FAU_GEN.1.1 - more tests or defer for annex?

[jeffblank]

We need to decide whether to add more audit events as noted in https://github.com/commoncriteria/operatingsystem/wiki/Analysis-of-DISA-OS-Security-Requirements-Guide or to let them get added to a DoD Annex, where they could grow without bound.

[ajcousi]

Can we not limit the audit to only specific security issues (failed log on etc) - anything else isn't a security thing surely.

[ajcousi]

updated FAU_GEN.1.1 to include more tests from http://www.sandia.gov/FSO/PDF/flowdown/Final_CNSSI_1253.pdf