ISO 15408 Standard

Exit

Question 1 of 1

  Time Left


0 [{"id":46806,"quiz_id":"3788","answer_id":null,"answerType_id":"2","created_at":"2016-03-20 14:12:34","updated_at":"2016-03-20 14:49:32","questionName":"ISO\/IEC 15408 is presented as a set of distinct but related parts. Match the part with the appropriate definition","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":7,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":55026,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-04-15 23:47:06","updated_at":"2016-04-15 23:47:06","questionName":"where moderate level of independently assured security is required. The cooperation from the developer is requires. It places additional requirements on testing, development environment controls and configuration management. The additional requirement is the Life Cycle support.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":null,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46799,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-03-20 13:54:43","updated_at":"2016-03-20 14:49:32","questionName":"What is ISO 15408 Title?","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":0,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":55027,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-04-15 23:48:57","updated_at":"2016-04-15 23:48:57","questionName":"Where moderate to high level of independently assured security is required. It is to ensure that there is some security engineering added to commercial development practices. This currently the highest level likely for retrofit of an existing product. There are additional requirements on design, implementation, vulnerability analysis, development and configuration management","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":null,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46804,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-03-20 14:09:03","updated_at":"2016-03-20 14:49:32","questionName":"Contains criteria to be used when forming judgments about the conformance of TOEs to their security requirements.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":5,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":55025,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-04-15 23:45:18","updated_at":"2016-04-15 23:45:18","questionName":"where low to moderate level of independently assured security is required. Here, it requires some cooperation from the developer. It will definitely require no more than good vendor commercial practices. To add to the previous requirements are developer testing, vulnerability analysis, and more extensive and independent testing.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":null,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":55029,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-04-15 23:51:50","updated_at":"2016-04-15 23:51:50","questionName":"Where assets are highly valuable and risks are extremely high. However, practical use is functionally limited for amenability to formal analysis. The assurance is gained through application of formal methods. The additional requirements for these is testing and formal analysis.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":null,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":55028,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-04-15 23:50:22","updated_at":"2016-04-15 23:50:22","questionName":"Where assets are valuable and risks are high and do requires a rigorous development environment. The additional requirements are on analysis, design, development, configuration management, and vulnerability\/covert channel analysis.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":null,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46871,"quiz_id":"3788","answer_id":null,"answerType_id":"2","created_at":"2016-03-20 15:09:39","updated_at":"2016-03-20 15:16:58","questionName":"Match the Common Criteria EAL Assurance levels with the description","questionTimeSeconds":"0","questionTimeMinutes":"5","questionImagePath":null,"position":null,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46800,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-03-20 14:02:25","updated_at":"2016-03-20 14:49:32","questionName":"A set of software, firmware and\/or hardware possibly accompanied by guidance.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":1,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46803,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-03-20 14:08:19","updated_at":"2016-03-20 14:49:32","questionName":"Intended to support in preparing for and assisting in the evaluation of their TOEs and in identifying security requirements to be satisfied by those TOEs.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":4,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":55024,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-04-15 23:43:06","updated_at":"2016-04-15 23:43:06","questionName":"Where threat to security is not serious, however some confidence in current operation is required. In the evaluation, there is no assistance from TOE developer. The requirements are: Configuration Management, Delivery and Operation, Development, Guidance documents and Tests.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":null,"explanation":"","question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46805,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-03-20 14:09:49","updated_at":"2016-03-20 14:49:32","questionName":"Is oriented towards specification and evaluation of the IT security properties of TOEs, it may also be useful as reference material to all parties with an interest in or responsibility for IT security.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":6,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46801,"quiz_id":"3788","answer_id":null,"answerType_id":"1","created_at":"2016-03-20 14:06:15","updated_at":"2016-03-20 14:49:32","questionName":"There are four groups with a general interest in evaluating security profiles. List three","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":2,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null},{"id":46802,"quiz_id":"3788","answer_id":null,"answerType_id":"0","created_at":"2016-03-20 14:07:11","updated_at":"2016-03-20 14:49:32","questionName":"Written to ensure that evaluation fulfills the fundamental purpose and justification for the evaluation process.","questionTimeSeconds":"0","questionTimeMinutes":"2","questionImagePath":null,"position":3,"explanation":null,"question_score_id":null,"lang":null,"questionAudioPath":null}]
46806
0
120
block

ISO/IEC 15408 is presented as a set of distinct but related parts. Match the part with the appropriate definition

Match the text (click and drag)   

(0/0)




Match the text

Introduction and general model

Security functional components

Security assurance components

Click and drag

Seven pre-defined assurance packages which are called the EAL.

Concepts and principles of IT security evaluation.

serve as standard templates upon which to base requirements for TOEs.


55026
0
120
none
46799
0
120
none
55027
0
120
none
46804
0
120
none
55025
0
120
none
55029
0
120
none
55028
0
120
none
46871
0
300
none
46800
0
120
none
46803
0
120
none
55024
0
120
none
46805
0
120
none
46801
0
120
none
46802
0
120
none