![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
Permuted Title Index
| Left Half | Right Half | Number |
|---|---|---|
| Level of Detail | about Hardware and Firmware | PD-0002 |
| Acceptability of IKE Authentication as "Single Use" In Firewall PPs | PD-0105 | |
| Is an Access Control Decision made at the beginning of a session | acceptable ? | PD-0025 |
| Is Intermingling Multiple PPs in One Document | Acceptable ? | PD-0034 |
| Acceptable Demonstrable Assurance for the IDS System PP v1.7 (BR) | PD-0151 | |
| Can | Access Control Attributes Determine Users In A Role? | PD-0012 |
| Is an | Access Control Decision made at the beginning of a session acceptable? | PD-0025 |
| Meaning of " | access control and/or information flow control SFPs" in FPT_SEP | PD-0065 |
| For the Controlled | Access Protection Profile (CAPP), must all events be pre-selectable? Post-selectable? | PD-0067 |
| Custom | Access Control Language for FDP_IFC and FDP_IFF | PD-0096 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) | Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Corrections to formatting and typographic errors in the WLAN | Access System PPs | PD-0144 |
| Medium Robustness Traffic Filtering PP: Administrator | accounts | PD-0134 |
| Meeting FDP_ | ACF .1 in the DBMS PP | PD-0143 |
| Meeting FDP_ | ACF .1 claimed in the GPOSPP | PD-0156 |
| Does ISO 9001 Certification imply that | ACM _CAP.2 has been met? | PD-0092 |
| Handling Audit Section Text: | Actions vs. Information To Be Recorded | PD-0031 |
| Auditing "Subject Identity" for | Actions Not Taken by TSP Subjects | PD-0064 |
| Actions /Information Required of the Developer and Evaluator When Performing ADV_RCR Work | PD-0110 | |
| Information Flow Policies with No | Active Decision | PD-0098 |
| STs | Adding Requirements to Protection Profiles | PD-0087 |
| Effect of | Addition of Environmental Assumptions on PP Compliance | PD-0055 |
| Switching | Additional Devices in a Peripheral Sharing Switch | PD-0166 |
| Remote | Administration and Cryptographic Functionality in the TFWPP | PD-0146 |
| Administrator -entered Code Used To Meet SFRs | PD-0126 | |
| Medium Robustness Traffic Filtering PP: | Administrator accounts | PD-0134 |
| Meeting the | ADO _DEL.3 Requirement | PD-0114 |
| How Should Libraries Be Handled Relative to the | ADV _FSP.1 work units of the CEM? | PD-0050 |
| Are All Aspects of the TSFI Documented in | ADV _FSP.2? | PD-0077 |
| Actions/Information Required of the Developer and Evaluator When Performing | ADV _RCR Work | PD-0110 |
| Format of the | ADV _IMP Implementation Representation | PD-0121 |
| Specifying the "number of times" in FIA_ | AFL .1.1 | PD-0068 |
| Situations Where | AGD _USR May Be Vacuously Satisfied | PD-0106 |
| Clarification of | Alert requirement in Basic Robustness Anti-Virus PP | PD-0130 |
| Typographical error in the | ALFWPP -MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) | PD-0026 |
| Third Party Authentication is permitted by the | ALFWPP -MR | PD-0115 |
| For the Controlled Access Protection Profile (CAPP), must | all events be pre-selectable? Post-selectable? | PD-0067 |
| Are | All Aspects of the TSFI Documented in ADV_FSP.2? | PD-0077 |
| Testing | All Claimed Platforms | PD-0104 |
| Allocation of Requirements in a PP to the Environment | PD-0019 | |
| Site Visit - | Alternative Evaluation Methodology | PD-0094 |
| WLAN PP Places FIPS 140-2 section level Requirements on Crypto Module that are not | always attainable | PD-0164 |
| Dependency Correctness for | AMA _CAT.1 | PD-0032 |
| Ambiguities Resulting From Choosing More Than One Selection In An Assignment | PD-0037 | |
| TSF Representations Split | Among Documents | PD-0013 |
| Claiming compliance to FPT_ | AMT .1 | PD-0069 |
| Developer Vulnerability | Analysis | PD-0088 |
| Compliance with IDS | Analyzer PP Export Requirements | PD-0127 |
| Clarification of Alert requirement in Basic Robustness | Anti -Virus PP | PD-0130 |
| SOF Claims for PPs without | any Permutational or Probabilistic Mechanisms | PD-0048 |
| NIAP Requirements for PP Registration Information for | APE _INT.1 | PD-0015 |
| Evidence for | APE Assurance Requirements | PD-0016 |
| Parsing of | APE _OBJ.1.3C | PD-0017 |
| What evidence is required by | APE _REQ.1.4C? | PD-0044 |
| Applicability of FIA_UAU.7 Application Note in CAPP v1.d | PD-0119 | |
| CCEVS Policy #15 | Applicability to Flash Drives | PD-0147 |
| Usage of the Term "Loopback Network" in the | Application Level Firewall PP | PD-0018 |
| Redundancy between Overview Material and | Application Notes in a PP | PD-0028 |
| Can | application notes contain requirements? | PD-0039 |
| Applicability of FIA_UAU.7 | Application Note in CAPP v1.d | PD-0119 |
| Satisfaction of Requirements by | Applications Running on Untrusted Products | PD-0004 |
| Clarify CCEVS Policy for | Applying NIAP Interpretations | PD-0103 |
| What is an | appropriate TOE Reference? | PD-0054 |
| What SOF Claim is | appropriate when there are no probabilistic or permutational mechanisms | PD-0086 |
| Are All Aspects of the TSFI Documented in ADV_FSP.2? | PD-0077 | |
| What SOF Claim is appropriate when there | are no probabilistic or permutational mechanisms | PD-0086 |
| CIMC PP Compliance for Iterated Requirements that | are Satisfied by the IT Environment | PD-0102 |
| WLAN PP Places FIPS 140-2 section level Requirements on Crypto Module that | are not always attainable | PD-0164 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local | Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local | Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Can User Identity Be Listed | As An Attribute for FIA_ATD.1? | PD-0042 |
| Acceptability of IKE Authentication | as "Single Use" In Firewall PPs | PD-0105 |
| Defining Protocols | as Internal or External Interfaces | PD-0123 |
| Are All | Aspects of the TSFI Documented in ADV_FSP.2? | PD-0077 |
| Ambiguities Resulting From Choosing More Than One Selection In An | Assignment | PD-0037 |
| Empty | Assignment Operation | PD-0072 |
| Effect of Addition of Environmental | Assumptions on PP Compliance | PD-0055 |
| Assumptions in the IDS PP v1.4 | PD-0118 | |
| Choice of functional components not limited by choice of | assurance components | PD-0007 |
| Evidence for APE | Assurance Requirements | PD-0016 |
| Level of Detail Necessary for | Assurance Requirements on Third Party Products | PD-0101 |
| Acceptable Demonstrable | Assurance for the IDS System PP v1.7 (BR) | PD-0151 |
| Can User Identity Be Listed As An Attribute for FIA_ | ATD .1? | PD-0042 |
| Necessity For A Test Plan to Specifically Satisfy The Requirements for | ATE _FUN.1.2C | PD-0014 |
| Exhaustiveness of | ATE _IND Testing | PD-0056 |
| WLAN PP Places FIPS 140-2 section level Requirements on Crypto Module that are not always | attainable | PD-0164 |
| Exempting sensitive | attribute data items from capture in the audit log | PD-0009 |
| Attribute Inheritance/Modification Rules Need To Be Included In Policy | PD-0011 | |
| Can User Identity Be Listed As An | Attribute for FIA_ATD.1? | PD-0042 |
| Can Access Control | Attributes Determine Users In A Role? | PD-0012 |
| Initialization of Default Values of Security | Attributes | PD-0030 |
| Exempting sensitive attribute data items from capture in the | audit log | PD-0009 |
| Site-Configurable Prevention Of | Audit Loss | PD-0010 |
| Conformance with a PP with respect to Level of | Audit | PD-0024 |
| Handling | Audit Section Text: Actions vs. Information To Be Recorded | PD-0031 |
| Can the lists of | Audit Events and Audit Information be Combined into a single Table? | PD-0035 |
| Can the lists of Audit Events and | Audit Information be Combined into a single Table? | PD-0035 |
| Is It Necessary To Repeat The List Of | Audit Information in FAU_GEN.1 | PD-0057 |
| IDSSPP v1.4: Compliance with the Selective | Audit Requirement | PD-0116 |
| Audit Pre-Selection in the CIMC PP | PD-0125 | |
| Deletion of the oldest | audit events when audit storage space is exhausted | PD-0129 |
| Deletion of the oldest audit events when | audit storage space is exhausted | PD-0129 |
| Create Object | Audit Event and CAPP Compliance | PD-0131 |
| In FAU_SEL.1, What Is Meant By "the set of | audited events"? | PD-0066 |
| Auditing "Subject Identity" for Actions Not Taken by TSP Subjects | PD-0064 | |
| Acceptability of IKE | Authentication as "Single Use" In Firewall PPs | PD-0105 |
| Third Party | Authentication is permitted by the ALFWPP-MR | PD-0115 |
| Automatic Update Mechanisms | PD-0153 | |
| Warning | Banner Must Be Human Readable Text | PD-0040 |
| Clarification of Alert requirement in | Basic Robustness Anti-Virus PP | PD-0130 |
| on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for | Basic Robustness Environments Protection Profile [Clarification | PD-0140 |
| consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for | Basic Robustness Environments [on conformance to | PD-0141 |
| FCS_ | BCM _(EXT).1: The explicitly stated requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS Publication 1 | PD-0163 |
| Does ISO 9001 Certification imply that ACM_CAP.2 has | been met? | PD-0092 |
| Is an Access Control Decision made at the | beginning of a session acceptable? | PD-0025 |
| Redundancy | between Overview Material and Application Notes in a PP | PD-0028 |
| Distinction | between Internal and External Networks in a Firewall PP | PD-0036 |
| Can There Be A Single | Blanket Description Of Error Messages in an FSP? | PD-0052 |
| Description of Logical and Physical | Boundaries | PD-0122 |
| Acceptable Demonstrable Assurance for the IDS System PP v1.7 ( | BR ) | PD-0151 |
| Does ISO 9001 Certification imply that ACM_ | CAP .2 has been met? | PD-0092 |
| For the Controlled Access Protection Profile ( | CAPP ), must all events be pre-selectable? Post-selectable? | PD-0067 |
| Applicability of FIA_UAU.7 Application Note in | CAPP v1.d | PD-0119 |
| Create Object Audit Event and | CAPP Compliance | PD-0131 |
