When the target radio receives a disable or enable command, it can choose to challenge the command initiator at a device or user level authentication. This is an enhancement to conventional radio disable method where radios could be remotely disabled without authentication.
Device Level Authentication uses the Enhanced privacy key to ensure that the originator is authorized to do this.
User Level Authentication requires the originating user to enter a challenge pass-phrase without which the target radio will continue to operate.
So using this feature, a radio will not be able to respond to a radio disable command originating from an unauthorized radio. The user can invoke a radio disable command to a radio using the encryption methods available in the CPS configuration.
The initiating radio for authenticated radio disable does not require the CfS license to use this feature - only the target radio.