2 cissp ® Official Study Guide Eighth Edition

Other important elements in this collection of documents include the following: Red Book

Download 19,3 Mb. Pdf ko'rish bet 284/881 Sana 08.04.2023 Hajmi 19,3 Mb. #925879

Bu sahifa navigatsiya:

• Publication number Title Book name

299 Other important elements in this collection of documents include the following: Red Book  Because the Orange Book applies only to stand-alone computers not attached  to a network, and so many systems were used on networks (even in the 1980s), the  Red  Book was developed to interpret the TCSEC in a networking context. In fact, the official  title of the Red Book is  Trusted Network Interpretation of the TCSEC so it could be con- sidered an interpretation of the Orange Book with a bent on networking. Quickly the Red  Book became more relevant and important to system buyers and builders than the Orange  Book. The following list includes a few other functions of the Red Book: ■ Rates confidentiality and integrity ■ Addresses communications integrity ■ Addresses denial of service protection ■ Addresses compromise (in other words, intrusion) protection and prevention ■ Is restricted to a limited class of networks that are labeled as “centralized networks  with a single accreditation authority” ■ Uses only four rating levels: None, C1 (Minimum), C2 (Fair), and B2 (Good) Green Book  The  Green Book , or the  Department of Defense Password Management  Guidelines , provides password creation and management guidelines; it’s important for  those who configure and manage trusted systems. Table 8.2 has a more complete list of books in the rainbow series. For more information  and to download the books, see the Rainbow Series web pages here: https://csrc.nist.gov/publications/detail/white-paper/1985/12/26/  dod-rainbow-series/final https://fas.org/irp/nsa/rainbow.htm Ta b l e 8 . 2 Some of the rainbow series elements Publication number Title Book name 5200.28-STD DoD Trusted Computer System Evaluation  Criteria Orange Book CSC-STD-002-85 DoD Password Management Guidelines Green Book CSC-STD-003-85 Guidance for Applying TCSEC in Specific  Environments Yellow Book NCSC-TG-001 A Guide to Understanding Audit in Trusted  Systems Tan Book NCSC-TG-002 Trusted Product Evaluation: A Guide for  Vendors Bright Blue Book Download 19,3 Mb. Do'stlaringiz bilan baham: