Which one of the following is NOT a component of a CC Protection Profile?
A.
Product-specific security requirements
B.
Threats against the product that must be addressed
C.
Security objectives
D.
Target of Evaluation (TOE) description
Explanation:
The correct answer is “Product-specific security requirements”. Product-specific security
requirements for the product or system are contained in the Security Target (ST). Additional items in
the PP are: TOE security environment description Assumptions about the security aspects of the
product’s expected use Organizational security policies or rules Application notes Rationale
Check the answer. ToE should be also a correct answer.
0
0
PP Content Five sections:
Descriptive elements,
Rationale,
Function Requirements,
Development Assurance requirements,
Evaluation Assurance requirements
0
0