Protection profiles used in the Common Criteria evaluation process contain five elements. Which of the following establishes the type and intensity of the evaluation?

A.
Descriptive elements

B.
Evaluation assurance requirements

C.
Evaluation assurance level

D.
Security target

Explanation:
B: The Common Criteria use protection profiles in their evaluation process. This is a mechanism that is used to describe a real-world need of a product that is not
currently on the market. The protection profile contains the set of security requirements, their meaning and reasoning, and the corresponding evaluation assurance level
(EAL) rating that the intended product will require. The protection profile describes the environmental assumptions, the objectives, and the functional and assurance
level expectations. Each relevant threat is listed along with how it is to be controlled by specific objectives. The protection profile also justifies the assurance level and
requirements for the strength of each protection mechanism. Evaluation assurance requirements establish the type and intensity of the evaluation. The other four
sections in a protection profile are descriptive elements, rationale, functional requirements, and development assurance requirements.
A is incorrect because the descriptive elements section of a protection profile provides the name of the profile and a description of the security problem that is to be
solved. The protection profile provides a means for a consumer, or others, to identify specific security needs; this is the security problem that is to be conquered. If
someone identifies a security need that is not currently being addressed by any current product, that person can write a protection profile describing the product that
would be a solution for this real-world problem. The protection profile goes on to provide the necessary goals and protection mechanisms to achieve the necessary level
of security and a list of the things that can go wrong during this type of system development. This list is used by the engineers who develop the system, and then by the
evaluators to make sure the engineers dotted every i and crossed every t.
C is incorrect because the evaluation assurance level (EAL) is not one of the five parts of a protection profile. An EAL is assigned to a product after it has been
evaluated under the Common Criteria. The thorough and stringent testing increases in detailed-oriented tasks as the assurance levels increase. The Common Criteria
have seven assurance levels: EAL 1, functionally tested; EAL 2, structurally tested; EAL 3, methodically tested and checked; EAL 4, methodically designed, tested, and
reviewed; EAL 5, semiformally designed and tested; EAL 6, semiformally verified design and tested; and EAL 7, formally verified design and tested.
D is incorrect because security target is the vendor’s written explanation of the security functionality and assurance mechanisms that meet the needed security
solution; in other words, “This is what our product does and how it does it.” Like other evaluation criteria before it, the Common Criteria work to answer two basic
questions about products being evaluated: what does its security mechanisms do (functionality), and how sure are you of that (assurance)? This system sets up a
framework that enables consumers to clearly specify their security issues and problems; developers to specify their security solution to those problems; and evaluators
to unequivocally determine what the product actually accomplishes.