Содержание
Скачать 2.18 Mb.
|
| 6,49 | Login identifiers SHALL be stored within an element in a non-volatile manner. | Comply |
| 6,50 | Only those individuals granted the access control level of “Root”, “Administrator” or “Security” SHALL have access to the device login function. | Comply |
| 6,51 | Only those individuals granted the access control level of “Root”, “Administrator” or “Security” SHALL have access to the device management function. | Comply |
| 6,52 | Login identifiers SHALL be required for access to the device login function. | Comply |
| 6,53 | Login identifiers SHALL be required for access to the device management function. | Comply |
| 6,54 | Assignment of login identifiers SHALL be only by those individuals, granted the access control level of “Security”. | Comply |
| 6,55 | Deletion of login identifiers SHALL be only by those individuals, granted the access control level of “Security”. | Comply |
| 6,56 | Login passwords SHALL NOT be disclosed/displayed on the screen when entered during login. | Comply |
| 6,57 | Login password lengths SHALL NOT be disclosed/displayed on the screen when entered during login. | Comply |
| 6,58 | Device Login functions SHALL require a non-blank (i.e., Null) user password to log into said Device. | Comply |
| 6,59 | Any default passwords SHALL be capable of being deleted. | Comply |
| 6,60 | Login passwords SHALL require a minimum length of 8 characters (mixed alphabetic and numeric with special characters allowed). | Comply |
| 6,61 | It is desirable that the device "enforce" complex password usage as specified in the preceding requirement. | Comply |
| 6,62 | Login passwords SHALL be stored within a device in a non-volatile manner. | Comply |
| 6,63 | Login passwords SHALL be required for access to the device login function,. | Comply |
| 6,64 | Login passwords SHALL be required for the device management function. | Comply |
| 6,65 | Login passwords SHALL be stored within a device in an encrypted form only. | Comply |
| 6,66 | Login password encrypted storage SHALL use the MD-5 hash algorithm at a minimum. | Comply |
| 6,67 | Only one password SHALL be assignable to each login-ID, (i.e., the number of passwords is equal to the number of login-IDs in the system). | Comply |
| 6,68 | Login identifier verification SHALL use a token method, such as SecureID, as an alternative to passwords. | Comply |
| 6,69 | Assignment/changing of login passwords SHALL be allowed by those individuals, granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,70 | Device Login functions (processes) SHALL post an entry to the security log whenever a login attempt occurs where the entry includes a field that identifies the success or failure of said attempt. | Comply |
| 6,71 | The maximum threshold of tries a user will be given to enter a valid login/password combination SHALL be 3-5 attempts. | Comply |
| 6,72 | The threshold of tries a user will be given to enter a valid login/password combination SHALL be settable only by those individuals, granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,73 | The device SHALL generate a distinct alarm when the threshold for unauthorized/invalid login attempts is reached. | Comply |
| 6,74 | Device Login functions SHALL lock out the keyboard or session, or equivalent action, when the threshold for unauthorized/invalid attempts is exceeded except for out-of-band management. | Comply |
| 6,75 | Only an individual granted the access control level of “Root”, “Administrator” or “Security” SHALL be allowed to restore a locked out keyboard or session after the threshold for unauthorized/invalid attempts has been exceeded. | Comply |
| 6,76 | Device Login functions SHALL support a settable time interval, between 1 minute and 60 minutes, that controls the period of keyboard or session lockout following the user failure to enter a correct login/password combination within the allocated number of attempts. | Comply |
| 6,77 | Device Login function time interval that controls keyboard or session lockout SHALL be settable only by those individuals, granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,78 | Device unauthorized/invalid login attempt alarm messages SHALL be transmitted to an element manager function. | Comply |
| 6,79 | Device unauthorized/invalid login attempt alarm message transmission destination SHALL be settable only by those individuals, granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,80 | The Device SHALL NOT support ways to bypass the authentication mechanism other than documented procedures documented by the vendor. | Comply |
| 6,81 | The device SHALL appear to perform the entire user authentication procedure, even if the user ID that is entered is not valid. | Comply |
| 6,82 | Error feedback generated by the device during the user authentication procedure SHALL provide no information to the user other than “invalid”, i.e., it SHALL NOT reveal which part of the authentication dialog is incorrect. | Comply |
| 6,83 | When a logical connection is established and before access to services is granted, the device SHALL provide an advisory warning message regarding unauthorized entry or use and its possible consequences. | Comply |
| 6,84 | Upon a human user’s successful login to a device, the following SHALL be displayed: The date and time of the user’s last successful access to the device. | Comply |
| 6,85 | Upon a human user’s successful login to a device, the following SHALL be displayed: The number of unsuccessful attempts by that user ID to access the device since the last successful access by that user ID. | Comply |
| 6,86 | When an authentication server is deployed, the device SHALL provide the capability to control routing to the security server for mediation to avoid unauthorized bypass of the server. | Comply |
| 6,87 | The device SHALL provide mechanisms to protect the loading of new software and/or data by supporting authentication, access control, and integrity verification mechanisms for software installation, update, patching or replacement. | Comply |
| 6,88 | If cryptographic mechanisms are used, the device SHALL provide the capability to securely administer the key management service that supports the crypto-based mechanisms. | Comply |
| 6,89 | The device SHALL NOT provide a mechanism for any user, including the administrator, to retrieve any authentication information in clear text. | Comply |
| 6,90 | Vendor reference manuals SHALL document activation and administration procedures for defining and enabling the generation of security alarms when communications ports are enabled or used. | Comply |
| 6,91 | Security reference and training manuals for administrators, that include details of operating system and application security functions and procedures, SHALL be provided via hardcopy and website. | Comply |
| 6,92 | Security manuals that define user access procedures SHALL be provided. | Comply |
| 6,93 | Only patches from an original operating system vendor, or third-party patches that have been approved by the original operating system vendor, SHALL be installed in an operational device. | Comply |
| 6,94 | The device SHALL log unauthorized access attempts in a local security log file. | Comply |
| 6,95 | Device system elements SHALL support use of alarm thresholds for counts of unauthorized access attempts. | Comply |
| |
Похожие:
 | Пояснительные записки, тематическое планирование и тексты учебных пособий Летней физико-математической школы. 2002 и 2003 гг | | Общие требования к первой (предквалификационной) и второй частям заявок (содержание, оформление, подача, изменение, отзыв) 15 |
| Общие требования к первой (предквалификационной) и второй частям заявок (содержание, оформление, подача, изменение, отзыв) 15 | | В соответствии с решением Совета депутатов г. Мурманска от 26. 12. 2006 года №30-357 «Об организации дошкольного образования и родительской... |
 | В соответствии с решением Совета депутатов г. Мурманска от 26. 12. 2006 года №30-357 «Об организации дошкольного образования и родительской... | | Научное содержание нир, оформленное по образцу научной публикации (объемом до 15 машинописных страниц, через 1,5 интервала) |
| Неправильное составление договора или неполное содержание влечёт за собой проблемы различного характера | | Разъяснения по выгрузке информации о прекращении банковской гарантии в иных, отличных от окончания срока гарантии случаях. 145 |
| Характеристики, структура и содержание Раздел Характеристики, структура и содержание учебной дисциплины | | Суть и содержание понятия «маркетинг». Цели, задачи, объект и предмет маркетинга. Эволюция содержания маркетинга |