@
centro criptoldgico nacional
CERTIFICATE
CCN-CC-9/2024
Microsoft SQL Server 2022 Database Engine Enterprise Edition x64
(English) version 16.0.4105.2
Type of product Database management system
Conformanceoffunctionality PP Conformance functionality
Protection Profile Conformance Collaborative Protection Profile for Database Management
Systems, Version 1.3, March 13, 2023
EvaluationFacility DEKRATesting and Certification S.A.U.
Certification Report CCN-CC/2022-36/INF-4306
Expiration Date See Certification Report
Pursuant to the authority vested in me under Act 11/2002 regulating the National Intelligence Centre,
and underArticle 1 and Article 2.2.c of Royal Decree 421/2004 of March 12th regulating the National
Cryptologic Centre, | hereby:
Certify that the security of Microsoft SQL Server 2022 Database Engine Enterprise Edition x64 (English)
version 16.0.4105.2, requested by Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052,
Estados Unidos de América, has been evaluated using Common Methodology for Information
Technology Security Evaluation/Common Criteria for Information Technology Security Evaluation
version 3.1 release 5, and it has met the requirementsof its Security Target identified as “Microsoft SQL
Server 2022 Database Engine CommonCriteria Evaluation (EAL2+) Security Target (version: 1.2, 2024-
02-08)”, for evaluation assurance level EAL2 + ALC_FLR.3.
Madrid, 10 April 2024
Secretary of State Director
esperar
za Castéleiro Llamazares
This certificate, its scope and validity are subject to the terms, conditions and requirements specified in the
“Reglamento de Evaluación y Certificación de la Seguridad de las T.I.C.” at PRE/2740/2007, September 19th.
ENAC
CERTIFICACIÓN
150 17065
245/C-PRTIO
The above-mentioned Security Target and Certification Report are available at the National Cryptologic Centre.
This certificate will come into effect the following day that the associated certificate resolution signed by
the Secretary of State Director of CCN is published in the Official State Gazette (B.O.E —
https://www.boe.es).
The IT product identified in this certificate has been evaluated at an accredited and licensed/approved
evaluation facility using the Common Methodology for Information Technology Security
Evaluation/Common Criteria for Information Technology Security Evaluation version 3.1 release 5 and
CC Supporting Documentsaslisted in the Certification Report. This certificate applies only to the specific
version and release of the product in its evaluated configuration and in conjunction with the complete
Certification Report. The evaluation has been conducted in accordance with the provisions of the
Spanish IT Security Evaluation and Certification Scheme, PRE/2740/2007 September the 19th, and the
conclusions of the evaluation facility in the evaluation technical report are consistent with the evidence
adduced. This certificate is not an endorsement of the IT product by the Spanish Schemeor by any other
organisation that recognises or gives effect to this certificate, and no warranty of the IT product by the
Spanish Scheme or by any other organisation that recognises or gives effect to this certificate, is either
expressed or implied.