Systems Security Certified Practitioner – SSCP – Question0255 - Systems Security Certified Practitioner

What does "System Integrity" mean?

A. The software of the system has been implemented as designed.
B. Users can't tamper with processes they do not own.
C. Hardware and firmware have undergone periodic testing to verify that they are functioning properly.
D. Design specifications have been verified against the formal top-level specification.

Correct Answer: C

Explanation:

System Integrity means that all components of the system cannot be tampered with by unauthorized personnel and can be verified that they work properly.
The following answers are incorrect:
The software of the system has been implemented as designed. Is incorrect because this would fall under Trusted system distribution.
Users can’t tamper with processes they do not own. Is incorrect because this would fall under Configuration Management.
Design specifications have been verified against the formal top-level specification. Is incorrect because this would fall under Specification and verification.
References:
AIOv3 Security Models and Architecture (pages 302 -306) DOD TCSEC –http://www.cerberussystems.com/INFOSEC/stds/d520028.htm