Security Management (Fmt) - Cisco Catalyst 4503-E Manual

Cisco Cat4K NDPP ST
EDCS-1228241
5.2.4.2 FIA_UIA_EXT.1: User identification and authentication
FIA_UIA_EXT.1.1
FIA_UIA_EXT.1.2
5.2.4.3 FIA_UAU_EXT.5: Password-based authentication mechanism
FIA_UAU_EXT.5.1 The TSF shall provide a local password-based authentication
FIA_UAU_EXT.5.2 The TSF shall ensure that users with expired passwords are
5.2.4.4 FIA_UAU.6: Re-authenticating
FIA_UAU.6.1 The TSF shall re-authenticate the user under the conditions: when
the user changes their password, [following TSF-initiated locking
(FTA_SSL)].
5.2.4.5 FIA_UAU.7: Protected authentication feedback
FIA_UAU.7.1 The TSF shall provide only obscured feedback to the user while the
authentication is in progress at the local console.

5.2.5 Security management (FMT)

5.2.5.1 FMT_MTD.1: Management of TSF data (for general TSF data)
FMT_MTD.1.1 The TSF shall restrict the ability to manage the TSF data to the
5.2.5.2 FMT_SMF.1: Specification of Management Functions
FMT_SMF.1.1 The TSF shall be capable of performing the following management
functions:
The TSF shall allow [no services] on behalf of the user to be
performed before the user is identified and authenticated.
The TSF shall require each user to be successfully identified
and authenticated before allowing any other TSF-mediated
actions on behalf of that user.
mechanism, [[remote password-based authentication via
RADIUS or TACACS+]] to perform user authentication.
[locked out until their password is reset by an
administrator].
Security Administrators.
 Ability to configure the list of TOE services available before
an entity is identified and authenticated, as specified in
FIA_UIA_EXT.1, respectively.
 Ability to configure the cryptographic functionality.
48
11 March 2014