Which of the following is not an Orange Book-defined operational assurance requirement?
A.
System architecture
B.
Trusted facility management
C.
Configuration management
D.
Covert channel analysis
Explanation:
Systems Integrity is a part of operational assurance opposed to life cycle assurance.
“The operational assurance requirements specified in the Orange Book are as follows:
System Architecture
System integrity
Covert channel analysis
Trusted facility management
Trusted recovery
The life cycle assurance requirements specified in the Orange Book are as follows:
Security testing
Design specification and testing
Configuration Management
Trusted Distribution”
Pg. 301 Krutz: The CISSP Prep Guide: Gold Edition.