O'Reilly logo

Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP by Greg Witte, Shane Shaffer, Matt Kerr, Melanie Cook

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

image
Appendix
XCCDF, OVAL, OCIL, and Supporting Enumerations Usage
The example herein is an SCAP 1.2 data stream consisting of OVAL checks for Windows password policy. As you read through the data stream, you’ll see that OVAL version 5.8 and XCCDF version 1.2 are used. The main sections in the OVAL and XCCDF are Definitions, Tests, Objects, and States. In these sections, the checks are enabled or disabled, the specific check is defined, and the required value for a pass is defined.
The OCIL portion of the data stream follows with the Questionnaires and Test Actions. The Questionnaires section defines the questions to be asked, and the Test Actions ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required