Email from a Subscriber
Dear Study Notes and Theory
Should we memorize everything about the TCSEC levels?
How did you prepare for questions such as these?
Who is responsible for implementing user clearances in computer-based information systems at the B3 level of the TCSEC rating?
Looks like I still remember a few things, the correct answer without even researching it first, is Security Administrators!
This question by a reader brought back some terrible memories of trying to memorize all the criteria for The Orange Book, aka TCSEC.
When I first started studying the CISSP, I thought I’d memorize it really quick, and I did. The problem was that in 1 week, I’d forget everything!
So I decided to write all the levels along with their criteria on a piece of paper, because writing helps memorization. I still forgot about it days later.
I finally decided to just write a post about it, find it here: All You Need to Know About TCSEC for the Exam
I wrote a post not because I needed to memorize it more, but because I would have a place on the Internet to reach for the levels when I wanted to review it. This way I could read it on my phone when I’m waiting for something, or read it before I go to bed. When studying for the CISSP, I ate, slept, breathed CISSP.
In the end dear reader, TCSEC is not really used these days, it has been superseded by the Common Criteria, the levels of which you can see here: Common Criteria EAL Levels
It may or may not be on the exam, but if you just can’t memorize everything single detail, at least try to memorize the different levels. Know that Level D is the lowest form of assurance, while Level A is the highest and most secure form of assurance.
I’m not really sure how much of the new exam will test you on each of the TCSEC levels. If it were me, I’d just study and memorize them up until the point I take the exam, just to be sure it is at least in your brain. If you want, just memorize it, and then write it down on a piece of paper at the testing center. At least this way, it is out of your head, and somewhere where you can reach for it.
Thank you for reading and posting this question!