|

 
|
| | Name : | Matt Bishop | Organization : | University of California Davis | Post Date : | 9/30/2005 |
| Section : | 20.6.4.2 | Page no. : | 6-5 | Line no.: | | Comment : | Data Interception and Disruption requires that the ITA review and use
judgement in deciding the acceptability of the manufacturer’s documented solutions to handling new external threats to the system’s use of a telecommunications network. Since man-in-the-middle attacks do not require intrusive actions that could be caught by an Intrusion Detection System, do not require physical tapping, and are not a “new threat,” this attack is not prevented by any version of these requirements nor does it fall under the responsibility of the ITA’s review. | |
|
|