At what Orange Book evaluation levels are design specification and verification FIRST required?

A.
C1 and above.

B.
C2 and above.

C.
B1 and above.

D.
B2 and above.

Explanation:
B1: Labeled Security: Each data object must contain a classification label and each subject must have a
clearance label. When a subject attempts to access an object, the system must compare the subject’s and
object’s security labels to ensure the requested actions are acceptable. Data leaving the system must also
contain an accurate security label. The security policy is based on an informal statement, and the design
specifications are reviewed and verified.This security rating is intended for environments that require systems to handle classified data.
Incorrect Answers:
A: Design specification and verification are not required at level C1.
B: Design specification and verification are not required at level C2.
D: B2 is not the lowest level that requires design specification and verification. Level B1 requires design
specification and verification.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 395