What is the PRIMARY component of a Trusted Computer Base?

A.
The computer hardware

B.
The security subsystem

C.
The operating system software

D.
The reference monitor

Explanation:
“The security kernel is made up of hardware, software, and firmware components
that fall within the TCB and implements and enforces the reference monitor concept. The security
kernel mediates all access and functions between subjects and objects. The security kernel is the
core of the TCB and is the most commonly used approach to building trusted computing systems.
There are three main requirements of the security kernel:
• It must provide isolation for the processes carrying out the reference monitor concept, and the
processes must be tamperproof.
• It must be invoked for every access attempt and must be impossible to circumvent. Thus, the
security kernel must be implemented in a complete and foolproof way.
• It must be small enough to be able to be tested and verified in a complete and comprehensive
manner.
These are the requirements of the reference monitor; therefore, they are the requirements of the
components that provide and enforce the reference monitor concept—the security kernel.” – Shon
Harris, “CISSP All-in-One Exam Guide”, 3rd Ed, p