Common Criteria
Describe Common Criteria.
What do you get when you buy a CC (Common Criteria) evaluated product? These products have been through a level of testing and confirmation of some of their security strengths. The level of the evaluation indicates the type of testing done, but you get no guarantee that this product is free from exploitable vulnerability. Moreover, you must realize that any product is certified by version and by environment. That is, even if a product is certified, this may mean nothing to you. You need to ask yourself three questions:
Which version is certified? Is it the one I am using (or purchasing)?
Is the environment where this product will be used the same as the one in which it was evaluated?
Are the things this ...
Get CISSP Training Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.