(ISC)2(ISC)2
SSCP · Question #1327
SSCP Question #1327: Real Exam Question with Answer & Explanation
The correct answer is A: Life cycle assurance. The Trusted Computer Security Evaluation Criteria (TCSEC) identifies two core types of assurance: life cycle assurance and operational assurance, which cover a system's development and runtime security respectively.
Submitted by eva_at· Apr 18, 2026Security Concepts and Practices
Question
The Trusted Computer Security Evaluation Criteria book (TCSEC) defines two types of assurance. What are they? (Choose two)
Options
- ALife cycle assurance
- BQuality assurance
- CSystem architecture assurance
- DOS hardening methods and assurance
- EOperational assurance
Explanation
The Trusted Computer Security Evaluation Criteria (TCSEC) identifies two core types of assurance: life cycle assurance and operational assurance, which cover a system's development and runtime security respectively.
Common mistakes.
- B. Quality assurance is a broader management concept and not one of the two specific assurance types defined by TCSEC.
- C. System architecture assurance is not a formally recognized assurance category within the TCSEC framework.
- D. OS hardening methods and assurance describes a specific security practice, rather than an overarching assurance type in TCSEC.
Concept tested. TCSEC assurance types
Topics
#TCSEC#Assurance Types#Security Models#Trusted Systems
Community Discussion
No community discussion yet for this question.