CISSP · Question #954
Which of the following MOST accurately describes the Security Target (ST) in the Common Criteria framework?
The correct answer is D. A document that includes a product specific set of security criteria. The Security Target (ST) within the Common Criteria framework is a document that specifies the security properties of a particular product under evaluation.
Question
Which of the following MOST accurately describes the Security Target (ST) in the Common Criteria framework?
Options
- AThe set of rules that define how resources or assets are managed and protected
- BA product independent set of security criteria for a class of products
- CThe product and documentation to be evaluated
- DA document that includes a product specific set of security criteria
How the community answered
(35 responses)- B3% (1)
- C6% (2)
- D91% (32)
Why each option
The Security Target (ST) within the Common Criteria framework is a document that specifies the security properties of a particular product under evaluation.
This describes a general security policy or security controls, not the specific Security Target document within Common Criteria.
The Security Target (ST) is a document created by the vendor for a specific product, detailing the security functionality of that product and the security assurance requirements it aims to meet during the Common Criteria evaluation process. It outlines the specific security claims and criteria relevant to that unique product.
Concept tested: Common Criteria Security Target definition
Source: https://www.commoncriteria.org/ccl/current_docs.php
Topics
Community Discussion
No community discussion yet for this question.