XCCDF, OVAL, OCIL, and Supporting Enumerations Usage
The example herein is an SCAP 1.2 data stream consisting of OVAL checks for Windows password policy. As you read through the data stream, you’ll see that OVAL version 5.8 and XCCDF version 1.2 are used. The main sections in the OVAL and XCCDF are Definitions, Tests, Objects, and States. In these sections, the checks are enabled or disabled, the specific check is defined, and the required value for a pass is defined.
The OCIL portion of the data stream follows with the Questionnaires and Test Actions. The Questionnaires section defines the questions to be asked, and the Test Actions ...

Get Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.