Suggested Answer:B🗳️
A B-rated system of the orange book has mandatory protection of the trusted computing base (TCB). Trusted computing base (TCB) refers to hardware, software, controls, and processes that cause a computer system or network to be devoid of malicious software or hardware. Maintaining the trusted computing base (TCB) is essential for security policy to be implemented successfully.
D. C-rated.
The Orange Book refers to the Trusted Computer System Evaluation Criteria (TCSEC), which was developed by the United States Department of Defense in 1983 to evaluate computer systems' security effectiveness. The TCSEC was later replaced by the Common Criteria for Information Technology Security Evaluation (CC).
The C-rating applied to a system signifies that it is intended for use with non-sensitive data and requires discretionary protection of classified information. Mandatory protection of the trusted computing base (TCB), including identification and authentication mechanisms and reference validation mechanisms, must be enforced in this rated system category. Therefore, option D is correct as mandatory protection of TCB is required in a C-rated system.
The TCSEC was developed by the United States Department of Defense to evaluate computer systems' security effectiveness.
Each rating level represents a different level of security protection provided by a particular computing system:
A-rated: Designated for systems containing highly sensitive information that require mandatory protection mechanisms.
B-rated: Designated for systems where users share access to data but can be restricted from certain resources granted only at those user's discretion
C-rated: Designed for general-purpose computer systems in which discretionary-based access is permitted avoiding any accidental or incidental loss or destruction of hardware or software components
D-rated: Represents minimal-security assurance, and it applies to standalone computers and other low-end communication devices.
The Trusted Computing Base (TCB) is a component of a computer system that implements the necessary security mechanisms to enforce the system's overall security policy. It includes all hardware, software, and firmware components that are critical to enforcing security policies. The TCB ensures that information processed by the system remains protected, making it one of the essential parts of secure systems.
In context with this question about Orange Book ratings, mandatory protection for TCB refers to the fact that certain levels of rated systems require strict enforcement measures in place for maintaining hardware and software integrity. In particular, C-rated systems must have mechanisms in place such as identification/authentication and reference validation mechanism within their TCB configurations.
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
74gjd_37
5 months, 2 weeks ago74gjd_37
5 months, 2 weeks ago74gjd_37
5 months, 2 weeks ago