Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Extensible Configuration Checklist Description Format (XCCDF) Requirements

  • The product's documentation (printed or electronic) must state that it uses XCCDF and explain the relevant details to the users of the product.

    See Standards.
  • The vendor shall provide instructions on how and where XCCDF schema errors will be displayed within the product output.

    In Reports tab, search for the report called SCAP Data Validation Issues.
  • The vendor shall provide instructions on how to import XCCDF files for execution and provide instructions on where the XCCDF Results can be located for visual inspection. Use of any XCCDF-capable check system(s) is permitted. The purpose of this requirement is to ensure that the product produces valid XCCDF Results and a matching pass/fail result for a given Rule.

    Right-click on the computer in the view at the bottom of the policy that has completed an assessment, then click Resource Manager. Under the Data tab, navigate to the Event Classes accordion item, then to Data Classes > Arellia > Security Analysis > OVAL Analysis. Select the assessment in the list, then right-click and click View Raw Xccdf Results.
  • The vendor shall provide instructions on how the user can select an XCCDF Profile when executing a valid XCCDF content file.

    See Creating a Policy.
  • The vendor shall provide instructions on how the product generates human-readable prose from valid XCCDF documents.

    See Viewing Profiles.

XCCDF + OVAL Requirements

  • (Input) The vendor shall provide documentation and instruction on how to import an SCAP-expressed data stream for the target platform, including XCCDF and OVAL content, into the product.

    See Importing Profiles.
  • (Output) The vendor shall provide instruction on where the corresponding XCCDF and OVAL results files can be located for inspection.

    Right-click on the computer in the view at the bottom of the policy that has completed an assessment, then click Resource Manager. Under the Data tab, navigate to the Event Classes accordion item, then to Data Classes > Arellia > Security Analysis > OVAL Analysis. Select the assessment in the list, then right-click and click View Raw Oval Results Document or View Raw XCCDF Results.

XCCDF + CCE Requirements

  • The vendor shall provide instructions on where the XCCDF Rules and their associated CCE IDs can be visually inspected within the product output.

    See Viewing Analysis Results. CCE IDs are listed in the rule configuration when double-clicked in the Compliance Viewer.

XCCDF + OVAL + CPE Requirements

  • The vendor shall provide instructions on how the product indicates the validity of the imported SCAP-expressed data stream to a target platform. Instructions should also describe how the imported data stream is indicated to not be valid for a target platform. This requirement is testing the use of the OVAL check associated with a CPE name via the CPE dictionary to determine applicability of the data stream.

    See Creating a Policy. Selecting the profile will choose the associated target computers (if any exist).
  • No labels