Certified Secure Software Lifecycle Professional (CSSLP) — Question 83
Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?
Answer options
- A. FITSAF
- B. FIPS
- C. TCSEC
- D. SSAA
Correct answer: D
Explanation
The SSAA (System Security Authorization Agreement) is designed to set the minimum standards for evaluating security controls in computer systems. FITSAF, FIPS, and TCSEC are also security-related standards but do not specifically focus on the assessment of security controls in the same manner as SSAA.