Specifications
56
b) Drop traffic that fails integrity checks described in FDP_PUD_(EXT).1; and/or
c) Drop traffic that fails authentication checks; and/or
d) Drop traffic that matches an entry in the active list of malicious source addresses; and/or
e) Launch a de-authentication attack (rogue containment) against one or more rogue APs
and associated clients, and generate an audit record of the rogue containment with the
following audit message details:
a. date and time of the event;
b. identity of the rogue target; and
c. AP identity.
6.2 Security Requirements for the IT
Environment
6.2.1 FAU_GEN.1(2) Audit Data Generation
FAU_GEN.1.1(2) The TOE IT Environment shall be able to generate an audit record of the following auditable
events:
a. Start-up and shutdown of the audit functions;
b. All auditable events for the minimum level of audit; and
c. [additional auditable events shown in column 2 of Table 15].
Table 15 TOE IT Environment Auditable Events
Requirement
Auditable Events
Additional Audit
Record Contents
FAU_GEN.1(2)
None
None
FAU_SAR.1
None
None
FAU_SAR.2
Unsuccessful attempt to read the audit
records
The identity of the user
attempting to perform the
action
FAU_SAR.3
None
None
FAU_STG.1
None
None
FAU_STG.3
Any actions taken when the audit limits
are exceeded.
None
FAU_SEL.1(2)
All modifications to the audit
configuration that occur while the audit
collection functions are operating.
The identity of the
Administrator performing
the function.
FDP_RIP.1(2)
None
None