Dell C7765DN MFP Color Laser Printer User Manual

Dell C7765dn Security Target

- 22 -

Categories of TOE Setting Data (Note)

Data on access denial due to authentication failures of system administrator

Data on Customer Engineer Operation Restriction

Data on Internal Network Data Protection

Data on Security Audit Log

Data on Mailbox

Data on User Authentication

Data on Store print

Data on date and time

Data on Self Test

Note: The setting data other than TOE setting data are also stored on NVRAM and SEEPROM. Those

setting data, however, are not assumed as assets to be protected because they do not engage in TOE

security functions.

* Only the time zone / summer time information is saved in NVRAM as the data on date and time.

3.1.2. Threats

Table 5 identifies the threats addressed by the TOE. An attacker is considered to have the disclosed

information on TOE operations and low-level attack capability.

Table 5: Threats Addressed by the TOE

Threat (Identifier)

Description

T.RECOVER

An attacker may remove the internal HDD and connect it to commercial

tools so that he/she can read out and leak the document data, used

document data, security audit log data from the HDD without

authorization.

T.CONFDATA

An attacker may access, read, or alter, from control panel or system

administrator client, the TOE setting data which only a system

administrator is allowed to access.

T.DATA_SEC

An attacker may read document data and security audit log data from

control panel or Web browser without authorization.

T.COMM_TAP

An attacker may intercept or alter document data, security audit log

data, and TOE setting data on the internal network.

T.CONSUME

An attacker may access the TOE and use TOE functions without

authorization.