System information
Cisco Cat3K ST 6 June 2012
29
5.2.1.3 FAU_SAR.1 Audit review
FAU_SAR.1.1 The TSF shall provide [privileged administrator, and semi-
privileged administrator with appropriate privileges] with the
capability to read [all TOE audit trail data] from the audit
records.
FAU_SAR.1.2 The TSF shall provide the audit records in a manner suitable for
the user to interpret the information.
5.2.1.4 FAU_STG.1 Protected audit trail storage
FAU_STG.1.1 The TSF shall protect the stored audit records in the audit trail
from unauthorised deletion.
FAU_STG.1.2 The TSF shall be able to [prevent] unauthorised
modifications to
the stored audit records in the audit trail.
5.2.2 Cryptographic Support (FCS)
5.2.2.1 FCS_CKM.1(1): Cryptographic key generation - RSA
FCS_CKM.1.1(1) The TSF shall generate cryptographic keys in accordance with
a specified cryptographic key generation algorithm [RSA] and
specified cryptographic key sizes [1024 bits and 2048 bits]
that meet the following: [FIPS 186-3].
5.2.2.2 FCS_CKM.1(2) Cryptographic key generation – AES
FCS_CKM.1.1(2) The TSF shall generate cryptographic keys in accordance with
a specified cryptographic key generation algorithm [none] and
specified cryptographic key sizes [128-bits, 256-bits] that
meet the following: [RNG as specified in FCS_COP.1(5)].
5.2.2.3 FCS_CKM.4: Cryptographic key zeroization
FCS_CKM.4.1 The TSF shall destroy cryptographic keys in accordance with a
specified cryptographic key destruction method [cryptographic
key zeroization] that meets the following: [FIPS 140-2 level 2].
5.2.2.4 FCS_COP.1(1) Cryptographic operation (for RSA encryption/decryption)
FCS_COP.1.1(1) The TSF shall perform [encryption and decryption of keying
material] in accordance with a specified cryptographic algorithm