| Exempting sensitive attribute data items from | capture in the audit log | PD-0009 |
| Dependency Correctness for AMA_ | CAT .1 | PD-0032 |
| Can a product claim conformance to an earlier version of the | CC ? | PD-0070 |
| CC V3 PP Conformance Type Consistency | PD-0137 | |
| CC V3 Conformance Type for Existing CC V2 PPs | PD-0139 | |
| CC V3 Conformance Type for Existing | CC V2 PPs | PD-0139 |
| CC inconsistencies/issues with the 2600 PP | PD-0155 | |
| Clarify | CCEVS Policy for Applying NIAP Interpretations | PD-0103 |
| CCEVS Policy #15 Applicability to Flash Drives | PD-0147 | |
| Using | CCv 2.x PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM | PD-0136 |
| Using CCv2.x PPs with | CCv 3.1 STs: Handling of FPT_SEP and FPT_RVM | PD-0136 |
| When should monitoring of the public domain for new 'obvious vulnerabilities' | cease ? | PD-0008 |
| How Should Libraries Be Handled Relative to the ADV_FSP.1 work units of the | CEM ? | PD-0050 |
| Does ISO 9001 | Certification imply that ACM_CAP.2 has been met? | PD-0092 |
| Time | Changes | PD-0154 |
| FTP_ITC.1.3 Specifies The Functions For Which A Trusted | Channel Is Provided | PD-0108 |
| Choice of functional components not limited by choice of assurance components | PD-0007 | |
| Choice of functional components not limited by | choice of assurance components | PD-0007 |
| Ambiguities Resulting From | Choosing More Than One Selection In An Assignment | PD-0037 |
| CIMC PP Compliance for Iterated Requirements that are Satisfied by the IT Environment | PD-0102 | |
| Audit Pre-Selection in the | CIMC PP | PD-0125 |
| Can a product | claim conformance to an earlier version of the CC? | PD-0070 |
| What SOF | Claim is appropriate when there are no probabilistic or permutational mechanisms | PD-0086 |
| Can a non-hardware TOE | claim conformance with FPT_SEP.1? | PD-0112 |
| Testing All | Claimed Platforms | PD-0104 |
| Meeting FDP_ACF.1 | claimed in the GPOSPP | PD-0156 |
| Meeting FAU_SAR.3 | claimed in the TFFW PP | PD-0159 |
| FCS_BCM_(EXT).1: The explicitly stated requirement | claimed in the Traffic Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Claiming compliance to FPT_AMT.1 | PD-0069 | |
| Evaluation of TOE | claiming compatibility with multiple IT environments | PD-0084 |
| SOF | Claims for PPs without any Permutational or Probabilistic Mechanisms | PD-0048 |
| Clarification of Alert requirement in Basic Robustness Anti-Virus PP | PD-0130 | |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client | PD-0140 | |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access | PD-0141 | |
| Clarification of FMT_MOF.1(3) for TFWPP and VPNPPs | PD-0149 | |
| Clarify CCEVS Policy for Applying NIAP Interpretations | PD-0103 | |
| Clarify the Definitive Source of International Interps | PD-0111 | |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) | Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Administrator-entered | Code Used To Meet SFRs | PD-0126 |
| Depth of Test | Code Review: Examination of Source Code or Scripts | PD-0161 |
| Depth of Test Code Review: Examination of Source | Code or Scripts | PD-0161 |
| Can the lists of Audit Events and Audit Information be | Combined into a single Table? | PD-0035 |
| Evaluation of TOE claiming | compatibility with multiple IT environments | PD-0084 |
| Programming Language Interfaces / | Compilers in the TOE | PD-0157 |
| Reflecting | Compliance With Multiple PPs | PD-0047 |
| Effect of Addition of Environmental Assumptions on PP | Compliance | PD-0055 |
| Claiming | compliance to FPT_AMT.1 | PD-0069 |
| PP | compliance with portion of TOE SFR in Environment | PD-0082 |
| Compliance with IDS System PP Export Requirements | PD-0097 | |
| CIMC PP | Compliance for Iterated Requirements that are Satisfied by the IT Environment | PD-0102 |
| IDSSPP v1.4: | Compliance with the Selective Audit Requirement | PD-0116 |
| Compliance with IDS Analyzer PP Export Requirements | PD-0127 | |
| Create Object Audit Event and CAPP | Compliance | PD-0131 |
| Choice of functional | components not limited by choice of assurance components | PD-0007 |
| Choice of functional components not limited by choice of assurance | components | PD-0007 |
| Does One Reference or Transcribe Requirements When Including | Components in a PP/ST? | PD-0060 |
| Questions | Concerning the Peripheral Sharing Switch PP | PD-0093 |
| Partial Conformance to a PP/ | Conditional Requirements in a PP | PD-0073 |
| Site- | Configurable Prevention Of Audit Loss | PD-0010 |
| Draft Documents and | Configuration Control | PD-0003 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic Filter Firewall PP | conflicts with FIPS Publication 140-2 | PD-0163 |
| Conformance with a PP with respect to Level of Audit | PD-0024 | |
| Can a product claim | conformance to an earlier version of the CC? | PD-0070 |
| Partial | Conformance to a PP/Conditional Requirements in a PP | PD-0073 |
| Can a non-hardware TOE claim | conformance with FPT_SEP.1? | PD-0112 |
| PP | conformance Using an Underlying Evaluated Product | PD-0117 |
| CC V3 PP | Conformance Type Consistency | PD-0137 |
| CC V3 | Conformance Type for Existing CC V2 PPs | PD-0139 |
| Clarification on | conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic | PD-0140 |
| Clarification on | conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection | PD-0141 |
| CC V3 PP Conformance Type | Consistency | PD-0137 |
| Clarification on conformance to | consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness | PD-0140 |
| Clarification on conformance to | consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for | PD-0141 |
| Can application notes | contain requirements? | PD-0039 |
| "Overwriting" in the | Context of Non-Disk Memory (Medium Robustness Profiles) | PD-0135 |
| Draft Documents and Configuration | Control | PD-0003 |
| Can Access | Control Attributes Determine Users In A Role? | PD-0012 |
| Is an Access | Control Decision made at the beginning of a session acceptable? | PD-0025 |
| Meaning of "access | control and/or information flow control SFPs" in FPT_SEP | PD-0065 |
| Meaning of "access control and/or information flow | control SFPs" in FPT_SEP | PD-0065 |
| Custom Access | Control Language for FDP_IFC and FDP_IFF | PD-0096 |
| For the | Controlled Access Protection Profile (CAPP), must all events be pre-selectable? Post-selectable? | PD-0067 |
| Corrections to formatting and typographic errors in the WLAN Access System PPs | PD-0144 | |
| Corrections to the General Purpose OS PP (GPOSPP), Version 1.0 | PD-0167 | |
| Dependency | Correctness for AMA_CAT.1 | PD-0032 |
| Create Object Audit Event and CAPP Compliance | PD-0131 | |
| WLAN PP Places FIPS 140-2 section level Requirements on | Crypto Module that are not always attainable | PD-0164 |
| Enabling/Disabling of Verification of | Cryptographic Key Testing in WLAN PP | PD-0145 |
| Remote Administration and | Cryptographic Functionality in the TFWPP | PD-0146 |
| Custom Access Control Language for FDP_IFC and FDP_IFF | PD-0096 | |
| Applicability of FIA_UAU.7 Application Note in CAPP v1. | d | PD-0119 |
| Exempting sensitive attribute | data items from capture in the audit log | PD-0009 |
| Meeting FTA_TAH_EXP.1 in the | DBMS PP | PD-0142 |
| Meeting FDP_ACF.1 in the | DBMS PP | PD-0143 |
| Dealing with Errors in a PP | PD-0074 | |
| Is an Access Control | Decision made at the beginning of a session acceptable? | PD-0025 |
| Information Flow Policies with No Active | Decision | PD-0098 |
| Design | Decomposition for Physical Security | PD-0023 |
| Initialization of | Default Values of Security Attributes | PD-0030 |
| Where should the TOE Security Policy be | defined ? | PD-0027 |
| Defining Protocols as Internal or External Interfaces | PD-0123 | |
| Definition of Security Relevant | PD-0005 | |
| Clarify the | Definitive Source of International Interps | PD-0111 |
| Meeting the ADO_ | DEL .3 Requirement | PD-0114 |
| Deletion of the oldest audit events when audit storage space is exhausted | PD-0129 | |
| Delivery and Installation Guidance for Vendor-Installed Modules | PD-0029 | |
| Acceptable | Demonstrable Assurance for the IDS System PP v1.7 (BR) | PD-0151 |
| Dependencies of Requirements on the IT Environment | PD-0091 | |
| Dependency Correctness for AMA_CAT.1 | PD-0032 | |
| Depth of Protocol or Interface Examination | PD-0124 | |
| Depth of Test Code Review: Examination of Source Code or Scripts | PD-0161 | |
| Identification and | Description of TSF Interfaces | PD-0049 |
| Can There Be A Single Blanket | Description Of Error Messages in an FSP? | PD-0052 |
| Description of Logical and Physical Boundaries | PD-0122 | |
| SFR-enforcing Module SFR-related Interface | Descriptions | PD-0160 |
| Design Decomposition for Physical Security | PD-0023 | |
| Level of | Detail about Hardware and Firmware | PD-0002 |
| Level of | Detail Necessary for Assurance Requirements on Third Party Products | PD-0101 |
| Level of | Detail in SFRs | PD-0133 |
| Can Access Control Attributes | Determine Users In A Role? | PD-0012 |
| Developer Vulnerability Analysis | PD-0088 | |
| Actions/Information Required of the | Developer and Evaluator When Performing ADV_RCR Work | PD-0110 |
| Switching Additional | Devices in a Peripheral Sharing Switch | PD-0166 |
| Multiple Hardware Models with | Different SFRs in One Security Target | PD-0109 |
| Enabling/ | Disabling of Verification of Cryptographic Key Testing in WLAN PP | PD-0145 |
| "Overwriting" in the Context of Non- | Disk Memory (Medium Robustness Profiles) | PD-0135 |
| Distinction between Internal and External Networks in a Firewall PP | PD-0036 | |
| Is Intermingling Multiple PPs in One | Document Acceptable? | PD-0034 |
| Are All Aspects of the TSFI | Documented in ADV_FSP.2? | PD-0077 |
| Draft | Documents and Configuration Control | PD-0003 |
| TSF Representations Split Among | Documents | PD-0013 |
| Does One Reference or Transcribe Requirements When Including Components in a PP/ST? | PD-0060 | |
