Evaluation Reporting Record and justify sampling strategy Justify strategy for additional testing Record results of tests and conclusions Provide test configuration details
Summary Confidence that the security functions behave as specified –coverage and depth –corroboration of developer tests –additional tests Understanding before Penetration testing
Further Reading ITSEC evaluation UK SP 05 Part III, Chapter 7 CC evaluation CC Part 3, Sections 2.6.6 and 13 CEM Part 2, Chapters 5-8 (ATE sections)
Exercise - 1 Only an administrator with the appropriate authorisation shall be able to: create new user accounts delete, disable or enable existing user accounts. Identify test cases to provide adequate coverage of the above security function
Exercise - 2 Identify test cases to cover all statements all branches AB C TRUEFALSE y z TRUE
Your consent to our cookies if you continue to use this website.