| Points to Remember |
|
|
|
|
|
|
|
|
|
|
|
|
| ¨ | Penetration
Testing Covered Under |
||||||||||
| Vulnerability
Assessment Class |
|||||||||||
| ¨ | Functional
Testing Limitations |
||||||||||
| – | Only
shows behavior for tested configurations |
||||||||||
| – | Cannot
be exhaustive for complex systems |
||||||||||
| – | Cannot
show absence of unspecified functions |
||||||||||
| ¨ | Main
Value of Functional Testing Is to |
||||||||||
| Show
That There Is At Least One TOE |
|||||||||||
| Configuration
That Meets ST SFRs |
|||||||||||
|
|
| 600.436 High- |
|
| Assurance
Systems |
|
| Fall
01/Security Function Testing |
| 3 |