CISSP Exam - Question 398

D is correct

Yea D is correct

D - The option that most accurately describes the Security Target (ST) in the Common Criteria framework is D - A document that includes a product specific set of security criteria. The Security Target is a document created by the vendor that identifies the specific security functions and assurances for their product. It outlines the security claims, objectives, requirements, and evaluation criteria for that particular product. The Protection Profile (B) is the product-independent set of criteria for a class of products. The Policy (A) defines security rules. The Target of Evaluation (C) is the actual product/docs being evaluated. the Security Target uniquely contains the vendor-defined security features and evaluation requirements tailored to their specific product undergoing Common Criteria assessment.

This document defines the security properties of the product being evaluated.

my bad i mean C , D is the definition for the PP or protection profile

D. A document that includes a product-specific set of security criteria. The Security Target is a critical document in the Common Criteria (CC) certification process. It defines the security requirements and objectives for a specific product or system to be evaluated. The ST outlines the security features and functions that the product or system is expected to provide, as well as the specific evaluation criteria that will be used to assess its security. This document serves as the basis for the evaluation process and helps ensure that the product or system meets the desired security requirements.

For information on Common Criteria Framework: https://commoncriteriaportal.org/index.cfm

it says TARGET