Cisco Cisco IOS Software Release 12.4(23)

To clarify the nature of the security problem that the TOE is intended to solve, this section describes the 
following:

Any assumptions about the security aspects of the environment and of the manner for which the TOE 
is intended.

Any known or assumed threats to the assets against which specific protection within the TOE or its 
environment is required.

Any organizational security policy statements or rules with which the TOE must comply.

 lists assumptions that are made in relation to the operation of TOE. 

A.NoEvil

As the security functions of the TOE can be compromised by an 
authorized administrator, administrators are assumed to be 
non-hostile and trusted to perform their duties correctly.

A.PhySec

As the security functions of the TOE can be compromised by an 
attacker with physical access to the internetworking device 
containing the TOE, it is assumed that the internetworking 
device containing the TOE is located in a physically secure 
environment.

A.Training

As the security functions of the TOE can be compromised due 
to errors or omissions in the administration of the security 
features of the TOE, it is assumed that administrators of the 
TOE have been trained to enable them to securely configure the 
TOE.

A.Trusted-CA

When configured to use digital certificates, security functions 
of the TOE can be comprised if the Certificate Authority (CA) 
that issued the certificates is not operated in a trusted manner. 
Thus, it is assumed that the issuing CA is trusted or evaluated 
to at least the same level as the TOE when the TOE is 
configured to use digital certificates. 

A.SecureTimeSource

Clock sources external to the scope of the TOE should be placed 
in a secure location and configured accurately to provide a 
trusted clock source for the TOE’s internal clock. This includes 
hardware clocks within the TOE casing or Network Time 
Protocol (NTP) servers located on a trusted network.