PrepAway - Latest Free Exam Questions & Answers

Which Orange book security rating introduces security l…

Which Orange book security rating introduces security labels?

PrepAway - Latest Free Exam Questions & Answers

A.
C2

B.
B1

C.
B2

D.
B3

Explanation:
B1: Labeled Security: Each data object must contain a classification label and each subject must have a
clearance label. When a subject attempts to access an object, the system must compare the subject’s and
object’s security labels to ensure the requested actions are acceptable. Data leaving the system must also
contain an accurate security label. The security policy is based on an informal statement, and the design
specifications are reviewed and verified.
This security rating is intended for environments that require systems to handle classified data.
Incorrect Answers:
A: Security labels are not required at level C2.
C: Security labels are required at level B2; however, they were introduced at level B1.
D: Security labels are required at level B3; however, they were introduced at level B1.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 395


Leave a Reply