@) ENAC CERTIFICACION S'ARCRUO nf CENTRO CRIPTOLOGIGO NACIONAL MRA recognition for components CCRA recognition for components. up to EAL4 and ALC_FLR only up to EAL 2 and ALC_FLR only CERTIFICATE CCN-CC-12/2020 Microsoft Windows 10 version 1909 and Microsoft Windows Server Type of product Conformance of functionality Protection Profile Conformance Evaluation Facility Certification Report Expiration Date version 1909 Operating system PP Conformance functionality Protection Profile for General Purpose Operating Systems (v4.2.1, 22/04/2019), General Purpose Operating Systems Protection Profile/Mobile Device Fundamentals Protection Profile Extended Package (EP) Wireless Local Area Network (WLAN) Clients (v1.0, 08/02/2016), PP- Module for Virtual Private Network (VPN) Clients (v2.1, 05/10/2017) DEKRA Testing and Certification S. CCN-CC/2019-47/INF-3134 See Certification Report Pursuant to the authority vested in me under Act 11/2002 regulating the National Intelligence Centre, and under Article 1 and Article 2.2.c of Royal Decree 421/2004 of March 12th regulating the National Cryptologic Centre, | hereby: Certify that the security of Microsoft Windows 10 version 1909 and Microsoft Windows Server version 1909, developed by Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052, United States of America, has been evaluated using Common Methodology for Information Technology Security Evaluation/Common Criteria for Information Technology Security Evaluation version 3.1 release 5, and it has met the requirements of its Security Target identified as “Microsoft Windows 10, Windows Server version 1909 Security Target. Version 0.03, January 16, 2020”, for evaluation assurance level PP compliant. Madrid, 21 May 2020 Secretary Of This certificate, its scope and validity are subject to the terms, conditions and requirements specified in the “Reglamento de Evaluaciön y Certificaciön de la Seguridad de las T.I.C.” at PRE/2740/2007, September 19th. The above-mentioned Security Target and Certification Report are available at the National Cryptologic Centre. This certificate will come into effect the following day that the associated certificate resolution signed by the Secretary of State Director of CCN is published in the Official State Gazette (B.O.E — https://www.boe.es). The IT product identified in this certificate has been evaluated at an accredited and licensed/approved evaluation facility using the Common Methodology for Information Technology Security Evaluation/Common Criteria for Information Technology Security Evaluation version 3.1 release 5 and CC Supporting Documents as listed in the Certification Report. This certificate applies only to the specific version and release of the product in its evaluated configuration and in conjunction with the complete Certification Report. The evaluation has been conducted in accordance with the provisions of the Spanish IT Security Evaluation and Certification Scheme, PRE/2740/2007 September the 19th, and the conclusions of the evaluation facility in the evaluation technical report are consistent with the evidence adduced. This certificate is not an endorsement of the IT product by the Spanish Scheme or by any other organisation that recognises or gives effect to this certificate, and no warranty of the IT product by the Spanish Scheme or by any other organisation that recognises or gives effect to this certificate, is either expressed or implied.