| What | Does It Mean To Provide A Mechanism To Support A Function? | PD-0076 |
| Does FDP_RIP.2 imply hardware must be in the TOE? | PD-0081 | |
| Does ISO 9001 Certification imply that ACM_CAP.2 has been met? | PD-0092 | |
| When should monitoring of the public | domain for new 'obvious vulnerabilities' cease? | PD-0008 |
| Draft Documents and Configuration Control | PD-0003 | |
| Referencing | Draft External Specifications in a Protection Profile | PD-0033 |
| CCEVS Policy #15 Applicability to Flash | Drives | PD-0147 |
| Use of Unevaluated Hardware | during Testing? | PD-0080 |
| Test Evidence that must be provided at | EAL 2 | PD-0022 |
| EAL 2 Testing Requirements | PD-0058 | |
| How Much Testing Is Required At | EAL 2? | PD-0059 |
| Can a product claim conformance to an | earlier version of the CC? | PD-0070 |
| Effect of Addition of Environmental Assumptions on PP Compliance | PD-0055 | |
| Empty Assignment Operation | PD-0072 | |
| Enabling /Disabling of Verification of Cryptographic Key Testing in WLAN PP | PD-0145 | |
| User in the Loop for Policy | Enforcement | PD-0095 |
| SFR- | enforcing Module SFR-related Interface Descriptions | PD-0160 |
| Administrator- | entered Code Used To Meet SFRs | PD-0126 |
| Can non-TSF | entities be included in the TOE by an ST? | PD-0043 |
| Can Sorting and Searching Tools be Provided in the | Environment | PD-0006 |
| Allocation of Requirements in a PP to the | Environment | PD-0019 |
| PP compliance with portion of TOE SFR in | Environment | PD-0082 |
| Dependencies of Requirements on the IT | Environment | PD-0091 |
| FIA_UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the IT | Environment ? | PD-0099 |
| CIMC PP Compliance for Iterated Requirements that are Satisfied by the IT | Environment | PD-0102 |
| Effect of Addition of | Environmental Assumptions on PP Compliance | PD-0055 |
| Evaluation of TOE claiming compatibility with multiple IT | environments | PD-0084 |
| to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness | Environments Protection Profile [on conformance | PD-0140 |
| noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness | Environments [consistency issues | PD-0141 |
| Typographical | error in the ALFWPP-MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) | PD-0026 |
| Must Only Security Relevant | Error Messages Be Provided In An FSP? | PD-0051 |
| Can There Be A Single Blanket Description Of | Error Messages in an FSP? | PD-0052 |
| Dealing with | Errors in a PP | PD-0074 |
| Corrections to formatting and typographic | errors in the WLAN Access System PPs | PD-0144 |
| Use of an Intelligent Printer (PCL) in an | Evaluated Product | PD-0041 |
| PP conformance Using an Underlying | Evaluated Product | PD-0117 |
| Evaluation of TOE claiming compatibility with multiple IT environments | PD-0084 | |
| Site Visit - Alternative | Evaluation Methodology | PD-0094 |
| When can | evaluation evidence be reused? | PD-0100 |
| Use of Third-party Security Mechanisms in TOE | Evaluations | PD-0113 |
| Actions/Information Required of the Developer and | Evaluator When Performing ADV_RCR Work | PD-0110 |
| Create Object Audit | Event and CAPP Compliance | PD-0131 |
| Can the lists of Audit | Events and Audit Information be Combined into a single Table? | PD-0035 |
| In FAU_SEL.1, What Is Meant By "the set of audited | events "? | PD-0066 |
| For the Controlled Access Protection Profile (CAPP), must all | events be pre-selectable? Post-selectable? | PD-0067 |
| Deletion of the oldest audit | events when audit storage space is exhausted | PD-0129 |
| Evidence for APE Assurance Requirements | PD-0016 | |
| Test | Evidence that must be provided at EAL2 | PD-0022 |
| What | evidence is required by APE_REQ.1.4C? | PD-0044 |
| When can evaluation | evidence be reused? | PD-0100 |
| Depth of Protocol or Interface | Examination | PD-0124 |
| Depth of Test Code Review: | Examination of Source Code or Scripts | PD-0161 |
| Excluded Functionality and Policy 13 | PD-0148 | |
| Exclusion or Inclusion of an Operating System in the TOE? | PD-0046 | |
| Exclusion of functions through guidance | PD-0165 | |
| Exempting sensitive attribute data items from capture in the audit log | PD-0009 | |
| Deletion of the oldest audit events when audit storage space is | exhausted | PD-0129 |
| Exhaustiveness of ATE_IND Testing | PD-0056 | |
| CC V3 Conformance Type for | Existing CC V2 PPs | PD-0139 |
| Meeting FTA_TAH_ | EXP .1 in the DBMS PP | PD-0142 |
| How to Handle | Explicitly Specified Requirements? | PD-0085 |
| FCS_BCM_(EXT).1: The | explicitly stated requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Compliance with IDS System PP | Export Requirements | PD-0097 |
| Compliance with IDS Analyzer PP | Export Requirements | PD-0127 |
| Problems with FPT_TST_ | EXT in GPOSPP 1.0 | PD-0158 |
| FCS_BCM_( | EXT ).1: The explicitly stated requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Referencing Draft | External Specifications in a Protection Profile | PD-0033 |
| Distinction between Internal and | External Networks in a Firewall PP | PD-0036 |
| Defining Protocols as Internal or | External Interfaces | PD-0123 |
| Is It Necessary To Repeat The List Of Audit Information in | FAU _GEN.1 | PD-0057 |
| In | FAU _SEL.1, What Is Meant By "the set of audited events"? | PD-0066 |
| Meeting | FAU _SAR.3 claimed in the TFFW PP | PD-0159 |
| FCS _BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS | PD-0163 | |
| Meaning of Resources in | FDP _RIP.2 | PD-0001 |
| Typographical error in the ALFWPP-MED with respect to | FDP _IFF.1(1) and FDP_IFF.1(2) | PD-0026 |
| Typographical error in the ALFWPP-MED with respect to FDP_IFF.1(1) and | FDP _IFF.1(2) | PD-0026 |
| Does | FDP _RIP.2 imply hardware must be in the TOE? | PD-0081 |
| Custom Access Control Language for | FDP _IFC and FDP_IFF | PD-0096 |
| Custom Access Control Language for FDP_IFC and | FDP _IFF | PD-0096 |
| Meeting | FDP _ACF.1 in the DBMS PP | PD-0143 |
| Meeting | FDP _ACF.1 claimed in the GPOSPP | PD-0156 |
| Can User Identity Be Listed As An Attribute for | FIA _ATD.1? | PD-0042 |
| Specifying the "number of times" in | FIA _AFL.1.1 | PD-0068 |
| FIA _UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the IT Environment? | PD-0099 | |
| FIA_UID.2, | FIA _UAU.2, and FPT_STM.1 Requirements: On the IT Environment? | PD-0099 |
| Applicability of | FIA _UAU.7 Application Note in CAPP v1.d | PD-0119 |
| FTA_SSL.1 and 2 SFRs in the Firewall, Traffic | Filter Firewall, VPN, and IDS MR PPs | PD-0150 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic | Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Medium Robustness Traffic | Filtering PP: Administrator accounts | PD-0134 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic Filter Firewall PP conflicts with | FIPS Publication 140-2 | PD-0163 |
| WLAN PP Places | FIPS 140-2 section level Requirements on Crypto Module that are not always attainable | PD-0164 |
| Usage of the Term "Loopback Network" in the Application Level | Firewall PP | PD-0018 |
| Distinction between Internal and External Networks in a | Firewall PP | PD-0036 |
| Acceptability of IKE Authentication as "Single Use" In | Firewall PPs | PD-0105 |
| FTA_SSL.1 and 2 SFRs in the | Firewall , Traffic Filter Firewall, VPN, and IDS MR PPs | PD-0150 |
| FTA_SSL.1 and 2 SFRs in the Firewall, Traffic Filter | Firewall , VPN, and IDS MR PPs | PD-0150 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic Filter | Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Level of Detail about Hardware and | Firmware | PD-0002 |
| CCEVS Policy #15 Applicability to | Flash Drives | PD-0147 |
| Meaning of "access control and/or information | flow control SFPs" in FPT_SEP | PD-0065 |
| Information | Flow Policies with No Active Decision | PD-0098 |
| Clarification of | FMT _MOF.1(3) for TFWPP and VPNPPs | PD-0149 |
| Format of the ADV_IMP Implementation Representation | PD-0121 | |
| Corrections to | formatting and typographic errors in the WLAN Access System PPs | PD-0144 |
| Meaning of "access control and/or information flow control SFPs" in | FPT _SEP | PD-0065 |
| Claiming compliance to | FPT _AMT.1 | PD-0069 |
| FIA_UID.2, FIA_UAU.2, and | FPT _STM.1 Requirements: On the IT Environment? | PD-0099 |
| IDSSPP v1.4: | FPT _STM.1 Must Be Met by the TOE | PD-0107 |
| Can a non-hardware TOE claim conformance with | FPT _SEP.1? | PD-0112 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of | FPT _SEP and FPT_RVM | PD-0136 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of FPT_SEP and | FPT _RVM | PD-0136 |
| Internal Inconsistency within the IDS System PP regarding | FPT _STM | PD-0152 |
| Problems with | FPT _TST_EXT in GPOSPP 1.0 | PD-0158 |
| How Should Libraries Be Handled Relative to the ADV_ | FSP .1 work units of the CEM? | PD-0050 |
| Must Only Security Relevant Error Messages Be Provided In An | FSP ? | PD-0051 |
| Can There Be A Single Blanket Description Of Error Messages in an | FSP ? | PD-0052 |
| Are All Aspects of the TSFI Documented in ADV_ | FSP .2? | PD-0077 |
| Meeting | FTA _TAH_EXP.1 in the DBMS PP | PD-0142 |
| FTA _SSL.1 and 2 SFRs in the Firewall, Traffic Filter Firewall, VPN, and IDS MR PPs | PD-0150 | |
| FTP _ITC.1.3 Specifies The Functions For Which A Trusted Channel Is Provided | PD-0108 | |
| Necessity For A Test Plan to Specifically Satisfy The Requirements for ATE_ | FUN .1.2C | PD-0014 |
| What Does It Mean To Provide A Mechanism To Support A | Function ? | PD-0076 |
| Choice of | functional components not limited by choice of assurance components | PD-0007 |
| Identification of Operations on Security | Functional Requirements | PD-0071 |
| Remote Administration and Cryptographic | Functionality in the TFWPP | PD-0146 |
| Excluded | Functionality and Policy 13 | PD-0148 |
| Management of | Functions with No Specific Requirements | PD-0020 |
| FTP_ITC.1.3 Specifies The | Functions For Which A Trusted Channel Is Provided | PD-0108 |
| Exclusion of | functions through guidance | PD-0165 |
