Archived
TD0338: NIT Technical Decision for Access Banner Verification
Publication Date
2018.08.02
Protection Profiles
CPP_ND_V2.0E
Other References
ND SD V2.0, FTA_TAB.1
Issue Description
The NIT has issued a technical decision for Access Banner Verification. Resolution
In ND SD, the TSS section for FTA_TAB.1 shall be replaced by: <new>"The evaluator shall check the TSS to ensure that it details each administrative method of access (local and remote) available to the Security Administrator (e.g., serial port, SSH, HTTPS). The evaluator shall check the TSS to ensure that all administrative methods of access available to the Security Administrator are listed and that the TSS states that the TOE is displaying an advisory notice and a consent warning message for each administrative method of access. The advisory notice and the consent warning message might be different for different administrative methods of access, and might be configured during initial configuration (e.g. via configuration file)."</new>
For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201732rev2.pdf
Justification
The TSS activities are intended to give the evaluator enough information to identify the access methods that must be tested in section 2.6.4.3 (ND SD v2.0). Each access method may have different display capabilities, rendering a single access banner impractical or inappropriate. |