According to Common Criteria, what can be described as an intermediate combination of security
requirement components?

A.
Protection profile (PP)

B.
Security target (ST)

C.
Package

D.
The Target of Evaluation (TOE)

Explanation:
“The Common Criteria define a Protection Profile (PP), which is an implementationindependent specification of the security requirements and protections of a product that should be
built. The Common Criteria terminology for the degree of examination of the product to be tested is
the Evaluation Assurance Level (EAL.) EALs range from EA1 (functional testing() to EA7 (detailed
testing and formal design verification). The Common Criteria TOE refers to the product to be
tested. A Security Target (ST) is a listing of the security claims for a particular IT security product.
Also, the Common Criteria describe an intermedicate grouping of security requirement
components as a package.”
Pg. 266- 267 Krutz: The CISSP Prep Guide: Gold Edition