User Data Protection (Fdp); Identification And Authentication (Fia) - Cisco Catalyst 4503-E Manual

Cisco Cat4K NDPP ST
EDCS-1228241
FCS_SSH_EXT.1.7 The TSF shall ensure that the SSH transport implementation
FCS_SSH_EXT.1.8 The TSF shall ensure that data integrity algorithms used in
FCS_SSH_EXT.1.9 The TSF shall ensure that diffie-hellman-group14-sha1 is the

5.2.3 User data protection (FDP)

5.2.3.1 FDP_RIP.2: Full residual information protection
FDP_RIP.2.1 The TSF shall ensure that any previous information content of a
resource is made unavailable upon the [allocation of the resource
to] all objects.

5.2.4 Identification and authentication (FIA)

5.2.4.1 FIA_PMG_EXT.1: Password management
FIA_PMG_EXT.1.1 The TSF shall provide the following password management
uses SSH_RSA and [no other public key algorithms] as its
public key algorithm(s).
the SSH transport connection is [hmac-sha1, hmac-sha1-96,
hmac-md5-96].
only allowed key exchange method used for the SSH
protocol.
capabilities for administrative passwords:
1. Passwords shall be able to be composed of any
combination of upper and lower case letters,
numbers, and special characters (that include: "!",
"@", "#", "$", "%", "^", "&", "*", "(", and ")");
2. Minimum password length shall be settable by the
Security Administrator, and support passwords of 8
characters or greater;
3. Passwords composition rules specifying the types and
number of required characters that comprise the
password shall
Administrator.
4. Passwords
configurable by the Security Administrator.
5. New passwords must contain a minimum of 4
character changes from the previous password.
47
be settable
shall have a maximum
11 March 2014
by the Security
lifetime,