SSCP Question #200: Real Exam Question with Answer & Explanation

The correct answer is C: Hardware and firmware have undergone periodic testing to verify that they are functioning. In the TCSEC context, System Integrity is an Operational Assurance requirement that specifically concerns hardware and firmware: it requires periodic testing to verify that these components are functioning correctly and have not been tampered with. It is not about software implem

Submitted by manish99· Apr 18, 2026Systems and Application Security

Question

What does "System Integrity" mean?

Options

AThe software of the system has been implemented as designed.
BUsers can't tamper with processes they do not own.
CHardware and firmware have undergone periodic testing to verify that they are functioning
DDesign specifications have been verified against the formal top-level specification.

Explanation

In the TCSEC context, System Integrity is an Operational Assurance requirement that specifically concerns hardware and firmware: it requires periodic testing to verify that these components are functioning correctly and have not been tampered with. It is not about software implementation matching design specs (A) - that falls under Design Specification and Verification. It is not about preventing users from tampering with processes (B) - that is addressed by access control mechanisms. Verifying design specs against a formal top-level specification (D) is part of the Formal Verification requirement at higher TCSEC levels.

Topics

#System Integrity#Hardware Security#Firmware Security#System Verification

Community Discussion

No community discussion yet for this question.

Full SSCP Practice Browse All SSCP Questions