System Integrity

3.2.13.1

The COE Platform implementation shall provide the capability to validate the correct operation of the hardware, software, and firmware elements of the system's security services.

Minimally satisfied by POST.

3.2.13.2

The COE Platform implementation shall provide the capability to automatically validate the correct operation of the hardware and firmware elements of the COE security services during recovery from failure.

Minimally satisfied by POST on restart.

3.2.13.3

The COE Platform implementation shall be configured such that a password must be entered to boot to a privileged start-up state.

3.2.13.4

The COE Platform implementation shall provide the capability to detect and eradicate malicious code (for example, viruses).

Virus Scan capability required. The supplier must identify a solution for review.

3.2.13.4.1

The COE Platform implementation shall provide the capability for a user to initiate a scan of hard drives and removable media for malicious code and alert the user and a trusted user if such code is detected.

Requirement should be interpreted to allow a trusted user only to initiate such a scan. (Normal user shall not access full file system). Virus Scan capability required. The supplier must identify a solution for review.

3.2.13.4.2

The COE Platform implementation shall provide the capability to automatically scan hard drives and removable media for malicious code.

Minimally satisfied by Cron invocation of Virus Scan capability. The supplier must identify a solution for review.

3.2.13.4.3

The COE Platform implementation shall provide the capability to alert the user and trusted user of the detection of malicious code by the following techniques:

3.2.13.4.3.1

Visible message on the workstation screen.

Capability required. The supplier must identify an equivalent solution for review.

3.2.13.4.3.2

Audible alarm.

Capability required. The supplier must identify an equivalent solution for review.

3.2.13.4.4

The COE Platform implementation shall provide the capability to create, maintain, and update a virus database to support virus detection and eradication.

Capability required. The supplier must identify an equivalent solution for review.

3.2.13.4.5

The COE Platform implementation shall provide the capability to capture malicious code (for example, virus) during the eradication process and store the malicious code as data in a separate file.

Virus Scan capability required. The supplier must identify a solution for review.