Cisco Cat4K NDPP ST 11 March 2014
EDCS-1228241
47
FCS_SSH_EXT.1.7 The TSF shall ensure that the SSH transport implementation
uses SSH_RSA and [no other public key algorithms] as its
public key algorithm(s).
FCS_SSH_EXT.1.8 The TSF shall ensure that data integrity algorithms used in
the SSH transport connection is [hmac-sha1, hmac-sha1-96,
hmac-md5-96].
FCS_SSH_EXT.1.9 The TSF shall ensure that diffie-hellman-group14-sha1 is the
only allowed key exchange method used for the SSH
protocol.
5.2.3 User data protection (FDP)
5.2.3.1 FDP_RIP.2: Full residual information protection
FDP_RIP.2.1 The TSF shall ensure that any previous information content of a
resource is made unavailable upon the [allocation of the resource
to] all objects.
5.2.4 Identification and authentication (FIA)
5.2.4.1 FIA_PMG_EXT.1: Password management
FIA_PMG_EXT.1.1 The TSF shall provide the following password management
capabilities for administrative passwords:
1. Passwords shall be able to be composed of any
combination of upper and lower case letters,
numbers, and special characters (that include: “!”,
“@”, “#”, “$”, “%”, “^”, “&”, “*”, “(“, and “)”);
2. Minimum password length shall be settable by the
Security Administrator, and support passwords of 8
characters or greater;
3. Passwords composition rules specifying the types and
number of required characters that comprise the
password shall be settable by the Security
Administrator.
4. Passwords shall have a maximum lifetime,
configurable by the Security Administrator.
5. New passwords must contain a minimum of 4
character changes from the previous password.
To Next Page
Loading...
