Which minimum TCSEC security class category specifies trusted distribution controls?

A.
B2

B.
B3

C.
C2

D.
A1

Explanation:
Trusted distribution is defined by the Orange Book as a requirement of A1 TCB assurancE. Trusted
distribution includes procedures to ensure that all of the TCB configuration items, such as the TCB
software, firmware, hardware, and updates, distributed to a customer site arrive exactly as intended
by the vendor without any alterations. Any alteration to the TCB at any time during the system life
cycle could result in a violation of the system security policy. Assurance that the system security
policy is correctly implemented and operational throughout the system life cycle is provided by
different TCSEC requirements. At TCSEC class Al, trusted distribution, in conjunction with
configuration management, provides assurance that the TCB software, firmware, and hardware,
both original and updates, are received by a customer site exactly as specified by the vendors master
copy. Trusted distribution also ensures that TCB copies sent from other than legitimate parties are
detecteD. Source: NCSC-TG-008 A Guide to Understanding Trusted Distribution in Trusted Systems
[Lavender Book].