Skip to end of metadata
Go to start of metadata
You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 5
Next »
Open Vulnerability and Assessment Language (OVAL) Requirements
- OVAL.V.1: The product's documentation (printed or electronic) must state that it uses OVAL and explain relevant details to the users of the product.
See Standards.
- OVAL.V.3 (part 1): The vendor shall provide instructions on how validation of OVAL content is performed and where errors from validation will be displayed within the product output.
On the Reports tab, search for the report named SCAP Data Validation Issues.
- OVAL.V.3 (part 2): The vendor shall provide instructions on how the user can view the XML OVAL Definitions being consumed by the product.
On the Profiles tab, select the profile of interest. On the right side, expand the groups to reveal rules. Double-clicking on a rule will then display the definitions (and their content).
- OVAL.V.4: The vendor shall provide instructions on how a valid OVAL Definitions file can be imported into the product for interpretation.
See Importing Profiles.
- OVAL.V.5 (part 1) :The vendor shall also provide instructions on where the resultant OVAL XML Full Results output can be viewed by the tester.
See Viewing Results in Other Formats.
- OVAL.V.5 (part 2): The vendor shall indicate how two or more values can be specified for a variable used by one OVAL Definition.
Michael...