| Is It Necessary To Repeat The List Of Audit Information in FAU_ | GEN .1 | PD-0057 |
| Corrections to the | General Purpose OS PP (GPOSPP), Version 1.0 | PD-0167 |
| Clarification on conformance to consistency issues noted in the U.S. | Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. | Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Meeting FDP_ACF.1 claimed in the | GPOSPP | PD-0156 |
| Problems with FPT_TST_EXT in | GPOSPP 1.0 | PD-0158 |
| Corrections to the General Purpose OS PP ( | GPOSPP ), Version 1.0 | PD-0167 |
| Delivery and Installation | Guidance for Vendor-Installed Modules | PD-0029 |
| Exclusion of functions through | guidance | PD-0165 |
| How to | Handle Explicitly Specified Requirements? | PD-0085 |
| How Should Libraries Be | Handled Relative to the ADV_FSP.1 work units of the CEM? | PD-0050 |
| Handling Audit Section Text: Actions vs. Information To Be Recorded | PD-0031 | |
| Handling of Interpretations | PD-0079 | |
| Using CCv2.x PPs with CCv3.1 STs: | Handling of FPT_SEP and FPT_RVM | PD-0136 |
| Level of Detail about | Hardware and Firmware | PD-0002 |
| Use of Unevaluated | Hardware during Testing? | PD-0080 |
| Does FDP_RIP.2 imply | hardware must be in the TOE? | PD-0081 |
| Multiple | Hardware Models with Different SFRs in One Security Target | PD-0109 |
| Can a non- | hardware TOE claim conformance with FPT_SEP.1? | PD-0112 |
| Does ISO 9001 Certification imply that ACM_CAP.2 | has been met? | PD-0092 |
| Identification of Interfaces in | HLD | PD-0075 |
| How Should Libraries Be Handled Relative to the ADV_FSP.1 work units of the CEM? | PD-0050 | |
| How Much Testing Is Required At EAL2? | PD-0059 | |
| How to Handle Explicitly Specified Requirements? | PD-0085 | |
| Warning Banner Must Be | Human Readable Text | PD-0040 |
| Missing Methodology for NIAP | I -0385 (Identification Of Standards) | PD-0021 |
| Missing Methodology for NIAP I-0385 ( | Identification Of Standards) | PD-0021 |
| Identification and Description of TSF Interfaces | PD-0049 | |
| Identification of Operations on Security Functional Requirements | PD-0071 | |
| Identification of Interfaces in HLD | PD-0075 | |
| Identification of Standards | PD-0083 | |
| Can User | Identity Be Listed As An Attribute for FIA_ATD.1? | PD-0042 |
| Auditing "Subject | Identity " for Actions Not Taken by TSP Subjects | PD-0064 |
| Compliance with | IDS System PP Export Requirements | PD-0097 |
| Assumptions in the | IDS PP v1.4 | PD-0118 |
| Compliance with | IDS Analyzer PP Export Requirements | PD-0127 |
| FTA_SSL.1 and 2 SFRs in the Firewall, Traffic Filter Firewall, VPN, and | IDS MR PPs | PD-0150 |
| Acceptable Demonstrable Assurance for the | IDS System PP v1.7 (BR) | PD-0151 |
| Internal Inconsistency within the | IDS System PP regarding FPT_STM | PD-0152 |
| IDSSPP v1.4: FPT_STM.1 Must Be Met by the TOE | PD-0107 | |
| IDSSPP v1.4: Compliance with the Selective Audit Requirement | PD-0116 | |
| Custom Access Control Language for FDP_ | IFC and FDP_IFF | PD-0096 |
| Typographical error in the ALFWPP-MED with respect to FDP_ | IFF .1(1) and FDP_IFF.1(2) | PD-0026 |
| Typographical error in the ALFWPP-MED with respect to FDP_IFF.1(1) and FDP_ | IFF .1(2) | PD-0026 |
| Custom Access Control Language for FDP_IFC and FDP_ | IFF | PD-0096 |
| Acceptability of | IKE Authentication as "Single Use" In Firewall PPs | PD-0105 |
| Format of the ADV_ | IMP Implementation Representation | PD-0121 |
| Format of the ADV_IMP | Implementation Representation | PD-0121 |
| Does FDP_RIP.2 | imply hardware must be in the TOE? | PD-0081 |
| Does ISO 9001 Certification | imply that ACM_CAP.2 has been met? | PD-0092 |
| Attribute Inheritance/Modification Rules Need To Be | Included In Policy | PD-0011 |
| Can non-TSF entities be | included in the TOE by an ST? | PD-0043 |
| Does One Reference or Transcribe Requirements When | Including Components in a PP/ST? | PD-0060 |
| Exclusion or | Inclusion of an Operating System in the TOE? | PD-0046 |
| CC | inconsistencies /issues with the 2600 PP | PD-0155 |
| Internal | Inconsistency within the IDS System PP regarding FPT_STM | PD-0152 |
| Incorporation of interpretations into a PP | PD-0078 | |
| Exhaustiveness of ATE_ | IND Testing | PD-0056 |
| NIAP Requirements for PP Registration | Information for APE_INT.1 | PD-0015 |
| Handling Audit Section Text: Actions vs. | Information To Be Recorded | PD-0031 |
| Can the lists of Audit Events and Audit | Information be Combined into a single Table? | PD-0035 |
| Is It Necessary To Repeat The List Of Audit | Information in FAU_GEN.1 | PD-0057 |
| What | Information Must Be Provided in the TSS Rationale? | PD-0063 |
| Meaning of "access control and/or | information flow control SFPs" in FPT_SEP | PD-0065 |
| Information Flow Policies with No Active Decision | PD-0098 | |
| Actions/ | Information Required of the Developer and Evaluator When Performing ADV_RCR Work | PD-0110 |
| Information in Test Results for Manual Tests | PD-0128 | |
| What Protocol-related | Information Must Be In An ST | PD-0162 |
| Attribute | Inheritance /Modification Rules Need To Be Included In Policy | PD-0011 |
| Initialization of Default Values of Security Attributes | PD-0030 | |
| Delivery and | Installation Guidance for Vendor-Installed Modules | PD-0029 |
| Delivery and Installation Guidance for Vendor- | Installed Modules | PD-0029 |
| NIAP Requirements for PP Registration Information for APE_ | INT .1 | PD-0015 |
| Use of an | Intelligent Printer (PCL) in an Evaluated Product | PD-0041 |
| Depth of Protocol or | Interface Examination | PD-0124 |
| SFR-enforcing Module SFR-related | Interface Descriptions | PD-0160 |
| Identification and Description of TSF | Interfaces | PD-0049 |
| Identification of | Interfaces in HLD | PD-0075 |
| Defining Protocols as Internal or External | Interfaces | PD-0123 |
| Programming Language | Interfaces / Compilers in the TOE | PD-0157 |
| Is | Intermingling Multiple PPs in One Document Acceptable? | PD-0034 |
| Distinction between | Internal and External Networks in a Firewall PP | PD-0036 |
| Defining Protocols as | Internal or External Interfaces | PD-0123 |
| Internal Inconsistency within the IDS System PP regarding FPT_STM | PD-0152 | |
| Clarify the Definitive Source of | International Interps | PD-0111 |
| Incorporation of | interpretations into a PP | PD-0078 |
| Handling of | Interpretations | PD-0079 |
| Clarify CCEVS Policy for Applying NIAP | Interpretations | PD-0103 |
| Clarify the Definitive Source of International | Interps | PD-0111 |
| Can the lists of Audit Events and Audit Information be Combined | into a single Table? | PD-0035 |
| Incorporation of interpretations | into a PP | PD-0078 |
| Does | ISO 9001 Certification imply that ACM_CAP.2 has been met? | PD-0092 |
| Issues Related to Software Only TOEs | PD-0053 | |
| Clarification on conformance to consistency | issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection | PD-0140 |
| Clarification on conformance to consistency | issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic | PD-0141 |
| CC inconsistencies/ | issues with the 2600 PP | PD-0155 |
| Is | It Necessary To Repeat The List Of Audit Information in FAU_GEN.1 | PD-0057 |
| What Does | It Mean To Provide A Mechanism To Support A Function? | PD-0076 |
| Evaluation of TOE claiming compatibility with multiple | IT environments | PD-0084 |
| Dependencies of Requirements on the | IT Environment | PD-0091 |
| FIA_UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the | IT Environment? | PD-0099 |
| CIMC PP Compliance for Iterated Requirements that are Satisfied by the | IT Environment | PD-0102 |
| FTP_ | ITC .1.3 Specifies The Functions For Which A Trusted Channel Is Provided | PD-0108 |
| Exempting sensitive attribute data | items from capture in the audit log | PD-0009 |
| CIMC PP Compliance for | Iterated Requirements that are Satisfied by the IT Environment | PD-0102 |
| Enabling/Disabling of Verification of Cryptographic | Key Testing in WLAN PP | PD-0145 |
| TOE | Labels | PD-0090 |
| Custom Access Control | Language for FDP_IFC and FDP_IFF | PD-0096 |
| Programming | Language Interfaces / Compilers in the TOE | PD-0157 |
| Level of Detail about Hardware and Firmware | PD-0002 | |
| Usage of the Term "Loopback Network" in the Application | Level Firewall PP | PD-0018 |
| Conformance with a PP with respect to | Level of Audit | PD-0024 |
| Level of Detail Necessary for Assurance Requirements on Third Party Products | PD-0101 | |
| Level of Detail in SFRs | PD-0133 | |
| WLAN PP Places FIPS 140-2 section | level Requirements on Crypto Module that are not always attainable | PD-0164 |
| How Should | Libraries Be Handled Relative to the ADV_FSP.1 work units of the CEM? | PD-0050 |
| Terminating Sessions in | lieu of Locking Sessions | PD-0132 |
| Choice of functional components not | limited by choice of assurance components | PD-0007 |
| Is It Necessary To Repeat The | List Of Audit Information in FAU_GEN.1 | PD-0057 |
| Can User Identity Be | Listed As An Attribute for FIA_ATD.1? | PD-0042 |
| Can the | lists of Audit Events and Audit Information be Combined into a single Table? | PD-0035 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless | Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless | Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Terminating Sessions in lieu of | Locking Sessions | PD-0132 |
| Exempting sensitive attribute data items from capture in the audit | log | PD-0009 |
| Description of | Logical and Physical Boundaries | PD-0122 |
| User in the | Loop for Policy Enforcement | PD-0095 |
| Usage of the Term " | Loopback Network" in the Application Level Firewall PP | PD-0018 |
| Site-Configurable Prevention Of Audit | Loss | PD-0010 |
| Management of Functions with No Specific Requirements | PD-0020 | |
| Information in Test Results for | Manual Tests | PD-0128 |
| Redundancy between Overview | Material and Application Notes in a PP | PD-0028 |
| Situations Where AGD_USR | May Be Vacuously Satisfied | PD-0106 |
