Which TCSEC security class category below specifies trusted recovery controls?

A.
B3

B.
C2

C.
B2

D.
B1

Explanation:
TCSEC security categories B3 and A1 require the implementation of trusted recovery. Trusted
recovery is the procedures and/or mechanisms provided to assure that, after an ADP system failure
or other discontinuity, recovery without a protection compromise is obtaineD. A system failure
represents a serious security risk because security controls may be bypassed when the system is not
functioning normally. Trusted recovery has two primary activities: preparing for a system failure
(backup) and recovering the system. Source: DoD 5200.28-STD Department of Defense Trusted
Computer System Evaluation Criteria.