Mandatory Protection of TCB in Orange Book Rated Systems

B.

A B-rated system of the orange book has mandatory protection of the trusted computing base (TCB)

Trusted computing base (TCB) refers to hardware, software, controls, and processes that cause a computer system or network to be devoid of malicious software or hardware.

Maintaining the trusted computing base (TCB) is essential for security policy to be implemented successfully.

The Orange Book, also known as the Trusted Computer System Evaluation Criteria (TCSEC), is a security certification standard developed by the U.S. Department of Defense to evaluate the security of computer systems. The Orange Book defines several security levels or ratings that a computer system can achieve based on its security features.

The Trusted Computing Base (TCB) is the set of all hardware, software, and firmware components that are critical to the security of a computer system. It is the foundation upon which the security of the system is built. Protecting the TCB is essential for ensuring the overall security of the system.

Based on the above information, we can say that the answer to the question is option A, i.e., A-rated.

The A-rated systems are the most secure among all the ratings defined in the Orange Book. These systems provide the highest level of security assurance and are designed to protect against the most sophisticated threats.

One of the key features of A-rated systems is that they have a mandatory protection of the TCB. This means that the TCB is isolated from the rest of the system and is protected from unauthorized access or modification. This ensures that the TCB is not compromised, which would otherwise result in the compromise of the entire system.

In contrast, B-rated systems do not have mandatory protection of the TCB. However, they do provide discretionary access control, which allows users to control access to system resources. C-rated and D-rated systems are even less secure than B-rated systems and provide fewer security features.