Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual page 703

1.3 Security Objectives for both the TOE and the Environment
O. Object and data recovery free from malicious code
Recover to a viable state after malicious code is introduced and damage occurs.
That state must be free from the original malicious code.
O. Procedures for preventing malicious code
Incorporate malicious code prevention procedures and mechanisms.
O. Protect stored audit records
Protect audit records against unauthorized access, modification, or deletion to
ensure accountability of user actions.
O. Protect user and TSF data during internal transfer
Ensure the integrity of user and TSF data transferred internally within the system.
O. Require inspection for downloads
Require inspection of downloads/transfers.
O. Respond to possible loss of stored audit records
Respond to possible loss of audit records when audit trail storage is full or nearly
full by restricting auditable events.
O. Restrict actions before authentication
Restrict the actions a user may perform before the TOE authenticates the identity of
the user.
O. Security-relevant configuration management
Manage and update system security policy data and enforcement functions, and
other security-relevant configuration data, to ensure they are consistent with
organizational security policies.
O. Time stamps
Provide time stamps to ensure that the sequencing of events can be verified.
O. User authorization management
Manage and update user authorization and privilege data to ensure they are
consistent with organizational security and personnel policies.
Appendix D Common Criteria Environment: Security Objectives 703