Link to home
Start Free TrialLog in
Avatar of Sundayy
SundayyFlag for United States of America

asked on

HomeWork-Network Security is Evaluated Assurance Level (EAL) enough?

Hello:

I would like to know how does the Common Criteria and EAL of a product determines how much security is acceptable. Below is the  assignment question:

Question
Sometimes commercial products include the fact that they are approved to meet Common Criteria at some specified Evaluated Assurance Level  (often EAL 3 or EAL 4) in the product literature. Assuming that this is a true claim ( verify it by looking at the “evaluated products list” on the National Information Assurance Partnership website), why is this not enough to just say “this product meets our security requirements”? Discuss what else needs to be considered before selecting such a product for a system.
ASKER CERTIFIED SOLUTION
Avatar of Justin Owens
Justin Owens
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Sundayy

ASKER

Thank you for the info.