User guide

ManualsBrandsAruba ManualsComputer equipment620

Aruba Networks Security Target

Page 62 of 67

NDPP

Source

Requirement

Assurance

Family

activity again to verify the version correctly corresponds to that of the update.

Test 2: The evaluator performs the version verification activity to determine the

current version of the product. The evaluator obtains or produces an illegitimate

update, and attempts to install it on the TOE. The evaluator verifies that the

TOE rejects the update.

41.

FPT_TST_

EXT.1

The evaluator shall examine the TSS to ensure that it details the self tests that

are run by the TSF on start-up; this description should include an outline of what

the tests are actually doing (e.g., rather than saying "memory is tested", a

description similar to "memory is tested by writing a value to each memory

location and reading it back to ensure it is identical to what was written" shall be

used). The evaluator shall ensure that the TSS makes an argument that the

tests are sufficient to demonstrate that the TSF is operating correctly.

The evaluator shall also ensure that the operational guidance describes the

possible errors that may result from such tests, and actions the administrator

should take in response; these possible errors shall correspond to those

described in the TSS.

ASE_TSS

AGD_OPE

42.

FTA_SSL_

EXT.1

The evaluator shall perform the following test:

Test 1: The evaluator follows the operational guidance to configure several

different values for the inactivity time period referenced in the component. For

each period configured, the evaluator establishes a local interactive session with

the TOE. The evaluator then observes that the session is either locked or

terminated after the configured time period. If locking was selected from the

component, the evaluator then ensures that re-authentication is needed when

trying to unlock the session.

ATE_IND

43.

FTA_SSL.3

The evaluator shall perform the following test:

Test 1: The evaluator follows the operational guidance to configure several

different values for the inactivity time period referenced in the component. For

each period configured, the evaluator establishes a remote interactive session

with the TOE. The evaluator then observes that the session is terminated after

the configured time period.

ATE_IND

44.

FTA_SSL.4

The evaluator shall perform the following test:

Test 1: The evaluator initiates an interactive local session with the TOE. The

evaluator then follows the operational guidance to exit or log off the session and

observes that the session has been terminated.

Test 2: The evaluator initiates an interactive remote session with the TOE. The

evaluator then follows the operational guidance to exit or log off the session and

observes that the session has been terminated.

ATE_IND

45.

FTA_TAB.

The evaluator shall check the TSS to ensure that it details each method of

access (local and remote) available to the administrator (e.g., serial port, SSH,

HTTPS). The evaluator shall also perform the following test:

Test 1: The evaluator follows the operational guidance to configure a notice and

consent warning message. The evaluator shall then, for each method of access

specified in the TSS, establish a session with the TOE. The evaluator shall

verify that the notice and consent warning message is displayed in each

ATE_TSS

ATE_IND