Feb 5, 2013 - SCAPVAl (SCAP Validation Tool) Provides information about whether .... R.300: The SCAP capabilities claime
The attached DRAFT document (provided here for HISTORICAL purposes) has been superseded by the following publication: Publication Number:
NIST Interagency Report 7511, Revision 3
Title:
Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements
Publication Date:
02/05/2013
• Final Publication: http://dx.doi.org/10.6028/NIST.IR.7511 • Related Information on CSRC: http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7511 • Information on other NIST Computer Security Division publications and programs can be found at: http://csrc.nist.gov/
The following information was posted with the attached DRAFT document: Final Approval of NIST Interagency Report (IR) 7511 Revision 3 is now available February 5, 2013 NIST announces the release of NIST Interagency Report (NISTIR) 7511 Revision 3, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements. NISTIR 7511 defines the requirements that must be met by products to achieve SCAP 1.2 Validation. Validation is awarded based on a defined set of SCAP capabilities by independent laboratories that have been accredited for SCAP testing by the NIST National Voluntary Laboratory Accreditation Program. NISTIR 7511 Revision 3 has been written primarily for accredited laboratories and for vendors interested in producing SCAP validated products.
Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements (DRAFT) John Banghart Stephen Quinn David Waltermire Andrew Bove
NIST Interagency Report 7511 Revision 3 (Draft)
Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements (DRAFT)
John Banghart Stephen Quinn David Waltermire Andrew Bove
C O M P U T E R
S E C U R I T Y
Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 March 2012
U.S. Department of Commerce
John E. Bryson, Secretary National Institute of Standards and Technology
Dr. Patrick D. Gallagher, Under Secretary for Standards and Technology and Director
SECURITY CONTENT AUTOMATION PROTOCOL (SCAP) VERSION 1.2 VALIDATION PROGRAM TEST REQUIREMENTS (DRAFT)
Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference >
ACS primarily supports use-cases identified by the value CONFIGURATION, and AVPS supports use-cases identified by the value VULNERABILITY. Other use-case values include INVENTORY and OTHER. The following table maps use-cases to OVAL test types: Table 5-3 OVAL Test vs. Use-Case Types
Test Access Token Test Active Directory Test Audit Policy Environment Variable Test environmentvariable58 Family Test File File audit Permission
Compliance X X X X X X X X
38
Vulnerability
Inventory
X X
X X
SECURITY CONTENT AUTOMATION PROTOCOL (SCAP) VERSION 1 VALIDATION PROGRAM TEST REQUIREMENTS (DRAFT)
File Audit Permission 53 File Effective Rights File Effective Rights 53 File Hash Test FileMD5 Test fileset_test fix_test Group SID Test Group Test inetd Test inetlisteningservers_test Interface Test isainfo_test LDAP Test line_test Lockout Policy Metabase Test oslevel_test package_test Partition Password Password Policy patch_test patch53_test patch54_test patch56_test plist_test Port Test Printer Effective Rights Process Test process58 Test Registry Test RegKey Audit Permission RegKey audit Permission 53 RegKey Effective Rights RegKey Effective Rights 53 RPM Info RPM Verify rpminfo_test runlevel SE Linux Boolean
X X X X X X X X X X
X X
X X X X X X
X X X
X
X X X X X X X X
X
X X X X X X X X X X X X X
39
X X
X
X
X
X
X
SECURITY CONTENT AUTOMATION PROTOCOL (SCAP) VERSION 1 VALIDATION PROGRAM TEST REQUIREMENTS (DRAFT)
Service Effective rights shadow Test shared Resource Sid Sid Test SID Test smf_test SQL Test sql57_test swlist_test text file content test textfilecontent54 Test UAC Test uname unknown test User Sid Test User Test User Test user_sid_55 Test Variable Test version_test Volume Test WMI Test wmi57 Test WUA Update Searcher Test xinetd Test XML File content test
X X X X X X X X X X X X X X X X X X X X X X X X
40
X
X X X
X
X X
X
X
X
X
SECURITY CONTENT AUTOMATION PROTOCOL (SCAP) VERSION 1 VALIDATION PROGRAM TEST REQUIREMENTS (DRAFT)
6.
Appendix A—Acronyms and Abbreviations
This appendix contains selected acronyms and abbreviations used in the publication. AI ARF
Asset Identification Asset Reporting Format
CCE CCSS CPE CVE CVSS
Common Configuration Enumeration Common Configuration Scoring System Common Platform Enumeration Common Vulnerabilities and Exposures Common Vulnerability Scoring System
DTR
Derived Test Requirements
FDCC FIRST
Federal Desktop Core Configuration Forum of Incident Response and Security Teams
ID IETF IR IT ITL
Identifier Internet Engineering Task Force Interagency Report Information Technology Information Technology Laboratory
NIST NSA NCP NVD NVLAP
National Institute of Standards and Technology National Security Agency National Checklist Program National Vulnerability Database National Voluntary Laboratory Accreditation Program
OCIL OMB OS OVAL
Open Checklist Interactive Language Office of Management and Budget Operating System Open Vulnerability and Assessment Language
