Chat with AI
Information Security: Principles and Practices 2nd Edition by Jim Breithaupt, Mark S. Merkow
Edition 2ISBN: 0789753251Information Security: Principles and Practices 2nd Edition by Jim Breithaupt, Mark S. Merkow
Edition 2ISBN: 0789753251Security Evaluation
1. Describe the concept of security evaluation (security assurance).
2. What are some of the general criteria used for evaluation?
Verified
Step 1 of 2
1. The security environment consists of three subsections. There are assumptions, threats, and security policies of the organization. Information Technology Security Evaluation Criteria (ITSEC) is the European criteria which fills the role roughly equal to the Trusted Computer Security Evaluation Criteria (TCSEC). There are many common requirements for ITSEC and TCSEC.
ITSEC introduced the concept of TOE (Target of evaluation). TOE refers to the system under evaluation. ITSEC also provides the assurance classes, functionality classes, and profiles for the systems. It also contains ST (Security Target). ST is a written document which contains the system security policy and required security mechanism.
Step 2 of 2
Why don’t you like this exercise?
Other
