PrepAway - Latest Free Exam Questions & Answers

Which of the following is the lowest TCSEC class wherei…

Which of the following is the lowest TCSEC class wherein the systems must support separate operator and
system administrator roles?

PrepAway - Latest Free Exam Questions & Answers

A.
B2

B.
B1

C.
A1

D.
A2

Explanation:
B2: Structured Protection: The security policy is clearly defined and documented, and the system design and
implementation are subjected to more thorough review and testing procedures. This class requires more
stringent authentication mechanisms and well-defined interfaces among layers. Subjects and devices require
labels, and the system must not allow covert channels. A trusted path for logon and authentication processes
must be in place, which means the subject communicates directly with the application or operating system, and
no trapdoors exist. There is no way to circumvent or compromise this communication channel. Operator and
administration functions are separated within the system to provide more trusted and protected
operational functionality. Distinct address spaces must be provided to isolate processes, and a covert
channel analysis is conducted. This class adds assurance by adding requirements to the design of the system.
The type of environment that would require B2 systems is one that processes sensitive data that require a
higher degree of security. This type of environment would require systems that are relatively resistant to
penetration and compromise.
Incorrect Answers:
B: Separate operator and system administrator roles are not required at level B1.
C: Separate operator and system administrator roles are required at level A1. However, they are also required
at the lower level of B2.
D: Separate operator and system administrator roles are required at level A2. However, they are also required
at the lower level of B2.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 396http://csrc.nist.gov/publications/secpubs/rainbow/std001.txt


Leave a Reply