lotus



previous page: Computer Virus for New Users FAQ
  
page up: Security
  
next page: Firewalls FAQ

Computer Security Evaluation FAQ



Frequently Asked Questions about computer security evaluation.

This FAQ about computer security evaluation was compiled and written by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.

-01 What is the National Computer Security Center (NCSC)?
The Department of Defense Computer Security Center ...
-02 What is TPEP? (Computer Security Evaluation)
The Trusted Product Evaluation Program (TPEP) is the program ...
-03 How is TPEP related to the National Security Agency (NSA)?
Both the Trusted Product Evaluation Program (TPEP) and ...
-04 How is TPEP related to the National Institute of Standards and Technology (NIST)?
In Public Law 100-235 congress directed the National ...
-05 How do I contact the TPEP?
The Trusted Product Evaluation Program can be reached by mail ...
-06 What is the TTAP? (Computer Security Evaluation)
The Trust Technology Assessment Program (TTAP) is a ...
-07 What is Dockmaster? (Computer Security Evaluation)
Dockmaster, or more precisely dockmaster.ncsc.mil, is ...
-08 Why doesn't TPEP have a WWW server on Dockmaster?
Many desirable network access features are not available in ...
-09 What is the criteria used for evaluation? (Computer Security Evaluation)
The criteria currently used by the Trusted Product ...
-10 What is the TCSEC? (Computer Security Evaluation)
The Trusted Computer System Evaluation Criteria (TCSEC) is ...
-11 What are interpretations? (Computer Security Evaluation)
It is often the case that there are several ways to read ...
-12 What is the Interpreted TCSEC (ITCSEC)? (Computer Security Evaluation)
The Interpreted Trusted Computer System Evaluation ...
-13 What is the ITSEC (as opposed to the ITCSEC)? (Computer Security Evaluation)
The Information Technology Security Evaluation Criteria (ITSEC)...
-14 What is the CTCPEC? (Computer Security Evaluation)
The Canadian Trusted Computer Product Evaluation Criteria ...
-15 What is the Common Criteria? (Computer Security Evaluation)
The Common Criteria (CC) occasionally (and ...
-16 What is the TNI? (Computer Security Evaluation)
The Trusted Network Interpretation (TNI) of the TCSEC, ...
-17 What is the TDI? (Computer Security Evaluation)
The Trusted Database Interpretation (TDI) of the TCSEC ...
-18 What is the Rainbow Series? (Computer Security Evaluation)
The Rainbow Series is the name given to the collection ...
-19 What are Process Action Team (PAT) Guidance Working Group (PGWG) documents? (Computer Security Evaluation)
The PGWG (often pronounced pig-wig) documents are also ...
-20 Is there a criteria for commercial (as opposed to military) systems? (Computer Security Evaluation)
The Trusted Product Evaluation Program (TPEP) is prohibited ...
-21 What is the Federal Criteria? (Computer Security Evaluation)
The Federal Criteria was an attempt to develop a criteria ...
-22 What are security features? (Computer Security Evaluation)
A security feature is a specific implementable function in ...
-23 What is assurance? (Computer Security Evaluation)
In the context of the Trusted Computer System ...
-24 What is a division? (Computer Security Evaluation)
A division is a set of classes (see Question 5) from ...
-25 What is a class? (Computer Security Evaluation)
A class is the specific collection of requirements in ...
-26 What is a network component? (Computer Security Evaluation)
A network component is the target of evaluation for a ...
-27 What is a Network Security Architecture Design (NSAD) document? (Computer Security Evaluation)
The documentation for a network component (see Section III,...
-28 How do I interpret a rating? (Computer Security Evaluation)
A product evaluated by the Trusted Product Evaluation ...
-29 The TCSEC is 10 years old, doesn't that mean it's outdated? (Computer Security Evaluation)
The Trusted Computer System Evaluation Criteria (TCSEC) ...
-30 How do the TCSEC and its interpretations apply to routers and firewalls? (Computer Security Evaluation)
The Trusted Network Interpretation (TNI) of the TCSEC has ...
-31 Does a trusted system require custom hardware? (Computer Security Evaluation)
A system does not require custom hardware to be ...
-32 What are the requirements for a D/C1/C2/B1/B2/B3/A1 system? (Computer Security Evaluation)
The Interpreted Trusted Computer System Evaluation ...
-33 How do I get my product evaluated? (Computer Security Evaluation)
Product developers who have a product that they wish to ...
-34 What is the evaluation process? (Computer Security Evaluation)
The evaluation process is described in detail ...
-35 How long does an evaluation take? (Computer Security Evaluation)
The length of time a developer needs to prepare for ...
-36 How much does an evaluation cost? (Computer Security Evaluation)
The Trusted Product Evaluation Program (TPEP) does not ...
-37 How do I find out about the evaluation process? (Computer Security Evaluation)
For an abstract view of the evaluation process you can ...
-38 Who actually performs the evaluations? (Computer Security Evaluation)
Trusted product evaluators come from the Trusted ...
-39 What information is released about an evaluated product? (Computer Security Evaluation)
As we begin working with a product, the vendor and ...
-40 What is RAMP? (Computer Security Evaluation)
The Rating Maintenance Phase (RAMP) Program was established ...
-41 Should I buy an evaluated product? (Computer Security Evaluation)
An evaluated product has the benefit of providing ...
-42 Does NSA buy/use evaluated products? (Computer Security Evaluation)
NSA endevours to be an exemplary customer of the products ...
-43 How do I know if a product is evaluated? (Computer Security Evaluation)
The simplest way to find out if a product is not evaluated ...
-44 What does it mean for a product to be "in evaluation"? (Computer Security Evaluation)
In the past it has been the case that Trusted ...
-45 What does it mean for a product to be "compliant" with the TCSEC? (Computer Security Evaluation)
If a product has been evaluated by the Trusted ...
-46 What and where is the Evaluated Products List (EPL)? (Computer Security Evaluation)
The Evaluated Products List (EPL) officially is ...
-47 How do I get a copy of an evaluation report? (Computer Security Evaluation)
Single copies of evaluation reports are available without ...
-48 Is an evaluated product "hacker proof?" (Computer Security Evaluation)
No product can be guaranteed to be hacker proof ...
-49 What is the rating of DOS? (Computer Security Evaluation)
MS-DOS, PC-DOS, and DR-DOS have not been evaluated. ...
-50 What is the rating of UNIX? (Computer Security Evaluation)
There are a number of evaluated products conforming to one ...
-51 What should I do if evaluated Product X appears to fail a requirement? (Computer Security Evaluation)
If an evaluated product does not seem to meet the requirements,...
-52 Why should I buy a B2/B3/A1 product over a C2/B1 product? (Computer Security Evaluation)
While the features and assurances of each class increase, ...
-53 Is there an approved program to declassify my hard drive? (Computer Security Evaluation)
In summary, no; in general, overwriting may be sufficient to ...









TOP
previous page: Computer Virus for New Users FAQ
  
page up: Security
  
next page: Firewalls FAQ