| What Does It | Mean To Provide A Mechanism To Support A Function? | PD-0076 |
| Meaning of Resources in FDP_RIP.2 | PD-0001 | |
| Meaning of "access control and/or information flow control SFPs" in FPT_SEP | PD-0065 | |
| In FAU_SEL.1, What Is | Meant By "the set of audited events"? | PD-0066 |
| What Does It Mean To Provide A | Mechanism To Support A Function? | PD-0076 |
| Specifying | Mechanism in PP Objectives | PD-0089 |
| SOF Claims for PPs without any Permutational or Probabilistic | Mechanisms | PD-0048 |
| What SOF Claim is appropriate when there are no probabilistic or permutational | mechanisms | PD-0086 |
| Use of Third-party Security | Mechanisms in TOE Evaluations | PD-0113 |
| Automatic Update | Mechanisms | PD-0153 |
| Typographical error in the ALFWPP- | MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) | PD-0026 |
| Medium Robustness Traffic Filtering PP: Administrator accounts | PD-0134 | |
| "Overwriting" in the Context of Non-Disk Memory ( | Medium Robustness Profiles) | PD-0135 |
| Administrator-entered Code Used To | Meet SFRs | PD-0126 |
| Meeting the ADO_DEL.3 Requirement | PD-0114 | |
| Meeting FTA_TAH_EXP.1 in the DBMS PP | PD-0142 | |
| Meeting FDP_ACF.1 in the DBMS PP | PD-0143 | |
| Meeting FDP_ACF.1 claimed in the GPOSPP | PD-0156 | |
| Meeting FAU_SAR.3 claimed in the TFFW PP | PD-0159 | |
| "Overwriting" in the Context of Non-Disk | Memory (Medium Robustness Profiles) | PD-0135 |
| Sharing of Peripherals with | Memory under the Peripheral Sharing PP | PD-0138 |
| Must Only Security Relevant Error | Messages Be Provided In An FSP? | PD-0051 |
| Can There Be A Single Blanket Description Of Error | Messages in an FSP? | PD-0052 |
| Does ISO 9001 Certification imply that ACM_CAP.2 has been | met ? | PD-0092 |
| IDSSPP v1.4: FPT_STM.1 Must Be | Met by the TOE | PD-0107 |
| Missing | Methodology for NIAP I-0385 (Identification Of Standards) | PD-0021 |
| Site Visit - Alternative Evaluation | Methodology | PD-0094 |
| Missing Methodology for NIAP I-0385 (Identification Of Standards) | PD-0021 | |
| Multiple Hardware | Models with Different SFRs in One Security Target | PD-0109 |
| Attribute Inheritance/ | Modification Rules Need To Be Included In Policy | PD-0011 |
| SFR-enforcing | Module SFR-related Interface Descriptions | PD-0160 |
| WLAN PP Places FIPS 140-2 section level Requirements on Crypto | Module that are not always attainable | PD-0164 |
| Delivery and Installation Guidance for Vendor-Installed | Modules | PD-0029 |
| Clarification of FMT_ | MOF .1(3) for TFWPP and VPNPPs | PD-0149 |
| When should | monitoring of the public domain for new 'obvious vulnerabilities' cease? | PD-0008 |
| Ambiguities Resulting From Choosing | More Than One Selection In An Assignment | PD-0037 |
| Third Party Authentication is permitted by the ALFWPP- | MR | PD-0115 |
| FTA_SSL.1 and 2 SFRs in the Firewall, Traffic Filter Firewall, VPN, and IDS | MR PPs | PD-0150 |
| How | Much Testing Is Required At EAL2? | PD-0059 |
| Is Intermingling | Multiple PPs in One Document Acceptable? | PD-0034 |
| Reflecting Compliance With | Multiple PPs | PD-0047 |
| Security Targets for a Software TOE that runs on | Multiple Platforms | PD-0061 |
| What Must Be Tested for an ST Running On | Multiple Platforms? | PD-0062 |
| Evaluation of TOE claiming compatibility with | multiple IT environments | PD-0084 |
| Multiple Hardware Models with Different SFRs in One Security Target | PD-0109 | |
| Is It | Necessary To Repeat The List Of Audit Information in FAU_GEN.1 | PD-0057 |
| Level of Detail | Necessary for Assurance Requirements on Third Party Products | PD-0101 |
| Necessity For A Test Plan to Specifically Satisfy The Requirements for ATE_FUN.1.2C | PD-0014 | |
| Attribute Inheritance/Modification Rules | Need To Be Included In Policy | PD-0011 |
| Usage of the Term "Loopback | Network " in the Application Level Firewall PP | PD-0018 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area | Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area | Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Distinction between Internal and External | Networks in a Firewall PP | PD-0036 |
| When should monitoring of the public domain for | new 'obvious vulnerabilities' cease? | PD-0008 |
| NIAP Requirements for PP Registration Information for APE_INT.1 | PD-0015 | |
| Missing Methodology for | NIAP I-0385 (Identification Of Standards) | PD-0021 |
| Clarify CCEVS Policy for Applying | NIAP Interpretations | PD-0103 |
| Management of Functions with | No Specific Requirements | PD-0020 |
| What SOF Claim is appropriate when there are | no probabilistic or permutational mechanisms | PD-0086 |
| Information Flow Policies with | No Active Decision | PD-0098 |
| Can | non -TSF entities be included in the TOE by an ST? | PD-0043 |
| Can a | non -hardware TOE claim conformance with FPT_SEP.1? | PD-0112 |
| "Overwriting" in the Context of | Non -Disk Memory (Medium Robustness Profiles) | PD-0135 |
| Choice of functional components | not limited by choice of assurance components | PD-0007 |
| Auditing "Subject Identity" for Actions | Not Taken by TSP Subjects | PD-0064 |
| WLAN PP Places FIPS 140-2 section level Requirements on Crypto Module that are | not always attainable | PD-0164 |
| Applicability of FIA_UAU.7 Application | Note in CAPP v1.d | PD-0119 |
| Clarification on conformance to consistency issues | noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection | PD-0140 |
| Clarification on conformance to consistency issues | noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness | PD-0141 |
| Redundancy between Overview Material and Application | Notes in a PP | PD-0028 |
| Can application | notes contain requirements? | PD-0039 |
| Specifying the " | number of times" in FIA_AFL.1.1 | PD-0068 |
| Must Sublists In An SFR Be | Numbered ? | PD-0038 |
| Parsing of APE_ | OBJ .1.3C | PD-0017 |
| Create | Object Audit Event and CAPP Compliance | PD-0131 |
| Specifying Mechanism in PP | Objectives | PD-0089 |
| When should monitoring of the public domain for new ' | obvious vulnerabilities' cease? | PD-0008 |
| Deletion of the | oldest audit events when audit storage space is exhausted | PD-0129 |
| Is Intermingling Multiple PPs in | One Document Acceptable? | PD-0034 |
| Ambiguities Resulting From Choosing More Than | One Selection In An Assignment | PD-0037 |
| Does | One Reference or Transcribe Requirements When Including Components in a PP/ST? | PD-0060 |
| Multiple Hardware Models with Different SFRs in | One Security Target | PD-0109 |
| Must | Only Security Relevant Error Messages Be Provided In An FSP? | PD-0051 |
| Issues Related to Software | Only TOEs | PD-0053 |
| Exclusion or Inclusion of an | Operating System in the TOE? | PD-0046 |
| Empty Assignment | Operation | PD-0072 |
| Identification of | Operations on Security Functional Requirements | PD-0071 |
| Corrections to the General Purpose | OS PP (GPOSPP), Version 1.0 | PD-0167 |
| Redundancy between | Overview Material and Application Notes in a PP | PD-0028 |
| " | Overwriting " in the Context of Non-Disk Memory (Medium Robustness Profiles) | PD-0135 |
| Parameter Validation Testing | PD-0120 | |
| Parsing of APE_OBJ.1.3C | PD-0017 | |
| Partial Conformance to a PP/Conditional Requirements in a PP | PD-0073 | |
| Level of Detail Necessary for Assurance Requirements on Third | Party Products | PD-0101 |
| Use of Third- | party Security Mechanisms in TOE Evaluations | PD-0113 |
| Third | Party Authentication is permitted by the ALFWPP-MR | PD-0115 |
| Use of an Intelligent Printer ( | PCL ) in an Evaluated Product | PD-0041 |
| Actions/Information Required of the Developer and Evaluator When | Performing ADV_RCR Work | PD-0110 |
| Questions Concerning the | Peripheral Sharing Switch PP | PD-0093 |
| Sharing of Peripherals with Memory under the | Peripheral Sharing PP | PD-0138 |
| Switching Additional Devices in a | Peripheral Sharing Switch | PD-0166 |
| Sharing of | Peripherals with Memory under the Peripheral Sharing PP | PD-0138 |
| Third Party Authentication is | permitted by the ALFWPP-MR | PD-0115 |
| SOF Claims for PPs without any | Permutational or Probabilistic Mechanisms | PD-0048 |
| What SOF Claim is appropriate when there are no probabilistic or | permutational mechanisms | PD-0086 |
| Design Decomposition for | Physical Security | PD-0023 |
| Description of Logical and | Physical Boundaries | PD-0122 |
| WLAN PP | Places FIPS 140-2 section level Requirements on Crypto Module that are not always attainable | PD-0164 |
| Necessity For A Test | Plan to Specifically Satisfy The Requirements for ATE_FUN.1.2C | PD-0014 |
| Security Targets for a Software TOE that runs on Multiple | Platforms | PD-0061 |
| What Must Be Tested for an ST Running On Multiple | Platforms ? | PD-0062 |
| Testing All Claimed | Platforms | PD-0104 |
| Information Flow | Policies with No Active Decision | PD-0098 |
| Attribute Inheritance/Modification Rules Need To Be Included In | Policy | PD-0011 |
| Where should the TOE Security | Policy be defined? | PD-0027 |
| Where can | policy be specified in a PP? | PD-0045 |
| User in the Loop for | Policy Enforcement | PD-0095 |
| Clarify CCEVS | Policy for Applying NIAP Interpretations | PD-0103 |
| CCEVS | Policy #15 Applicability to Flash Drives | PD-0147 |
| Excluded Functionality and | Policy 13 | PD-0148 |
| PP compliance with | portion of TOE SFR in Environment | PD-0082 |
| For the Controlled Access Protection Profile (CAPP), must all events be pre-selectable? | Post -selectable? | PD-0067 |
| NIAP Requirements for | PP Registration Information for APE_INT.1 | PD-0015 |
| Usage of the Term "Loopback Network" in the Application Level Firewall | PP | PD-0018 |
| Allocation of Requirements in a | PP to the Environment | PD-0019 |
| Conformance with a | PP with respect to Level of Audit | PD-0024 |
| Redundancy between Overview Material and Application Notes in a | PP | PD-0028 |
| Distinction between Internal and External Networks in a Firewall | PP | PD-0036 |
