The Common Criteria (CC) represents requirements for IT security of a product or system under
which distinct categories?
A.
Functional and assurance
B.
Protocol Profile (PP) and Security Target (ST)
C.
Targets of Evaluation (TOE) and Protection Profile (PP)
D.
Integrity and control
Explanation:
“Like other evaluation criteria before it, Common Criteria works to answer two basic and general
questions about products being evaluated: what does it do (functionality), and how sure are you of
that (assurance)?” pg 232 Shon Harris CISSP All-In-One Certification Exam Guide
The correct answer is B: according with:CISSP (ISC)2 Certified Information Systems Security Professional Official
0
0
The Common Criteria process is based on two key elements: protection profiles and
security targets. Protection profiles (PPs) specify for a product that is to be evaluated (the TOE) the security requirements and protections, which are considered the security desires or the “I want” from a customer. Security targets (STs) specify the claims of security from the vendor that are built into a TOE. STs are considered the implemented security measures or the “I will provide” from the vendor
0
0