An organization is selecting a system that must provide strong assurance that all access control decisions are enforced correctly and cannot be bypassed. The evaluation team is considering systems certified under the Common Criteria (ISO/IEC 15408) framework. Which of the following Common Criteria assurance levels BEST meets this requirement? A. EAL2 – Structurally Tested B. EAL4 – Methodically Designed, Tested, and Reviewed C. EAL5 – Semiformally Designed and Tested D. EAL7 – Formally Verified, Designed, and Tested