Specifications
Security Target Version 1.0 9/29/2014
26
Requirement Auditable Events
Additional Audit
Record Content
Guidance Notes
was loaded or removed.
FMT_MOF.1
None
FMT_MTD.1(1)
None
FMT_MTD.1(2)
None
FMT_MTD.1(3)
None
FMT_SMF.1
None
FMT_SMR.1
None
FPT_FLS.1
Failure of the TSF.
Indication that the TSF
has failed with the type
of failure that occurred.
See [SYSLOG] – message
303091. Also refer to FIPS
Security Policy for description of
audit messages.
FPT_ITT.1
None
FPT_RPL.1
Detected replay attacks.
Identity of the user that
was the subject of the
reply attack.
Identity (e.g., source IP
address) of the source of
the replay attack.
See [SYSLOG] – message
132093.
FPT_STM.1
None
FPT_TST_EXT.1
Execution of this set of
TSF self-tests.
Detected integrity
violations.
For integrity violations,
the TSF code file that
caused the integrity
violation.
See “Self Test” section of [FIPS]
for details.
FPT_TUD_EXT.1
Initiation of the update.
Any failure to verify the
integrity of the update.
None
The audit trail will indicate when
a new software image has been
copied to the TOE through use of
the “copy” command. A
complete reboot is required to
make an update actually take
effect.
FRU_RSA.1
Maximum quota being
exceeded.
Resource identifier.
See [SYSLOG] message ID
124008. The message reason
will indicate “Monitor/police CP
attacks”.
FTA_SSL.3
The termination of a
remote session by the
session locking
mechanism.
None
See [SYSLOG] – Security -
Warnings
FTA_SSL.4
Terminating a session by
quitting or logging off.
None
See [SYSLOG] – Security -
Warnings
FTA_SSL_EXT.1
Locking of an interactive
session by the session
locking mechanism.
Any attempts at unlocking
of an interactive session.
None
N/A for this TOE. Interactive
sessions are only terminated, not
locked.
FTA_TAB.1
None
FTA_TSE.1
Denial of a session
establishment due to the
session establishment
Reason for denial, origin
of establishment attempt.
See [SYSLOG] – message ID
522039, 124006.