Which standard defines the International Standard for the Common Criteria?

A.
CSC-STD-002-85

B.
IS15408

C.
BS7799

D.
DoD 5200.28-STD

Explanation:
ISO/IEC 15408-1 is the International Standards version of the Common CriteriA. The ISO approved
and published the CC text as the new International Standard (IS) 15408 on December 1, 19994. As of
this writing the Common Criteria version is 2.1. Answer b is the Code of Practice for Information
Security Management (BS7799) developed by the British Standards Institute. The BS7799 standard
effectively comes in two parts: ISO/IEC 17799:2000 (Part 1) is the standard code of practice and can
be regarded as a comprehensive catalogue of recommended security policy. BS7799-2:1999 (Part 2)
is a standard specification for an Information Security Management System (ISMS). An ISMS is the
means by which Senior Management monitors and controls their security, minimizing the residual
business risk and ensuring that security continues to fulfill corporate, customer, and legal
requirements.5 *Answer DoD 5200.28-STD is the Orange Book, the DoD Trusted Computer System
Evaluation Criteria. *Answer CSC-STD-002-85 is the Green Book, the DoD Password Management
Guidelines. Source: The Common Criteria Project.