| Where can policy be specified in a | PP ? | PD-0045 |
| Effect of Addition of Environmental Assumptions on | PP Compliance | PD-0055 |
| Does One Reference or Transcribe Requirements When Including Components in a | PP /ST? | PD-0060 |
| Partial Conformance to a | PP /Conditional Requirements in a PP | PD-0073 |
| Partial Conformance to a PP/Conditional Requirements in a | PP | PD-0073 |
| Dealing with Errors in a | PP | PD-0074 |
| Incorporation of interpretations into a | PP | PD-0078 |
| PP compliance with portion of TOE SFR in Environment | PD-0082 | |
| Specifying Mechanism in | PP Objectives | PD-0089 |
| Questions Concerning the Peripheral Sharing Switch | PP | PD-0093 |
| Compliance with IDS System | PP Export Requirements | PD-0097 |
| CIMC | PP Compliance for Iterated Requirements that are Satisfied by the IT Environment | PD-0102 |
| PP conformance Using an Underlying Evaluated Product | PD-0117 | |
| Assumptions in the IDS | PP v1.4 | PD-0118 |
| Audit Pre-Selection in the CIMC | PP | PD-0125 |
| Compliance with IDS Analyzer | PP Export Requirements | PD-0127 |
| Clarification of Alert requirement in Basic Robustness Anti-Virus | PP | PD-0130 |
| Medium Robustness Traffic Filtering | PP : Administrator accounts | PD-0134 |
| CC V3 | PP Conformance Type Consistency | PD-0137 |
| Sharing of Peripherals with Memory under the Peripheral Sharing | PP | PD-0138 |
| Meeting FTA_TAH_EXP.1 in the DBMS | PP | PD-0142 |
| Meeting FDP_ACF.1 in the DBMS | PP | PD-0143 |
| Enabling/Disabling of Verification of Cryptographic Key Testing in WLAN | PP | PD-0145 |
| Acceptable Demonstrable Assurance for the IDS System | PP v1.7 (BR) | PD-0151 |
| Internal Inconsistency within the IDS System | PP regarding FPT_STM | PD-0152 |
| CC inconsistencies/issues with the 2600 | PP | PD-0155 |
| Meeting FAU_SAR.3 claimed in the TFFW | PP | PD-0159 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic Filter Firewall | PP conflicts with FIPS Publication 140-2 | PD-0163 |
| WLAN | PP Places FIPS 140-2 section level Requirements on Crypto Module that are not always attainable | PD-0164 |
| Corrections to the General Purpose OS | PP (GPOSPP), Version 1.0 | PD-0167 |
| Is Intermingling Multiple | PPs in One Document Acceptable? | PD-0034 |
| Reflecting Compliance With Multiple | PPs | PD-0047 |
| SOF Claims for | PPs without any Permutational or Probabilistic Mechanisms | PD-0048 |
| Acceptability of IKE Authentication as "Single Use" In Firewall | PPs | PD-0105 |
| Using CCv2.x | PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM | PD-0136 |
| CC V3 Conformance Type for Existing CC V2 | PPs | PD-0139 |
| Corrections to formatting and typographic errors in the WLAN Access System | PPs | PD-0144 |
| FTA_SSL.1 and 2 SFRs in the Firewall, Traffic Filter Firewall, VPN, and IDS MR | PPs | PD-0150 |
| For the Controlled Access Protection Profile (CAPP), must all events be | pre -selectable? Post-selectable? | PD-0067 |
| Audit | Pre -Selection in the CIMC PP | PD-0125 |
| Site-Configurable | Prevention Of Audit Loss | PD-0010 |
| Use of an Intelligent | Printer (PCL) in an Evaluated Product | PD-0041 |
| SOF Claims for PPs without any Permutational or | Probabilistic Mechanisms | PD-0048 |
| What SOF Claim is appropriate when there are no | probabilistic or permutational mechanisms | PD-0086 |
| Problems with FPT_TST_EXT in GPOSPP 1.0 | PD-0158 | |
| Use of an Intelligent Printer (PCL) in an Evaluated | Product | PD-0041 |
| Can a | product claim conformance to an earlier version of the CC? | PD-0070 |
| PP conformance Using an Underlying Evaluated | Product | PD-0117 |
| Satisfaction of Requirements by Applications Running on Untrusted | Products | PD-0004 |
| Level of Detail Necessary for Assurance Requirements on Third Party | Products | PD-0101 |
| Referencing Draft External Specifications in a Protection | Profile | PD-0033 |
| For the Controlled Access Protection | Profile (CAPP), must all events be pre-selectable? Post-selectable? | PD-0067 |
| noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection | Profile [to consistency issues | PD-0140 |
| to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection | Profile for Basic Robustness Environments [on conformance | PD-0141 |
| STs Adding Requirements to Protection | Profiles | PD-0087 |
| "Overwriting" in the Context of Non-Disk Memory (Medium Robustness | Profiles ) | PD-0135 |
| Programming Language Interfaces / Compilers in the TOE | PD-0157 | |
| Referencing Draft External Specifications in a | Protection Profile | PD-0033 |
| For the Controlled Access | Protection Profile (CAPP), must all events be pre-selectable? Post-selectable? | PD-0067 |
| STs Adding Requirements to | Protection Profiles | PD-0087 |
| issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments | Protection Profile [to consistency | PD-0140 |
| on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System | Protection Profile for Basic Robustness Environments [Clarification | PD-0141 |
| Depth of | Protocol or Interface Examination | PD-0124 |
| What | Protocol -related Information Must Be In An ST | PD-0162 |
| Defining | Protocols as Internal or External Interfaces | PD-0123 |
| What Does It Mean To | Provide A Mechanism To Support A Function? | PD-0076 |
| Can Sorting and Searching Tools be | Provided in the Environment | PD-0006 |
| Test Evidence that must be | provided at EAL2 | PD-0022 |
| Must Only Security Relevant Error Messages Be | Provided In An FSP? | PD-0051 |
| What Information Must Be | Provided in the TSS Rationale? | PD-0063 |
| FTP_ITC.1.3 Specifies The Functions For Which A Trusted Channel Is | Provided | PD-0108 |
| When should monitoring of the | public domain for new 'obvious vulnerabilities' cease? | PD-0008 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS | Publication 140-2 | PD-0163 |
| Corrections to the General | Purpose OS PP (GPOSPP), Version 1.0 | PD-0167 |
| Questions Concerning the Peripheral Sharing Switch PP | PD-0093 | |
| What Information Must Be Provided in the TSS | Rationale ? | PD-0063 |
| Actions/Information Required of the Developer and Evaluator When Performing ADV_ | RCR Work | PD-0110 |
| Warning Banner Must Be Human | Readable Text | PD-0040 |
| Handling Audit Section Text: Actions vs. Information To Be | Recorded | PD-0031 |
| Redundancy between Overview Material and Application Notes in a PP | PD-0028 | |
| What is an appropriate TOE | Reference ? | PD-0054 |
| Does One | Reference or Transcribe Requirements When Including Components in a PP/ST? | PD-0060 |
| Referencing Draft External Specifications in a Protection Profile | PD-0033 | |
| Reflecting Compliance With Multiple PPs | PD-0047 | |
| Internal Inconsistency within the IDS System PP | regarding FPT_STM | PD-0152 |
| NIAP Requirements for PP | Registration Information for APE_INT.1 | PD-0015 |
| Issues | Related to Software Only TOEs | PD-0053 |
| SFR-enforcing Module SFR- | related Interface Descriptions | PD-0160 |
| What Protocol- | related Information Must Be In An ST | PD-0162 |
| How Should Libraries Be Handled | Relative to the ADV_FSP.1 work units of the CEM? | PD-0050 |
| Definition of Security | Relevant | PD-0005 |
| Must Only Security | Relevant Error Messages Be Provided In An FSP? | PD-0051 |
| Remote Administration and Cryptographic Functionality in the TFWPP | PD-0146 | |
| Is It Necessary To | Repeat The List Of Audit Information in FAU_GEN.1 | PD-0057 |
| Format of the ADV_IMP Implementation | Representation | PD-0121 |
| TSF | Representations Split Among Documents | PD-0013 |
| What evidence is required by APE_ | REQ .1.4C? | PD-0044 |
| What evidence is | required by APE_REQ.1.4C? | PD-0044 |
| How Much Testing Is | Required At EAL2? | PD-0059 |
| Actions/Information | Required of the Developer and Evaluator When Performing ADV_RCR Work | PD-0110 |
| Meeting the ADO_DEL.3 | Requirement | PD-0114 |
| IDSSPP v1.4: Compliance with the Selective Audit | Requirement | PD-0116 |
| Clarification of Alert | requirement in Basic Robustness Anti-Virus PP | PD-0130 |
| FCS_BCM_(EXT).1: The explicitly stated | requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Satisfaction of | Requirements by Applications Running on Untrusted Products | PD-0004 |
| Necessity For A Test Plan to Specifically Satisfy The | Requirements for ATE_FUN.1.2C | PD-0014 |
| NIAP | Requirements for PP Registration Information for APE_INT.1 | PD-0015 |
| Evidence for APE Assurance | Requirements | PD-0016 |
| Allocation of | Requirements in a PP to the Environment | PD-0019 |
| Management of Functions with No Specific | Requirements | PD-0020 |
| Can application notes contain | requirements ? | PD-0039 |
| EAL2 Testing | Requirements | PD-0058 |
| Does One Reference or Transcribe | Requirements When Including Components in a PP/ST? | PD-0060 |
| Identification of Operations on Security Functional | Requirements | PD-0071 |
| Partial Conformance to a PP/Conditional | Requirements in a PP | PD-0073 |
| How to Handle Explicitly Specified | Requirements ? | PD-0085 |
| STs Adding | Requirements to Protection Profiles | PD-0087 |
| Dependencies of | Requirements on the IT Environment | PD-0091 |
| Compliance with IDS System PP Export | Requirements | PD-0097 |
| FIA_UID.2, FIA_UAU.2, and FPT_STM.1 | Requirements : On the IT Environment? | PD-0099 |
| Level of Detail Necessary for Assurance | Requirements on Third Party Products | PD-0101 |
| CIMC PP Compliance for Iterated | Requirements that are Satisfied by the IT Environment | PD-0102 |
| Compliance with IDS Analyzer PP Export | Requirements | PD-0127 |
| WLAN PP Places FIPS 140-2 section level | Requirements on Crypto Module that are not always attainable | PD-0164 |
| Meaning of | Resources in FDP_RIP.2 | PD-0001 |
| Conformance with a PP with | respect to Level of Audit | PD-0024 |
| Typographical error in the ALFWPP-MED with | respect to FDP_IFF.1(1) and FDP_IFF.1(2) | PD-0026 |
| Ambiguities | Resulting From Choosing More Than One Selection In An Assignment | PD-0037 |
