How well do we need to know the Rainbow Series in order to pass the CISSP exam in 2019? Do we only
isc2cisspbouncr
Member Posts: 12 ■■■□□□□□□□
in CISSP
Hi,
How well do we need to know the Rainbow Series in order to pass the
CISSP exam in 2019? Do we only need to know the Orange Book?
Thanks!
ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
Comments
-
mikey88 Member Posts: 495 ■■■■■■□□□□You have to know at least the Rainbow Siege series. Know all the operators like Tachanka, Smoke etc. Wait, this is not a video game Question?
I would say just know what Orange Book is and a brief description of what it does. You don't need to know it in detail. Same for rainbow.Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux -
cyberguypr Mod Posts: 6,928 ModLORD Tachanka that is.
On a serious note, agree with mikey88. I wouldn't worry too much about it. When I studied for this test a had a few things that I filed under "not worth my time memorizing". This was one. The other one was details on different encryption algorithms. Block size, key length. etc? Hell no! Symmetric vs. asymmetric, stream vs block and that was it. -
isc2cisspbouncr Member Posts: 12 ■■■□□□□□□□Thanks folks! I'm freaking out because the CISSP syllabus is much broader than ISACA's CISM (which I had passed). I've also passed my Comptia Security+. CISSP syllabus is all over the shop!
ITIL | PMP | Security+ | CISM | CISSP (Endorsing) -
StrikingInfluencer Member Posts: 38 ■■■□□□□□□□Took the CISSP and passed in March. I can say I personally didn't almost any questions about the rainbow series and the two I can recall were very basic. Just knowing the main book colors and what they pertain to was what I studied.
-
CyberJosh95 Member Posts: 53 ■■■□□□□□□□Yeah, during my studies I didnt care too much about that as well.
-
FSF150 Member Posts: 119 ■■■□□□□□□□I believe the fact that you know what they are is probably enough. Don't think I saw a single question about them on my exam (though with the depth of the question pool that probably doesn't mean anything).First we drink the coffee. Then we do the things.
-
PeterHands Member Posts: 86 ■■■□□□□□□□Know what the Orange book is...thats it.
ISC2 CISSP, EC-Council C|CISO, CEH, CompTia Security+ -
X5c0r Member Posts: 13 ■■■□□□□□□□From what I've heard from instructors the exam is much more modern so the Rainbow Series is largely removed. Same with proprietary frameworks and specific laws since its an international exam.
-
JDMurray Admin Posts: 13,091 AdminI thought they removed the much of the historical InfoSec references from the CISSP question pool after Hal Tipton died in 2012. He was the one who insisted that those topics remain in the CISSP CBK.
The only thing I remember is that if you plugged a network cable into a computer that was certified to be Orange Book compliant then the computer would no longer be Orange Book compliant. Networked computers weren't covered until the Red Book. This is also why most Windows NT systems never met C2 compliance because most are either network clients or servers. -
isc2cisspbouncr Member Posts: 12 ■■■□□□□□□□Hi all, I passed with 106 questions in 90 minutes. There were exactly 2 US-centric questions about US laws. The rest of the questions were country-agnostic. Thanks for all your help!
ITIL | PMP | Security+ | CISM | CISSP (Endorsing) -
JDMurray Admin Posts: 13,091 AdminSo no Rainbow Series questions? (I know that I shouldn't be asking about exam content.)
And congratz! -
laurieH Member Posts: 109 ■■■□□□□□□□I took no notice of it whatsoever apart from knowing that there were a load of coloured books. Not to say that it won't come up but I didn't think it warranted space in my limited brain capacity!
-
isc2cisspbouncr Member Posts: 12 ■■■□□□□□□□JDMurray said:So no Rainbow Series questions? (I know that I shouldn't be asking about exam content.)
And congratz!
ITIL | PMP | Security+ | CISM | CISSP (Endorsing) -
laurieH Member Posts: 109 ■■■□□□□□□□I'm not saying that there will or won't be any questions on that - I don't know. All I do know is that I didn't study the detail of them and I passed.