SCAP Settings
Security Content Automation Protocol (SCAP) is an open standard that enables automated management of vulnerabilities and policy compliance for an organization. It relies on multiple open standards and policies, including OVAL, CVE, CVSS, CPE, and FDCC policies.
When you select the SCAP and OVAL Auditing template, you can modify SCAP settings.
You can select Linux (SCAP), Linux (OVAL), Windows (SCAP), or Windows (OVAL). The following table describes the settings for each option.
Setting | Default Value | Description |
---|---|---|
Linux (SCAP) or Windows (SCAP) | ||
SCAP File | None | A valid zip file that contains full SCAP content (XCCDF, OVAL, and CPE for versions 1.0 and 1.1; DataStream for version 1.2). |
SCAP Version | 1.2 | The SCAP version that is appropriate for the content in the uploaded SCAP file. |
SCAP Data Stream ID | None |
(SCAP Version 1.2 only) The Data Stream ID that you copied from the SCAP XML file. Example: <data-stream id="scap_gov.nist_datastream_USGCB-Windows-7-1.2.3.1.zip">
|
SCAP Benchmark ID | None |
The Benchmark ID that you copied from the SCAP XML file. Example: <xccdf:Benchmark id="xccdf_gov.nist_benchmark_USGCB-Windows-7">
|
SCAP Profile ID | None |
The Profile ID that you copied from the SCAP XML file. Example: <xccdf:Profile id="xccdf_gov.nist_profile_united_states_government_configuration_baseline_version_1.2.3.1">
|
OVAL Result Type | Full results w/ system characteristics |
The information you want the results file to include. The results file can be one of the following types: full results with system characteristics, full results without system characteristics, or thin results. |
Linux (OVAL) or Windows (OVAL) | ||
OVAL definitions file | None | A valid zip file that contains OVAL standalone content. |