Covert Channel Analysis is FIRST introduced at what level of the TCSEC rating?

A.
C2 and above.

B.
B1 and above.

C.
B2 and above.

D.
B3 and above.

Explanation:
In the Orange Book, covert channels in operating systems are not addressed until security level B2 and above
because these are the systems that would be holding data sensitive enough for others to go through all the
necessary trouble to access data in this fashion.
B2: Structured Protection: The security policy is clearly defined and documented, and the system design and
implementation are subjected to more thorough review and testing procedures. This class requires more
stringent authentication mechanisms and well-defined interfaces among layers. Subjects and devices requirelabels, and the system must not allow covert channels. A trusted path for logon and authentication
processes must be in place, which means the subject communicates directly with the application or operating
system, and no trapdoors exist. There is no way to circumvent or compromise this communication channel.
Operator and administration functions are separated within the system to provide more trusted and protected
operational functionality. Distinct address spaces must be provided to isolate processes, and a covert channel
analysis is conducted. This class adds assurance by adding requirements to the design of the system.
The type of environment that would require B2 systems is one that processes sensitive data that require a
higher degree of security. This type of environment would require systems that are relatively resistant to
penetration and compromise.
Incorrect Answers:
A: Covert Channel Analysis is not used at layer C2.
B: Covert Channel Analysis is not used at layer B1.
D: B3 is not the lowest level that uses Covert Channel Analysis. Level B2 uses Covert Channel Analysis.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 380, 396