...
Did you use Alternative Means? If yes, describe briefly the process.
Virginia Virginia Tech used alternative means for the Credential Technology, IAP section 4.2.3. As described above, Virginia Tech's credential is a personal digital certificate (PDC) stored on the multi-factor SafeNet 64K USB eToken PRO device. The Shared Authentication Secret is the Private Key component of the X.509 certificate. The Private Key is generated onboard the eToken, and cannot be exported off the device. Access to the Private Key is activated using a password that meets the requirements for "stron" resistance to guessing Authentication Secrets outlined in section 4.2.3.3. Virginia Tech asserts that the PDC on the eToken meets or exceeds the criteria outlined in section 4.2.3.
The process for submitting this alternative means first involved providing the auditor with evidence that the SafeNet 64K USB eToken PRO device would
Scope:
Gap Analysis:
Management Assertion:
...