SCAP Benchmarks and profiles

An SCAP Benchmark is a collection of Security Content Automation Protocol (SCAP) content organized in XCCDF format. An SCAP Benchmark can optionally include profiles.

An SCAP Benchmark is an SCAP source data stream, also known as an XCCDF expressed data stream. The XCCDF file contains references to other files, such as the OVAL definitions and patches. All of these files comprise the SCAP Benchmark.

A benchmark can optionally define profiles, which are variations of rules for different classes of servers.

For example, an SCAP Benchmark might include three profiles: one for production servers, one for development servers, and one for testing servers. Password integrity rules in the benchmark might have different tests for each of the profiles. The production profile might require passwords that are 8 characters in length and change every 3 months; whereas the testing profile might allow 4-character passwords and not test for the frequency of changes.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*