A difference between the Information Technology Security Evaluation Criteria (ITSEC) and the
Trusted Computer System Evaluation Criteria (TCSEC) is:

A.
TCSEC addresses availability as well as confidentiality

B.
ITSEC addresses confidentiality only

C.
ITSEC addresses integrity and availability as well as confidentiality

D.
TCSEC separates functionality and assurance

Explanation:
TCSEC addresses confidentiality only and bundles functionality and assurance. Thus, the other
answers are incorrect. By separating functionality and assurance as in ITSEC, one could specify fewer
security functions that have a high level of assurance. This separation carried over into the Common
Criteria.