Sybex Chapter 8

medicmedic CCNA, A+, Network+, Security+, Project+Member Posts: 116 ■■■□□□□□□□
in CISSP
I've been slowly making my way through the Sybex 8th book and just smacked into Chapter 8, "Principles of Security Models, Design, and Capabilities".  My eyes glazed over and brain started drifting off to happier places.  I finished it and got 18/20 on the end of chapter questions, but I felt like the chapter content went a lot deeper than the review questions.

Going to need to spend some more time here.  Any advice for this topic?
· Share on FacebookShare on Twitter

Comments

  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    Security models are architectural/philosophical/academic concepts. It really helps to translate the concepts to some sort of real-world situation of organization involving security.

    You must have picked up some understanding if you got most of the chapter quiz questions correct (not counting the ones that you guessed right ;) ). I recommend running through the related study aides on sites like Quizlet to check your understanding.

    Forum Admin at www.techexams.net
    --
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    · Share on FacebookShare on Twitter
  • medicmedic CCNA, A+, Network+, Security+, Project+ Member Posts: 116 ■■■□□□□□□□
    The understanding of the general idea I basically have, and I felt that is what the end of chapter questions were based on.  It was the details in the chapter that were rough, like the levels of TCSEC vs ITSEC vs Common Criteria and the like...

    This will be an area that I will need to spend more time on.  That Quizlet link will be helpful.  Thanks!
    · Share on FacebookShare on Twitter
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    For each term that I am researching (TCSEC, ITSEC, Common Criteria, etc.), I usually hit Wikipedia first to see what's written there and to look through the article's external references. Knowing the history of how and why these models/frameworks were developed is useful too.

    Forum Admin at www.techexams.net
    --
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    · Share on FacebookShare on Twitter
  • medicmedic CCNA, A+, Network+, Security+, Project+ Member Posts: 116 ■■■□□□□□□□
    Good suggestion.  Thanks.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.