Cisco Preparative Procedures & Operational User Guide
© 2016 Cisco Systems, Inc. All rights reserved.
2.2 Environmental Assumptions
The assumptions state the specific conditions that are expected to be met by the operational environment
and administrators.
Table 2: Operational Environment Security Measures
Environment Security
Objective
Operational Environment
Security Objective Definition
Administrator Responsibility
Physical security, commensurate with the
value of the TOE and the data it contains,
is provided by the environment.
Administrators must ensure the system is
installed and maintained within a secure
physical location. This can include a
secured building with key card access or
within the physical control of an
authorized administrator in a mobile
environment.
There are no general-purpose computing
capabilities (e.g., compilers or user
applications) available on the TOE, other
than those services necessary for the
operation, administration and support of
the TOE.
Administrators must not add any general-
purpose computing capabilities (e.g.,
compilers or user applications) to the
system.
TOE Administrators are trusted to follow
and apply all guidance documentation in
a trusted manner.
Administrators must be properly trained
in the usage and proper operation of the
system and all the enabled functionality.
These administrators must follow the
provided guidance.
The TOE firmware and software is
updated by an administrator on a regular
basis in response to the release of product
updates due to known vulnerabilities.
Administrators must regularly update the
system to address any known
vulnerabilities.
OE.ADMIN_CREDENTIALS_
SECURE
The administrator’s credentials (private
key) used to access the TOE must be
protected on any other platform on which
they reside.
Administrators must protect their access
credentials where ever they may be.
To Next Page
Loading...
Need help?
General