| Information in Test | Results for Manual Tests | PD-0128 |
| When can evaluation evidence be | reused ? | PD-0100 |
| Depth of Test Code | Review : Examination of Source Code or Scripts | PD-0161 |
| Meaning of Resources in FDP_ | RIP .2 | PD-0001 |
| Does FDP_ | RIP .2 imply hardware must be in the TOE? | PD-0081 |
| Clarification of Alert requirement in Basic | Robustness Anti-Virus PP | PD-0130 |
| Medium | Robustness Traffic Filtering PP: Administrator accounts | PD-0134 |
| "Overwriting" in the Context of Non-Disk Memory (Medium | Robustness Profiles) | PD-0135 |
| on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic | Robustness Environments Protection Profile [Clarification | PD-0140 |
| issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic | Robustness Environments [to consistency | PD-0141 |
| Can Access Control Attributes Determine Users In A | Role ? | PD-0012 |
| Attribute Inheritance/Modification | Rules Need To Be Included In Policy | PD-0011 |
| Satisfaction of Requirements by Applications | Running on Untrusted Products | PD-0004 |
| What Must Be Tested for an ST | Running On Multiple Platforms? | PD-0062 |
| Security Targets for a Software TOE that | runs on Multiple Platforms | PD-0061 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_ | RVM | PD-0136 |
| Clarification on conformance to consistency issues noted in the U. | S . Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U. | S . Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Meeting FAU_ | SAR .3 claimed in the TFFW PP | PD-0159 |
| Satisfaction of Requirements by Applications Running on Untrusted Products | PD-0004 | |
| CIMC PP Compliance for Iterated Requirements that are | Satisfied by the IT Environment | PD-0102 |
| Situations Where AGD_USR May Be Vacuously | Satisfied | PD-0106 |
| Necessity For A Test Plan to Specifically | Satisfy The Requirements for ATE_FUN.1.2C | PD-0014 |
| Depth of Test Code Review: Examination of Source Code or | Scripts | PD-0161 |
| Can Sorting and | Searching Tools be Provided in the Environment | PD-0006 |
| Handling Audit | Section Text: Actions vs. Information To Be Recorded | PD-0031 |
| WLAN PP Places FIPS 140-2 | section level Requirements on Crypto Module that are not always attainable | PD-0164 |
| Definition of | Security Relevant | PD-0005 |
| Design Decomposition for Physical | Security | PD-0023 |
| Where should the TOE | Security Policy be defined? | PD-0027 |
| Initialization of Default Values of | Security Attributes | PD-0030 |
| Must Only | Security Relevant Error Messages Be Provided In An FSP? | PD-0051 |
| Security Targets for a Software TOE that runs on Multiple Platforms | PD-0061 | |
| Identification of Operations on | Security Functional Requirements | PD-0071 |
| Multiple Hardware Models with Different SFRs in One | Security Target | PD-0109 |
| Use of Third-party | Security Mechanisms in TOE Evaluations | PD-0113 |
| In FAU_ | SEL .1, What Is Meant By "the set of audited events"? | PD-0066 |
| For the Controlled Access Protection Profile (CAPP), must all events be pre- | selectable ? Post-selectable? | PD-0067 |
| For the Controlled Access Protection Profile (CAPP), must all events be pre-selectable? Post- | selectable ? | PD-0067 |
| Ambiguities Resulting From Choosing More Than One | Selection In An Assignment | PD-0037 |
| Audit Pre- | Selection in the CIMC PP | PD-0125 |
| IDSSPP v1.4: Compliance with the | Selective Audit Requirement | PD-0116 |
| Exempting | sensitive attribute data items from capture in the audit log | PD-0009 |
| Meaning of "access control and/or information flow control SFPs" in FPT_ | SEP | PD-0065 |
| Can a non-hardware TOE claim conformance with FPT_ | SEP .1? | PD-0112 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of FPT_ | SEP and FPT_RVM | PD-0136 |
| Is an Access Control Decision made at the beginning of a | session acceptable? | PD-0025 |
| Terminating | Sessions in lieu of Locking Sessions | PD-0132 |
| Terminating Sessions in lieu of Locking | Sessions | PD-0132 |
| In FAU_SEL.1, What Is Meant By "the | set of audited events"? | PD-0066 |
| Meaning of "access control and/or information flow control | SFPs " in FPT_SEP | PD-0065 |
| Must Sublists In An | SFR Be Numbered? | PD-0038 |
| PP compliance with portion of TOE | SFR in Environment | PD-0082 |
| SFR -enforcing Module SFR-related Interface Descriptions | PD-0160 | |
| SFR-enforcing Module | SFR -related Interface Descriptions | PD-0160 |
| Multiple Hardware Models with Different | SFRs in One Security Target | PD-0109 |
| Administrator-entered Code Used To Meet | SFRs | PD-0126 |
| Level of Detail in | SFRs | PD-0133 |
| FTA_SSL.1 and 2 | SFRs in the Firewall, Traffic Filter Firewall, VPN, and IDS MR PPs | PD-0150 |
| Questions Concerning the Peripheral | Sharing Switch PP | PD-0093 |
| Sharing of Peripherals with Memory under the Peripheral Sharing PP | PD-0138 | |
| Sharing of Peripherals with Memory under the Peripheral | Sharing PP | PD-0138 |
| Switching Additional Devices in a Peripheral | Sharing Switch | PD-0166 |
| Can the lists of Audit Events and Audit Information be Combined into a | single Table? | PD-0035 |
| Can There Be A | Single Blanket Description Of Error Messages in an FSP? | PD-0052 |
| Acceptability of IKE Authentication as " | Single Use" In Firewall PPs | PD-0105 |
| Site -Configurable Prevention Of Audit Loss | PD-0010 | |
| Site Visit - Alternative Evaluation Methodology | PD-0094 | |
| Situations Where AGD_USR May Be Vacuously Satisfied | PD-0106 | |
| SOF Claims for PPs without any Permutational or Probabilistic Mechanisms | PD-0048 | |
| What | SOF Claim is appropriate when there are no probabilistic or permutational mechanisms | PD-0086 |
| Issues Related to | Software Only TOEs | PD-0053 |
| Security Targets for a | Software TOE that runs on Multiple Platforms | PD-0061 |
| Can | Sorting and Searching Tools be Provided in the Environment | PD-0006 |
| Clarify the Definitive | Source of International Interps | PD-0111 |
| Depth of Test Code Review: Examination of | Source Code or Scripts | PD-0161 |
| Deletion of the oldest audit events when audit storage | space is exhausted | PD-0129 |
| Management of Functions with No | Specific Requirements | PD-0020 |
| Necessity For A Test Plan to | Specifically Satisfy The Requirements for ATE_FUN.1.2C | PD-0014 |
| Referencing Draft External | Specifications in a Protection Profile | PD-0033 |
| Where can policy be | specified in a PP? | PD-0045 |
| How to Handle Explicitly | Specified Requirements? | PD-0085 |
| FTP_ITC.1.3 | Specifies The Functions For Which A Trusted Channel Is Provided | PD-0108 |
| Specifying the "number of times" in FIA_AFL.1.1 | PD-0068 | |
| Specifying Mechanism in PP Objectives | PD-0089 | |
| TSF Representations | Split Among Documents | PD-0013 |
| FTA_ | SSL .1 and 2 SFRs in the Firewall, Traffic Filter Firewall, VPN, and IDS MR PPs | PD-0150 |
| Can non-TSF entities be included in the TOE by an | ST ? | PD-0043 |
| Does One Reference or Transcribe Requirements When Including Components in a PP/ | ST ? | PD-0060 |
| What Must Be Tested for an | ST Running On Multiple Platforms? | PD-0062 |
| What Protocol-related Information Must Be In An | ST | PD-0162 |
| Missing Methodology for NIAP I-0385 (Identification Of | Standards ) | PD-0021 |
| Identification of | Standards | PD-0083 |
| FCS_BCM_(EXT).1: The explicitly | stated requirement claimed in the Traffic Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| FIA_UID.2, FIA_UAU.2, and FPT_ | STM .1 Requirements: On the IT Environment? | PD-0099 |
| IDSSPP v1.4: FPT_ | STM .1 Must Be Met by the TOE | PD-0107 |
| Internal Inconsistency within the IDS System PP regarding FPT_ | STM | PD-0152 |
| Deletion of the oldest audit events when audit | storage space is exhausted | PD-0129 |
| STs Adding Requirements to Protection Profiles | PD-0087 | |
| Using CCv2.x PPs with CCv3.1 | STs : Handling of FPT_SEP and FPT_RVM | PD-0136 |
| Auditing " | Subject Identity" for Actions Not Taken by TSP Subjects | PD-0064 |
| Auditing "Subject Identity" for Actions Not Taken by TSP | Subjects | PD-0064 |
| Must | Sublists In An SFR Be Numbered? | PD-0038 |
| What Does It Mean To Provide A Mechanism To | Support A Function? | PD-0076 |
| Questions Concerning the Peripheral Sharing | Switch PP | PD-0093 |
| Switching Additional Devices in a Peripheral Sharing | Switch | PD-0166 |
| Switching Additional Devices in a Peripheral Sharing Switch | PD-0166 | |
| Exclusion or Inclusion of an Operating | System in the TOE? | PD-0046 |
| Compliance with IDS | System PP Export Requirements | PD-0097 |
| on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access | System Protection Profile for Basic Robustness Environments [Clarification | PD-0141 |
| Corrections to formatting and typographic errors in the WLAN Access | System PPs | PD-0144 |
| Acceptable Demonstrable Assurance for the IDS | System PP v1.7 (BR) | PD-0151 |
| Internal Inconsistency within the IDS | System PP regarding FPT_STM | PD-0152 |
| Can the lists of Audit Events and Audit Information be Combined into a single | Table ? | PD-0035 |
| Meeting FTA_ | TAH _EXP.1 in the DBMS PP | PD-0142 |
| Auditing "Subject Identity" for Actions Not | Taken by TSP Subjects | PD-0064 |
| Multiple Hardware Models with Different SFRs in One Security | Target | PD-0109 |
| Security | Targets for a Software TOE that runs on Multiple Platforms | PD-0061 |
| Usage of the | Term "Loopback Network" in the Application Level Firewall PP | PD-0018 |
| Terminating Sessions in lieu of Locking Sessions | PD-0132 | |
| Necessity For A | Test Plan to Specifically Satisfy The Requirements for ATE_FUN.1.2C | PD-0014 |
| Test Evidence that must be provided at EAL2 | PD-0022 | |
| Information in | Test Results for Manual Tests | PD-0128 |
| Depth of | Test Code Review: Examination of Source Code or Scripts | PD-0161 |
| What Must Be | Tested for an ST Running On Multiple Platforms? | PD-0062 |
