Security Testing, Evaluation, and Assessment Initiative

USG Initiative for IT Security Testing

Question

Which of the following organizations is a USG initiative designed to meet the security testing, evaluation, and assessment needs of both information technology (IT) producers and consumers.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

D.

The organization that is a USG (United States Government) initiative designed to meet the security testing, evaluation, and assessment needs of both information technology (IT) producers and consumers is D. NIAP (National Information Assurance Partnership).

NIAP is a partnership between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). It was created in 1999 to provide an independent, third-party assessment and evaluation of IT products against internationally recognized standards. NIAP's primary goal is to promote the development and use of secure IT products by providing a common set of criteria for evaluating product security.

NIAP uses the Common Criteria for Information Technology Security Evaluation (CC) as its standard for evaluating IT products. The CC is an international standard (ISO 15408) that provides a rigorous and repeatable evaluation process for IT products. The CC defines security requirements for IT products and specifies evaluation methods for determining whether products meet those requirements.

NIAP evaluates IT products against the CC and issues certificates indicating the level of security provided by the product. The certificates are recognized by government and commercial organizations worldwide and provide assurance that the product has been independently evaluated and meets a specified level of security.

In summary, NIAP is a USG initiative that provides independent, third-party assessment and evaluation of IT products against internationally recognized standards. It promotes the development and use of secure IT products by providing a common set of criteria for evaluating product security and uses the Common Criteria as its standard for evaluation. NIAP certificates are recognized worldwide and provide assurance that the product has been independently evaluated and meets a specified level of security.