NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0734:  Clarification on optional functions within FMT_SRF_EXT.1

Publication Date
2023.04.13

Protection Profiles
MOD_EDR_V1.0

Other References
FMT_SRF_EXT.1, MOD_EDR_V1.0-SD

Issue Description

In FMT_SRF_EXT.1.1 in MOD_EDR_V1.0, it is unclear if the function which is only optional for each role should be considered optional or if at least one of the roles must have the ability to perform the function.

Resolution

The following application note is added to FMT_SRF_EXT.1.1 in MOD_EDR_V1.0:

Any function which is not mandatory for at least one role is considered optional for the TOE.

Test 4 in FMT_SRF_EXT.1 in the Supporting Document for MOD_EDR_VV1.0 is modified as follows, with underline representing additions:

  • Test 4 (Conditional: if the EDR includes the function to retrieve potentially unauthorized or affected files from an endpoint, then)The evaluator shall place a file known to trigger an incident alert on the file system then retrieve the contents of the file from the EDR management dashboard.
Justification

The function to retrieve potentially unauthorized or affected files from an endpoint was intended to be optional for the EDR.

 
 
Site Map              Contact Us              Home