Update transmitted data confidentiality requirement

#### 5.2.X.x **MI-CDTX**: Protect confidentiality of data transmitted by product

The product shall protect data transmitted by the product from unauthorized access.

The product shall protect data transmitted by the product from unauthorized access on the local network.

Guidance: Protecting confidentiality of data transmitted across indirectly attached networks is not the responsibility of the network interface.

  * Reference: TR-CDTX

#### 5.2.X.x Mapping of mitigations to risk factors and security profiles

| Risk factors                   | Requires mitigations |

|--------------------|----------------------|

| SDT < 1 or NET < 1 | none                 |

|--------------------------------|----------------------|

| (NET < 1 & LIS < 1) or SDT < 1 | none                 |

| all others                     | CDTX                 |

| Security Profile | Requires mitigations |

**[LIS]** Ease of reading from transmission media of directly attached network by unauthorized agents

Description: Likelihood that unauthorized agents can read data from the transmission media on the directly attached network. For example, a wireless network in an apartment that is accessible from the shared hallway or another apartnement, or a wired network with exposed jacks in a public library.

Description: Likelihood that unauthorized agents can read data from the transmission media on the directly attached network. For example, a wireless network in an apartment that is accessible from the shared hallway or another apartment, or a wired network with exposed jacks in a public library.

Rationale: While confidentiality of data transmitted across public networks is usually handled by the system the network interface is integrated into, the network interface is usually responsible for confidentiality on the local directly attached network.