speed, mechanics, processing ability, etc. Making up a chart of all of the major encryption methods to allow to compare is probably a good way to start. At the end of the exercise, you should be able to recommend the correct encryption system based upon the situation that it will be used in.

No comments: