Cybersecurity Fundamentals Specialist Exam

Exam Cybersecurity Fundamentals Specialist All QuestionsBrowse all questions from this exam

Go to Exam

Question 38

What is the purpose of ISO/IEC 15408 (Common Criteria)?

To define a security management organization

To describe a process for risk management

To define a product development evaluation methodology

To describe what constitutes a secure product

Correct Answer: C

The purpose of ISO/IEC 15408, also known as the Common Criteria, is to define a product development evaluation methodology. It establishes a framework for evaluating the security properties of information technology products to ensure they meet a set of predefined security requirements.

Discussion

Evan7557Option: C

Answer C

Beavis_123Option: C

ISO/IEC 15408-1, also known as the Common Criteria for Information Technology Security Evaluation (referred to more simply as Common Criteria or CC), establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products.

ferminsOption: D

Its D, "Standard containing a common set of requirements for the security functions of IT products and systems and for assurance measures applied to them during a security evaluation."