SCAP Settings

Security Content Automation Protocol (SCAP) is an open standard that enables automated management of vulnerabilities and policy compliance for an organization. It relies on multiple open standards and policies, including OVAL, CVE, CVSS, CPE, and FDCC policies.

When you select the SCAP and OVAL Auditing template, you can modify SCAP settings.

You can select Linux (SCAP), Linux (OVAL), Windows (SCAP), or Windows (OVAL). The following table describes the settings for each option.

Setting Default Value Description
Linux (SCAP) or Windows (SCAP)
SCAP File None A valid zip file that contains full SCAP content (XCCDF, OVAL, and CPE for versions 1.0 and 1.1; DataStream for version 1.2).
SCAP Version 1.2 The SCAP version that is appropriate for the content in the uploaded SCAP file.
SCAP Data Stream ID None

(SCAP Version 1.2 only) The Data Stream ID that you copied from the SCAP XML file.

Example:

<data-stream id="scap_gov.nist_datastream_USGCB-Windows-7-1.2.3.1.zip">
SCAP Benchmark ID None

The Benchmark ID that you copied from the SCAP XML file.

Example:

<xccdf:Benchmark id="xccdf_gov.nist_benchmark_USGCB-Windows-7">
SCAP Profile ID None

The Profile ID that you copied from the SCAP XML file.

Example:

<xccdf:Profile id="xccdf_gov.nist_profile_united_states_government_configuration_baseline_version_1.2.3.1">
OVAL Result Type Full results w/ system characteristics

The information you want the results file to include.

The results file can be one of the following types: full results with system characteristics, full results without system characteristics, or thin results.

Linux (OVAL) or Windows (OVAL)
OVAL definitions file None A valid zip file that contains OVAL standalone content.