HP A-Series Especificações descarregar pdf (Página 55)

Security Target Version 1.02, 08/16/2013

8.1.1.1 P.ACCESS_BANNER

The TOE shall display an initial banner describing restrictions of use, legal agreements, or any other

appropriate information to which users consent by accessing the TOE.

This Organizational Policy is satisfied by ensuring:

 O.DISPLAY_BANNER: To fulfill the policy to display advisory information to users prior to their use of

the TOE, the TOE is expected to display a configured banner when users login to establish an interactive

session.

8.1.1.2 T.ADMIN_ERROR

An administrator may unintentionally install or configure the TOE incorrectly, resulting in ineffective

security mechanisms.

This Threat is satisfied by ensuring:

 O.SYSTEM_MONITORING: To reduce the potential of an administrative error that might be unnoticed or

untraceable, the TOE is expected to log security relevant events and export those logs to an external log

server.

8.1.1.3 T.TSF_FAILURE

Security mechanisms of the TOE may fail, leading to a compromise of the TSF.

This Threat is satisfied by ensuring:

 O.TSF_SELF_TEST: To reduce the potential for undetected TOE failures and to help ensure the TOE

security functions are operating properly, the TOE is expected to perform self-tests.

8.1.1.4 T.UNAUTHORIZED_ACCESS

A user may gain unauthorized access to the TOE data and TOE executable code. A malicious user, process,

or external IT entity may masquerade as an authorized entity in order to gain unauthorized access to data

or TOE resources. A malicious user, process, or external IT entity may misrepresent itself as the TOE to

obtain identification and authentication data.

This Threat is satisfied by ensuring:

 O.PROTECTED_COMMUNICATIONS: To reduce the potential that an attacker might gain unauthorized

access to the TOE or its data via data transmitted across a network, the TOE is expected to protect its

communication channels.

 O.SESSION_LOCK: To reduce the potential for unauthorized access to TOE security functions and data,

the TOE is expected to lock or terminate unattended or inactive sessions.

 O.SYSTEM_MONITORING: To reduce the potential of unauthorized access attempts that might go

unnoticed, the TOE is expected to log security relevant events and export those logs to an external log

server.

 O.TOE_ADMINISTRATION: To reduce the potential of unauthorized access to TOE security functions

and data, the TOE is expected to be designed to ensure only presumably authorized administrators can log

in and access security management functions.

8.1.1.5 T.UNAUTHORIZED_UPDATE

A malicious party attempts to supply the end user with an update to the product that may compromise the

security features of the TOE.

This Threat is satisfied by ensuring:

 O.VERIFIABLE_UPDATES: To reduce the potential that an update might contain malicious or unintended

features, the TOE is expected to provide mechanisms that serve to ensure the integrity of updates prior to

their use.

1 2 ... 50 51 52 53 54 55 56 57 58 59 60 ... 65 66

Comentários a estes Manuais

Sem comentários

HP A-Series Especificações Página 55

Comentários a estes Manuais

Manuais e produtos relacionados com Barebones PC/estação de trabalho HP A-Series