This chapter is supplemental to and coordinated with the Operations Security chapter in the CISSP Prep Guide. The fundamentals of operations security are covered in Chapter 6 of the CISSP Prep Guide at a level on par with that of the CISSP Examination.
It is assumed that the reader has a basic knowledge of the material contained in Chapter 6 and has the CISSP Prep Guide available to provide background information for the advanced questions pertaining to the Operations Security chapter.
In the Operations Security questions areas we will discuss the Rainbow series, data remanence, the Common Criteria, configuration management, and various security terminology.
Advanced Sample Questions
- Which book of the Rainbow series addresses the Trusted Network Interpretation (TNI)?
- Red Book
- Orange Book
- Green Book
- Purple Book
- Which choice describes the Forest Green Book?
- It is a tool that assists vendors in data gathering for certifiers.
- It is a Rainbow series book that defines the secure handling of storage media.
- It is a Rainbow series book that defines guidelines for implementing access control lists.
- It does not exist; there is no “Forest Green Book.”
- Which term below BEST describes the concept of “least privilege”?
- Each user is granted the lowest clearance required for their tasks.
- A formal separation of command, program, and interface functions.
- A combination of classification and categories that represents the sensitivity of information.
- Active monitoring ...