Archived
TD0039: Clarifications to FPT_TUD_EXT.1(1)
Publication Date
2015.03.13
Protection Profiles
Other References
PP_MDM_V1.1, requirement FPT_TUD_EXT.1(1) (MDM Server)
Issue Description
The assurance activity indicates that “The evaluator shall examine the AGD guidance to verify that it describes how to query the current version of the MDM Server software and how to initiate updates.” This statement omits requiring guidance documentation explaining how to check the integrity of updates as required. Resolution
The guidance assurance activity should be modified as follows: The evaluator shall examine the AGD guidance to verify that it describes how to query the current version of the MDM Server software, how to initiate updates, and how to check the integrity of updates prior to installation. Test 2 should be rewritten as follows:
Justification
The guidance documentation should describe how non-automatic integrity checks should be performed. Test 2 needs to be in alignment with the requirement, which does not require automatic integrity checks, and should test the ability to perform non-automatic integrity checks in accordance with the guidance documentation. |