Family behaviour
This family defines the response to be taken in case of detected events indicative of a potential security violation.
Component levelling
At FAU_ARP.1 Security alarms, the TSF shall take actions in case a potential security violation is detected.
Management: FAU_ARP.1
The following actions could be considered for the management functions in FMT:
a) the management (addition, removal, or modification) of actions.
Audit: FAU_ARP.1
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP/ST:
a) Minimal: Actions taken due to imminent security violations.