How well do we need to know the Rainbow Series in order to pass the CISSP exam in 2019? Do we only

isc2cisspbouncrisc2cisspbouncr Member Posts: 12 ■■■□□□□□□□
Hi,

How well do we need to know the Rainbow Series in order to pass the CISSP exam in 2019?  Do we only need to know the Orange Book?

Thanks!
ITIL | PMP | Security+ | CISM | CISSP (Endorsing)

Comments

  • mikey88mikey88 Member Posts: 495 ■■■■■■□□□□
    You have to know at least the Rainbow Siege series. Know all the operators like Tachanka, Smoke etc. Wait, this is not a video game Question? 

    I would say just know what Orange Book is and a brief description of what it does. You don't need to know it in detail. Same for rainbow.
    Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    edited May 2019
    LORD Tachanka that is. 

    On a serious note, agree with mikey88. I wouldn't worry too much about it. When I studied for this test a had a few things that I filed under "not worth my time memorizing". This was one. The other one was details on different encryption algorithms. Block size, key length. etc? Hell no! Symmetric vs. asymmetric, stream vs block and that was it. 
  • isc2cisspbouncrisc2cisspbouncr Member Posts: 12 ■■■□□□□□□□
    Thanks folks!  I'm freaking out because the CISSP syllabus is much broader than ISACA's CISM (which I had passed).  I've also passed my Comptia Security+.  CISSP syllabus is all over the shop! 
    ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
  • StrikingInfluencerStrikingInfluencer Member Posts: 38 ■■■□□□□□□□
    Took the CISSP and passed in March.  I can say I personally didn't almost any questions about the rainbow series and the two I can recall were very basic.  Just knowing the main book colors and what they pertain to was what I studied.  
  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    I didnt care about the Rainbow Series. 
  • CyberJosh95CyberJosh95 Member Posts: 53 ■■■□□□□□□□
    Yeah, during my studies I didnt care too much about that as well. 
  • FSF150FSF150 Member Posts: 119 ■■■□□□□□□□
    edited May 2019
    I believe the fact that you know what they are is probably enough. Don't think I saw a single question about them on my exam (though with the depth of the question pool that probably doesn't mean anything). 
    First we drink the coffee. Then we do the things. :neutral:
  • PeterHandsPeterHands Member Posts: 83 ■■■□□□□□□□
    Know what the Orange book is...thats it.
    ISC2 CISSP, EC-Council CEH, CompTia Security+
  • X5c0rX5c0r Member Posts: 13 ■■■□□□□□□□
    From what I've heard from instructors the exam is much more modern so the Rainbow Series is largely removed.  Same with proprietary frameworks and specific laws since its an international exam.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    I thought they removed the much of the historical InfoSec references from the CISSP question pool after Hal Tipton died in 2012. He was the one who insisted that those topics remain in the CISSP CBK.

    The only thing I remember is that if you plugged a network cable into a computer that was certified to be Orange Book compliant then the computer would no longer be Orange Book compliant. Networked computers weren't covered until the Red Book. This is also why most Windows NT systems never met C2 compliance because most are either network clients or servers.
  • isc2cisspbouncrisc2cisspbouncr Member Posts: 12 ■■■□□□□□□□
    Hi all, I passed with 106 questions in 90 minutes.  There were exactly 2 US-centric questions about US laws.  The rest of the questions were country-agnostic.  Thanks for all your help!
    ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    So no Rainbow Series questions? (I know that I shouldn't be asking about exam content.)

    And congratz! :D
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    I took no notice of it whatsoever apart from knowing that there were a load of coloured books. Not to say that it won't come up but I didn't think it warranted space in my limited brain capacity! :D
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
  • isc2cisspbouncrisc2cisspbouncr Member Posts: 12 ■■■□□□□□□□

    JDMurray said:
    So no Rainbow Series questions? (I know that I shouldn't be asking about exam content.)

    And congratz! :D
    Thank you!  I guess the series is too US DOD-centric!
    ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    I'm not saying that there will or won't be any questions on that - I don't know. All I do know is that I didn't study the detail of them and I passed.
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
Sign In or Register to comment.