SCAP package Benchmarks
A data stream can have one or more benchmarks, depending on its version. If it is version 1.2 or later it can contain several benchmarks, otherwise only one. Benchmarks contain the rules, which are the actual tests that are executed and the profiles, which are a sort of a filter on these rules.
The following information is available for benchmarks:
Parameter | Description |
|---|---|
Name | This column displays the list of names of all benchmarks contained in the checklist. |
Version | The fields of this column display the version number of this benchmark. |
Title | The field displays the exact title of this benchmark. |
Description | The field displays a more explicative description on the benchmark and what exactly it contains. |
Creator | The fields of this column display the name of the person, organization and/or service that initially created this benchmark. |
Publisher | The fields of this column display the name of the person, organization and/or service that published the benchmark. |
Contributor | The fields of this column display the name of the person, organization and/or service that contributed to the creation of the benchmark. |
Source | The fields of this column display the link from where the benchmark can be downloaded. (This is a identifier that indicates the organizational context of the benchmark's @id attribute.) |
Status | Represents the level of maturity or consensus level for this benchmark. |
Status Date | The date this benchmark achieved the indicated status. |
Platform | The target platform for this benchmark using CPE naming form. |
Additional information about the benchmark and its contents is available via its tabs and subnodes:
SCAP package Profiles
The Profiles tab displays the list of all profiles that are included in the package. It is possible that a package does not include a profile. A profile makes a preselection of the rules that are included in the package that apply to a specific role or situation. When a profile is then selected for a SCAP job this means that only the rules that are listed in this profile and not all that are included in the package are to be run.
Some profiles may have been imported from XCCDF tailoring documents. Such profiles have a name with a (tailoring) suffix.
The following information is available for profiles:
Parameter | Description |
|---|---|
Name | This column displays the list of names of all profiles contained in the checklist. |
Title | The field displays the exact title of this profile. |
Description | The field provides a more explicative description on the profile and what exactly it concerns. |
SCAP package Rules
The Rules tab displays the list of all rules that are included in the SCAP package. Rules are the actual tests that are executed on the targets to check if they are compliant to a specific requirement.
The following information is available for rules:
Parameter | Description |
|---|---|
Name | This column displays the list of names of all rules contained in the checklist. |
SCAP Rule ID | The field displays the ID of each SCAP rule. |
Description | The field provides a more explicative description on the rule and what exactly it does. |
To view the SCAP rule information
To display more detailed information about a specific rule proceed as follows:
- Select the rule for which you want more information in the right window pane.
Click Edit > Properties
.
The Properties window appears. It displays all the information available in its different tabs. Depending on the type of rule, that is, if it is CVE or CCE, the content of the window changes. If the rule has several CVEs or CCEs or both, there is one panel per CVE or CCE, each of which can be expanded and collapsed.- Click Close to close the window.