Which of the following uses protection profiles and security targets?

A.
ITSEC

B.
TCSEC

C.
CTCPEC

D.
International Standard 15408

Explanation:
“For historical and continuity purposes, ISO has accepted the continued use of the term “Common
Criteria” (CC) within this document, while recognizing the official ISO name for the new IS 15408 is
“Evaluation Criteria for Information Technology Security.” Pg. 552 Krutz: The CISSP Prep Guide: Gold
Edition
“The Common Criteria define a Protection Profile (PP), which is an implementation-independent
specification of the security requirements and protections of a product that could be built. The
Common Criteria terminology for the degree of examination of the product to be tested is the
Evaluation Assurance Level (EAL). EALs range from EA1 (functional testing) to EA7 (detailed testing
and formal design verification). The Common Criteria TOE refers to the product to be tested. A
Security Target (ST) is a listing of the security claims for a particular IT security product.
Also, the Common Criteria describe an intermediate grouping of security requirement components
as a package.” Pg. 266-267 Krutz: The CISSP Prep Guide: Gold Edition