Which of the following is not an Orange book-defined operational assurance requirement?

adminSeptember 14, 2013

A.
System architecture

B.
Trusted facility management

C.
Configuration management

D.
Covert channel analysis

Explanation:
Configuration management is a part of life cycle assurance opposed to operational
assurance.
“The operational assurance requirements specified in the Orange Book are as follows:
System Architecture
System integrity
Covert channel analysis
Trusted facility management
Trusted recovery
The life cycle assurance requirements specified in the Orange Book are as follows:
Security testing
Design specification and testing
Configuration Management
Trusted Distribution”
Pg. 301 Krutz: The CISSP Prep Guide: Gold Edition.

2 Comments on “Which of the following is not an Orange book-defined operational assurance requirement?”

Jamal Ahmed says:

January 17, 2014 at 7:17 am

cehk

1

0

Log in to Reply
Ahmed says:

January 11, 2015 at 9:22 pm

Not Correct. The explanation contradicts the answer too. Configuration Management is a requirement at the B2 and above TCSEC levels.

1

0

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which of the following is not an Orange book-defined operational assurance requirement?

2 Comments on “Which of the following is not an Orange book-defined operational assurance requirement?”

Leave a Reply Cancel reply