PrepAway - Latest Free Exam Questions & Answers

Which of following assure the Target of Evaluation (or …

Common Criteria has assurance level from EAL 1 to EAL 7 regarding the depth of design and testing. Which of
following assure the Target of Evaluation (or TOE) is methodically designed, tested and reviewed?

PrepAway - Latest Free Exam Questions & Answers

A.
EAL 3

B.
EAL 4

C.
EAL 5

D.
EAL 6

Explanation:
Under the Common Criteria model, an evaluation is carried out on a product and it is assigned an Evaluation
Assurance Level (EAL). The thorough and stringent testing increases in detailed-oriented tasks as the
assurance levels increase. The Common Criteria has seven assurance levels. The range is from EAL1, where
functionality testing takes place, to EAL7, where thorough testing is performed and the system design is
verified. The different EAL packages are listed next:
EAL1 Functionally tested
EAL2 Structurally tested
EAL3 Methodically tested and checked
EAL4 Methodically designed, tested, and reviewed
EAL5 Semi-formally designed and tested
EAL6 Semi-formally verified design and tested
EAL7 Formally verified design and tested
Incorrect Answers:
A: EAL3 is ‘methodically tested and checked’, not ‘methodically designed, tested, and reviewed’.
C: EAL5 is ‘semi-formally designed and tested, not ‘methodically designed, tested, and reviewed’.
D: EAL6 is ‘semi-formally verified design and tested, not ‘methodically designed, tested, and reviewed’.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 402


Leave a Reply