which of the following that the Orange Book did not address?

adminDecember 21, 2017

The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following
that the Orange Book did not address?

PrepAway - Latest Free Exam Questions & Answers

A.
integrity and confidentiality

B.
confidentiality and availability

C.
integrity and availability

D.
none of the above

Explanation:
A difference between ITSEC and TCSEC is that TCSEC bundles functionality and assurance into one rating,
whereas ITSEC evaluates these two attributes separately. The other differences are that ITSEC was developed
to provide more flexibility than TCSEC, and ITSEC addresses integrity, availability, and confidentiality, whereas
TCSEC addresses only confidentiality. ITSEC also addresses networked systems, whereas TCSEC deals with
stand-alone systems.
Incorrect Answers:
A: Both ITSEC and TCSEC address confidentiality.
B: Both ITSEC and TCSEC address confidentiality.
D: One of the answers given is correct.
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 401

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

which of the following that the Orange Book did not address?

Leave a Reply Cancel reply