| Exhaustiveness of ATE_IND | Testing | PD-0056 |
| EAL2 | Testing Requirements | PD-0058 |
| How Much | Testing Is Required At EAL2? | PD-0059 |
| Use of Unevaluated Hardware during | Testing ? | PD-0080 |
| Testing All Claimed Platforms | PD-0104 | |
| Parameter Validation | Testing | PD-0120 |
| Enabling/Disabling of Verification of Cryptographic Key | Testing in WLAN PP | PD-0145 |
| Information in Test Results for Manual | Tests | PD-0128 |
| Handling Audit Section | Text : Actions vs. Information To Be Recorded | PD-0031 |
| Warning Banner Must Be Human Readable | Text | PD-0040 |
| Meeting FAU_SAR.3 claimed in the | TFFW PP | PD-0159 |
| Remote Administration and Cryptographic Functionality in the | TFWPP | PD-0146 |
| Clarification of FMT_MOF.1(3) for | TFWPP and VPNPPs | PD-0149 |
| Ambiguities Resulting From Choosing More | Than One Selection In An Assignment | PD-0037 |
| Can | There Be A Single Blanket Description Of Error Messages in an FSP? | PD-0052 |
| What SOF Claim is appropriate when | there are no probabilistic or permutational mechanisms | PD-0086 |
| Level of Detail Necessary for Assurance Requirements on | Third Party Products | PD-0101 |
| Use of | Third -party Security Mechanisms in TOE Evaluations | PD-0113 |
| Third Party Authentication is permitted by the ALFWPP-MR | PD-0115 | |
| Exclusion of functions | through guidance | PD-0165 |
| Time Changes | PD-0154 | |
| Specifying the "number of | times " in FIA_AFL.1.1 | PD-0068 |
| Where should the | TOE Security Policy be defined? | PD-0027 |
| Can non-TSF entities be included in the | TOE by an ST? | PD-0043 |
| Exclusion or Inclusion of an Operating System in the | TOE ? | PD-0046 |
| What is an appropriate | TOE Reference? | PD-0054 |
| Security Targets for a Software | TOE that runs on Multiple Platforms | PD-0061 |
| Does FDP_RIP.2 imply hardware must be in the | TOE ? | PD-0081 |
| PP compliance with portion of | TOE SFR in Environment | PD-0082 |
| Evaluation of | TOE claiming compatibility with multiple IT environments | PD-0084 |
| TOE Labels | PD-0090 | |
| IDSSPP v1.4: FPT_STM.1 Must Be Met by the | TOE | PD-0107 |
| Can a non-hardware | TOE claim conformance with FPT_SEP.1? | PD-0112 |
| Use of Third-party Security Mechanisms in | TOE Evaluations | PD-0113 |
| Programming Language Interfaces / Compilers in the | TOE | PD-0157 |
| Issues Related to Software Only | TOEs | PD-0053 |
| Can Sorting and Searching | Tools be Provided in the Environment | PD-0006 |
| Medium Robustness | Traffic Filtering PP: Administrator accounts | PD-0134 |
| FTA_SSL.1 and 2 SFRs in the Firewall, | Traffic Filter Firewall, VPN, and IDS MR PPs | PD-0150 |
| FCS_BCM_(EXT).1: The explicitly stated requirement claimed in the | Traffic Filter Firewall PP conflicts with FIPS Publication 140-2 | PD-0163 |
| Does One Reference or | Transcribe Requirements When Including Components in a PP/ST? | PD-0060 |
| FTP_ITC.1.3 Specifies The Functions For Which A | Trusted Channel Is Provided | PD-0108 |
| TSF Representations Split Among Documents | PD-0013 | |
| Can non- | TSF entities be included in the TOE by an ST? | PD-0043 |
| Identification and Description of | TSF Interfaces | PD-0049 |
| Are All Aspects of the | TSFI Documented in ADV_FSP.2? | PD-0077 |
| Auditing "Subject Identity" for Actions Not Taken by | TSP Subjects | PD-0064 |
| What Information Must Be Provided in the | TSS Rationale? | PD-0063 |
| Problems with FPT_ | TST _EXT in GPOSPP 1.0 | PD-0158 |
| CC V3 PP Conformance | Type Consistency | PD-0137 |
| CC V3 Conformance | Type for Existing CC V2 PPs | PD-0139 |
| Corrections to formatting and | typographic errors in the WLAN Access System PPs | PD-0144 |
| Typographical error in the ALFWPP-MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) | PD-0026 | |
| Clarification on conformance to consistency issues noted in the | U .S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the | U .S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| FIA_UID.2, FIA_ | UAU .2, and FPT_STM.1 Requirements: On the IT Environment? | PD-0099 |
| Applicability of FIA_ | UAU .7 Application Note in CAPP v1.d | PD-0119 |
| FIA_ | UID .2, FIA_UAU.2, and FPT_STM.1 Requirements: On the IT Environment? | PD-0099 |
| Sharing of Peripherals with Memory | under the Peripheral Sharing PP | PD-0138 |
| PP conformance Using an | Underlying Evaluated Product | PD-0117 |
| Use of | Unevaluated Hardware during Testing? | PD-0080 |
| How Should Libraries Be Handled Relative to the ADV_FSP.1 work | units of the CEM? | PD-0050 |
| Satisfaction of Requirements by Applications Running on | Untrusted Products | PD-0004 |
| Automatic | Update Mechanisms | PD-0153 |
| Usage of the Term "Loopback Network" in the Application Level Firewall PP | PD-0018 | |
| Use of an Intelligent Printer (PCL) in an Evaluated Product | PD-0041 | |
| Use of Unevaluated Hardware during Testing? | PD-0080 | |
| Acceptability of IKE Authentication as "Single | Use " In Firewall PPs | PD-0105 |
| Use of Third-party Security Mechanisms in TOE Evaluations | PD-0113 | |
| Administrator-entered Code | Used To Meet SFRs | PD-0126 |
| Can | User Identity Be Listed As An Attribute for FIA_ATD.1? | PD-0042 |
| User in the Loop for Policy Enforcement | PD-0095 | |
| Can Access Control Attributes Determine | Users In A Role? | PD-0012 |
| PP conformance | Using an Underlying Evaluated Product | PD-0117 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM | PD-0136 | |
| Situations Where AGD_ | USR May Be Vacuously Satisfied | PD-0106 |
| IDSSPP | v 1.4: FPT_STM.1 Must Be Met by the TOE | PD-0107 |
| IDSSPP | v 1.4: Compliance with the Selective Audit Requirement | PD-0116 |
| Assumptions in the IDS PP | v 1.4 | PD-0118 |
| Applicability of FIA_UAU.7 Application Note in CAPP | v 1.d | PD-0119 |
| CC | V 3 PP Conformance Type Consistency | PD-0137 |
| CC | V 3 Conformance Type for Existing CC V2 PPs | PD-0139 |
| CC V3 Conformance Type for Existing CC | V 2 PPs | PD-0139 |
| Acceptable Demonstrable Assurance for the IDS System PP | v 1.7 (BR) | PD-0151 |
| Situations Where AGD_USR May Be | Vacuously Satisfied | PD-0106 |
| Parameter | Validation Testing | PD-0120 |
| Initialization of Default | Values of Security Attributes | PD-0030 |
| Delivery and Installation Guidance for | Vendor -Installed Modules | PD-0029 |
| Enabling/Disabling of | Verification of Cryptographic Key Testing in WLAN PP | PD-0145 |
| Can a product claim conformance to an earlier | version of the CC? | PD-0070 |
| Corrections to the General Purpose OS PP (GPOSPP), | Version 1.0 | PD-0167 |
| Clarification of Alert requirement in Basic Robustness Anti- | Virus PP | PD-0130 |
| Site | Visit - Alternative Evaluation Methodology | PD-0094 |
| FTA_SSL.1 and 2 SFRs in the Firewall, Traffic Filter Firewall, | VPN , and IDS MR PPs | PD-0150 |
| Clarification of FMT_MOF.1(3) for TFWPP and | VPNPPs | PD-0149 |
| Handling Audit Section Text: Actions | vs . Information To Be Recorded | PD-0031 |
| When should monitoring of the public domain for new 'obvious | vulnerabilities ' cease? | PD-0008 |
| Developer | Vulnerability Analysis | PD-0088 |
| Warning Banner Must Be Human Readable Text | PD-0040 | |
| What evidence is required by APE_REQ.1.4C? | PD-0044 | |
| What is an appropriate TOE Reference? | PD-0054 | |
| What Must Be Tested for an ST Running On Multiple Platforms? | PD-0062 | |
| What Information Must Be Provided in the TSS Rationale? | PD-0063 | |
| In FAU_SEL.1, | What Is Meant By "the set of audited events"? | PD-0066 |
| What Does It Mean To Provide A Mechanism To Support A Function? | PD-0076 | |
| What SOF Claim is appropriate when there are no probabilistic or permutational mechanisms | PD-0086 | |
| What Protocol-related Information Must Be In An ST | PD-0162 | |
| When should monitoring of the public domain for new 'obvious vulnerabilities' cease? | PD-0008 | |
| Does One Reference or Transcribe Requirements | When Including Components in a PP/ST? | PD-0060 |
| What SOF Claim is appropriate | when there are no probabilistic or permutational mechanisms | PD-0086 |
| When can evaluation evidence be reused? | PD-0100 | |
| Actions/Information Required of the Developer and Evaluator | When Performing ADV_RCR Work | PD-0110 |
| Deletion of the oldest audit events | when audit storage space is exhausted | PD-0129 |
| Where should the TOE Security Policy be defined? | PD-0027 | |
| Where can policy be specified in a PP? | PD-0045 | |
| Situations | Where AGD_USR May Be Vacuously Satisfied | PD-0106 |
| FTP_ITC.1.3 Specifies The Functions For | Which A Trusted Channel Is Provided | PD-0108 |
| Clarification on conformance to consistency issues noted in the U.S. Government | Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government | Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Internal Inconsistency | within the IDS System PP regarding FPT_STM | PD-0152 |
| SOF Claims for PPs | without any Permutational or Probabilistic Mechanisms | PD-0048 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network ( | WLAN ) Client for Basic Robustness Environments Protection Profile | PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network ( | WLAN ) Access System Protection Profile for Basic Robustness Environments | PD-0141 |
| Corrections to formatting and typographic errors in the | WLAN Access System PPs | PD-0144 |
| Enabling/Disabling of Verification of Cryptographic Key Testing in | WLAN PP | PD-0145 |
| WLAN PP Places FIPS 140-2 section level Requirements on Crypto Module that are not always attainable | PD-0164 | |
| How Should Libraries Be Handled Relative to the ADV_FSP.1 | work units of the CEM? | PD-0050 |
| Actions/Information Required of the Developer and Evaluator When Performing ADV_RCR | Work | PD-0110 |
| Using CCv2. | x PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM | PD-0136 |
Return to Index Selection Page
Database indices generated on 2011-05-20. Flagging of new/changes were done against the latest configuration managed version dated before 2011-04-01.