Skip to end of banner Go to start of banner

CCE

Skip to end of metadata

Created by Anonymous, last modified on Feb 17, 2011

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Common Configuration Enumeration (CCE)

The product's documentation (printed or electronic) must state that it uses CCE and explain relevant details to the users of the product.

The vendor shall provide instructions on how product output can be generated that contains a listing of all security configuration issue items both with and without CCE IDs. Instructions shall include where the CCE IDs and the associated vendor supplied and/or official CCE descriptions can be located within the product output.

The vendor shall provide instructions noting where the CCE ID can be located within the product output. The vendor shall provide procedures and a test environment (if necessary) so that the product will output configuration issues with associated CCE IDs.

The vendor shall provide documentation (printed or electronic) indicating how security configuration issue items can be located using CCE names.

The vendor shall provide instructions on where the dates for all offline CCE data can be inspected in the product output.

No labels