Trusted OS capabilities

Question from CompTia website Security+ practice exam questions:

Which of the following operating systems offers Trusted OS capabilities by default?
A. Windows Vista
B. Windows 7
C. SE Linux
D. Backtrack

Answer: B. Windows 7

I didn't find much on this topic in Darril's book, Security+ GCGA, but a quick Google search found 3 sites that answered the question with 'SE Linux' and one that answered 'Windows 7'.

So which is it?

Is there an official list of OSs that are certified as having "Trusted OS capabilities"?

Thanks,

-Michael

Find more posts tagged with

Comments

OctalDump

Well, a quick look at the Wikipedia article provides some insight.

Essentially, an OS can be certified as a Trusted OS, against an Evaluation Assurance Level under the Common Criteria. The Common Criteria is ISO/IEC 15408. Windows 7 has this certification.

SE Linux isn't strictly speaking an OS - Linux itself being an amorphous blob of bits and pieces due to its decentralised, community model. However, Red Hat could build a distribution which includes SE Linux (and RHEL does), and then submit that whole work for certification, and get it certified.

So, it comes down to a little nuance about what an OS is (and SE Linux isn't), and what it means to be "Trusted Operating System" (generally understood to be defined under the Common Criteria).

B is correct.

gunther123

Thank you.

Googling "SE Linux" defines it as a "...linux kernel security module..." as opposed to an OS.