The Test Assurance Activities for FIA_AUT_EXT.1 in the PP-Module for Endpoint Detection and Response Version 1.0 have the following issues:

• Test 1 is conditional but its reason for being conditional does not use wording from the SFR. 

• Test 1 uses the wording “with strictly unanimous authentication for those enabled” which does not match any functional expectations define within the SFR wording

• Test 2 should have the second sentence deleted because the SFR does not allow for additional platform-based factors

Test 1 and Test 2 for FAU_AUT_EXT.1.1 in the MOD_EDR_V1.0 SD are modified as follows, withhighlighted strikethroughs denoting deletions:

Test 1: Conditional: If "provide the following authentication mechanisms" is selected, the evaluator shall create an

account with a username and password, verifying that login authentication is case-sensitive. If additional factors are

provided, each factor shall be tested for login access with strictly unanimous authentication for those enabled. The

evaluator shall verify that login access is granted for correct credentials and denied in cases of incorrect credentials

across available factors.

Test 2: Conditional: If "leverage the platform" is selected, the evaluator shall create an account following the platform

rules. If additional factors are provided, each factor shall be tested for login access with strictly unanimous authentication

for those enabled. The evaluator shall verify that login access is granted for correct credentials and denied in cases of

incorrect credentials across available factors.

See issue description.