• Managing Health Attestation
  • IT Administrator Guidance
  • Managing Sensitive Data
  • Local Administrator Guidance
  • Managing USB Mass Storage
  • Natively Installed Applications
    		•

    Microsoft Windows Common Criteria Evaluation Microsoft Windows 10




    Download 298.26 Kb.
    bet60/60
    Sana04.01.2022
    Hajmi298.26 Kb.
    #4840
    1   ...   52   53   54   55   56   57   58   59   60

    Windows 10

    1. Local Administrator


    The local administrator disables/enables cellular protocols for all users by disabling all cellular subnodes under the “Network adapters” node in the Device Manager.

    To start the Device Manager, type “Device Manager” in the taskbar searchbox and click on the Device Manager icon.


    1. Managing Health Attestation


    (AGD1: FPT_NOT_EXT.1) (AGD2: FPT_NOT_EXT.1)

    This section contains the following Common Criteria SFRs:



    • Extended: Self-Test Event Notification by Attestation (FPT_NOT_EXT.1(ATTEST))

      1. IT Administrator Guidance


    Health attestation policies can be managed to determine the health of enrolled Windows 10 (Anniversary Update) devices using a MDM. See the MDM solution documentation for detailed configuration actions.

    The device will create a Helath Attestation log every time the system boots. The Health Attestation logs are found in the following directory:

    %windir%\Logs\MeasuredBoot

    The contents of the Health Attestation logs may be viewed on or off the TOE using the “TPM Platform Crypto-Provider Toolkit” that can be downloaded from the following link:



    • TPM Platform Crypto-Provider Toolkit : http://research.microsoft.com/en-us/downloads/74c45746-24ad-4cb7-ba4b-0c6df2f92d5d/

    1. Managing Sensitive Data

      1. IT Administrator Guidance


    Enterprise Data Protection policies can be managed to help protect against accidental data leakage from enrolled employee-owned Windows 10 (Anniversary Update) devices by using a MDM. See the MDM solution documentation for detailed configuration actions.

      1. Windows 10

        1. Local Administrator Guidance


    Enterprise Data Protection policies are applied on enrolled devices – see section “Managing Device Enrollment” for more information about enrolling devices with an MDM.

      1. Windows 10 Mobile

          1. User Guidance


    Enterprise Data Protection policies are applied on enrolled devices – see section “Managing Device Enrollment” for more information about enrolling devices with an MDM.

    1. Managing USB Mass Storage

      1. IT Administrator Guidance


    USB Mass Storage may be enabled/disabled on the TOE by using a Mobile Device Management (MDM) solution. See the MDM solution documentation for detailed configuration actions.

    1. Natively Installed Applications


    The set of applications and system files included in the TOE are version 10.0.14393. The following embedded Excel file has the lists of files:



    1 Error 20 indicates an untrusted root in the certificate chain.

    2 “Log Location” log names shown in the table above correlate with the names enumerated by Wevtutil utility (which requires a quoted name using hyphens rather than spaces).

    3 This topic also applies to Windows 10 Anniversary Update

    4 See: Cipher Suites in Schannel: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx

    Microsoft © 2017 Page of


    Download 298.26 Kb.
    1   ...   52   53   54   55   56   57   58   59   60




    Download 298.26 Kb.
    Bosh sahifa
    Aloqalar
        Bosh sahifa
    Dərs
    Mühazirə
    Qaydalar
    Referat
    Xülasə
    Yazı


    Microsoft Windows Common Criteria Evaluation Microsoft Windows 10

    Download 298.26 Kb.