Содержание
Скачать 2.18 Mb.
|
| 6,96 | Device system elements alarm count thresholds of unauthorized access attempts SHALL be settable only by those individuals, granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,97 | Device unauthorized access attempt alarm messages SHALL be transmitted to an element manager function. | Comply |
| 6,98 | Device unauthorized access attempt alarm message transmission destination SHALL be settable only by those individuals, granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,99 | The device SHALL provide a mechanism to end a session through a secure logoff procedure. | Comply |
| 6,100 | If a session gets interrupted due to events such as time-out, power failure, or link disconnection, the device SHALL prevent someone else from continuing the session as an imposter. | Comply |
| 6,101 | Devices that perform routing and bridging functions SHALL have the capability to control various types of network interfaces (e.g., Ethernet® connection) so that access control screening is not bypassed. | Comply |
| 6,102 | The device SHALL have the ability to control access to commands that affect its configuration, routing, and flow control, and any other features that determine how it handles traffic. | Comply |
| 6,103 | The device SHALL have the capability to control the number of concurrent user accesses permitted at various resource levels (e.g., file). | Comply |
| 6,104 | Device system log file time & date stamps SHALL be based on Device system time & date information. | Comply |
| 6,105 | Device system time & date information SHALL be synchronized with other Device and EML, NML, SML and BML systems by use of the Network Time Protocol version 3 including support for RY 1305 Appendix C message authentication. | Comply |
| 6,106 | The device SHALL write entries to a security log. | Comply |
| 6,107 | Device security log entries SHALL include a description of the action that is being logged. | Comply |
| 6,108 | Device security log entries SHALL include an action identifier. | Comply |
| 6,109 | Device security log entries SHALL include the identity of the user that initiated the action, including associated terminal, port, network address, or communication Device. | Comply |
| 6,110 | Device security log entries SHALL include the date and time the action occurred. | Comply |
| 6,111 | The device SHALL write entries to a security log whenever a Login identifier is added, changed or deleted. | Comply |
| 6,112 | The device SHALL write entries to a security log whenever a Login password is added, changed or deleted. | Comply |
| 6,113 | The device SHALL write entries to a security log whenever an authorized login occurs. | Comply |
| 6,114 | The device SHALL write entries to a security log whenever an authorized logout occurs. | Comply |
| 6,115 | The device SHALL write entries to a security log whenever an unauthorized or invalid login occurs. | Comply |
| 6,116 | The device SHALL write entries to a security log whenever a security lockout of a keyboard or session is removed. | Comply |
| 6,117 | The device SHALL write entries to a security log whenever an unauthorized/invalid login threshold is changed. | Comply |
| 6,118 | The device SHALL write entries to a security log whenever a time interval that controls keyboard or session lockout is changed. | Comply |
| 6,119 | The device SHALL write entries to a security log whenever an ACL is created, modified or deleted. | Comply |
| 6,120 | The device SHALL write entries to a security log whenever an authorized attempt to access resources (including data and transactions) occurs. | Comply |
| 6,121 | The device SHALL write entries to a security log whenever an unauthorized attempt to access resources (including data and transactions) occurs. | Comply |
| 6,122 | The device SHALL write entries to a security log whenever changes to security profiles and attributes occurs. | Comply |
| 6,123 | The device SHALL write entries to a security log whenever changes to access rights of resources occurs. | Comply |
| 6,124 | The device SHALL write entries to a security log whenever changes to the security configuration (e.g., routing to a security server)) occurs. | Comply |
| 6,125 | The device SHALL write entries to a security log whenever modification of software occurs. | Comply |
| 6,126 | The device SHALL write entries to a security log whenever an unauthorized access threshold is changed. | Comply |
| 6,127 | “Modify” or ”Delete” access to device security logs SHALL be allowed only to element functions and individuals granted the access control level of “Root”, “Administrator” or “Security”. | Comply |
| 6,128 | “Read” and “Write” access to device security logs SHALL be allowed only to element functions and individuals granted the access control level of “Root”, “Administrator” or “Security” or “Backup”. | Comply |
| 6,129 | “Modify” or ”Delete” access to device administrative logs SHALL be allowed only to element functions and individuals granted the access control levels of “Administration” or “Security”. | Comply |
| 6,130 | “Read” and “Write” access to device administrative logs SHALL be allowed only to element functions and individuals granted the access control levels of “Administration” or “Backup”. | Comply |
| 6,131 | All device security related audit trails must be collected, stored, archived, and reported to the Management System in real-time. | Comply |
| 6,132 | The device SHALL provide a mechanism for the administrator to optionally record and maintain the audit log in an encrypted encoding. | Comply |
| 6,133 | The device SHALL provide a mechanism for the administrator to dynamically control the types of events recorded in the audit log. | Comply |
| 6,134 | Dynamic control of the types of events recorded SHALL include selective disabling of the recording of default audit events and the inclusion of other events such as the following: Valid user authentication attempts. | Comply |
| 6,135 | Dynamic control of the types of events recorded SHALL include selective disabling of the recording of default audit events and the inclusion of other events such as the following: Creation and deletion of network resources. | Comply |
| 6,136 | Dynamic control of the types of events recorded SHALL include selective disabling of the recording of default audit events and the inclusion of other events such as the following: Changes in network configuration. | Comply |
| 6,137 | Dynamic control of the types of events recorded SHALL include selective disabling of the recording of default audit events and the inclusion of other events such as the following: Changes in security states of users, services, and nodes. | Comply |
| 6,138 | The device SHALL contain a real-time mechanism that is able to monitor the occurrence or accumulation of security auditable events that may indicate an imminent security violation. This mechanism SHALL be able to immediately notify the administrator when administrator-defined thresholds are exceeded, and, if the occurrence or accumulation of these security relevant events continues, the device SHALL provide the capability to take the least disruptive action to terminate the event. | Comply |
| 6,139 | There SHALL be no mechanism to disable the auditing of administrative actions performed by privileged users. | Comply |
| 6,140 | Actual or attempted authentication data (e.g., passwords) SHALL NOT be recorded in the security log. | Comply |
| 6,141 | The device SHALL support the capability to securely off-load audit data to other media for analysis and storage. | Comply |
| 6,142 | |
Похожие:
 | Пояснительные записки, тематическое планирование и тексты учебных пособий Летней физико-математической школы. 2002 и 2003 гг | | Общие требования к первой (предквалификационной) и второй частям заявок (содержание, оформление, подача, изменение, отзыв) 15 |
| Общие требования к первой (предквалификационной) и второй частям заявок (содержание, оформление, подача, изменение, отзыв) 15 | | В соответствии с решением Совета депутатов г. Мурманска от 26. 12. 2006 года №30-357 «Об организации дошкольного образования и родительской... |
 | В соответствии с решением Совета депутатов г. Мурманска от 26. 12. 2006 года №30-357 «Об организации дошкольного образования и родительской... | | Научное содержание нир, оформленное по образцу научной публикации (объемом до 15 машинописных страниц, через 1,5 интервала) |
| Неправильное составление договора или неполное содержание влечёт за собой проблемы различного характера | | Разъяснения по выгрузке информации о прекращении банковской гарантии в иных, отличных от окончания срока гарантии случаях. 145 |
| Характеристики, структура и содержание Раздел Характеристики, структура и содержание учебной дисциплины | | Суть и содержание понятия «маркетинг». Цели, задачи, объект и предмет маркетинга. Эволюция содержания маркетинга |