nerdexam
GIAC

GPEN · Question #272

GPEN Question #272: Real Exam Question with Answer & Explanation

The correct answer is C. Class A. In the TCSEC (Trusted Computer System Evaluation Criteria) Orange Book, Class A defines Verified Protection, the highest security division, requiring formal mathematical verification of the security model. Class A is above Classes B, C, and D in the hierarchy.

Question

Which of the following TCSEC classes defines verified protection?

Options

  • AClass B
  • BClass D
  • CClass A
  • DClass C

Explanation

In the TCSEC (Trusted Computer System Evaluation Criteria) Orange Book, Class A defines Verified Protection, the highest security division, requiring formal mathematical verification of the security model. Class A is above Classes B, C, and D in the hierarchy.

Common mistakes.

  • A. Class B defines Mandatory Protection, which includes B1 (Labeled Security Protection), B2 (Structured Protection), and B3 (Security Domains) - it is the division below Class A in the TCSEC hierarchy.
  • B. Class D defines Minimal Protection, the lowest TCSEC division, assigned to systems that were evaluated but failed to meet requirements of any higher class.
  • D. Class C defines Discretionary Protection, covering C1 (Discretionary Security Protection) and C2 (Controlled Access Protection), which rely on user-controlled access mechanisms rather than formal verification.

Concept tested. TCSEC Orange Book security classification levels

Reference. https://csrc.nist.gov/publications/detail/other/1985/12/26/dod-trusted-computer-system-evaluation-criteria/final

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice
Which of the following TCSEC classes defines verified protection? | GPEN Q#272 Answer | NerdExam