PrepAway - Latest Free Exam Questions & Answers

what are two types of system assurance?

As per the Orange Book, what are two types of system assurance?

PrepAway - Latest Free Exam Questions & Answers

A.
Operational Assurance and Architectural Assurance.

B.
Design Assurance and Implementation Assurance.

C.
Architectural Assurance and Implementation Assurance.

D.
Operational Assurance and Life-Cycle Assurance.

Explanation:
When products are evaluated for the level of trust and assurance they provide, many times operational
assurance and life-cycle assurance are part of the evaluation process.
Operational assurance concentrates on the product’s architecture, embedded features, and functionality that
enable a customer to continually obtain the necessary level of protection when using the product. Examples of
operational assurances examined in the evaluation process are access control mechanisms, the separation of
privileged and user program code, auditing and monitoring capabilities, covert channel analysis, and trusted
recovery when the product experiences unexpected circumstances.
Life-cycle assurance pertains to how the product was developed and maintained. Each stage of the product’s
life cycle has standards and expectations it must fulfill before it can be deemed a highly trusted product.
Examples of life-cycle assurance standards are design specifications, clipping-level configurations, unit and
integration testing, configuration management, and trusted distribution. Vendors looking to achieve one of the
higher security ratings for their products will have each of these issues evaluated and tested.
Incorrect Answers:
A: Architectural Assurance is not one of the two types of system assurance defined in the Orange Book.
B: Design Assurance and Implementation Assurance are not the two types of system assurance defined in the
Orange Book.
C: Architectural Assurance and Implementation Assurance are not the two types of system assurance defined
in the Orange Book.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 1240


Leave a Reply