[Open-scap] SCAP not Matching STIG
Gabe Alford
redhatrises at gmail.com
Fri Oct 11 21:28:31 UTC 2019
Are the checks manual checks and can't be automated through SCAP?
On Fri, Oct 11, 2019 at 3:26 PM <joescap at mm.st> wrote:
> This may be the wrong place to ask this, but I've been looking at this for
> hours and was hoping someone could either explain what I'm seeing or point
> to someplace that I can ask.
>
> I am trying to understand why several checks are missing using the SCAP
> content with the SCAP Compliance Checker 5.2.1. Using the SCAP content
> for Windows 10 (V1R15) and comparing to the STIG of the same version there
> are several checks for Exploit Protection that is not in the SCAP content,
> but are listed in the STIG.
>
> For example V-77097 (WN10-EP-000040), V-77101 (WN10-EP-000050) are
> missing. There are several others as well for Exploit Protection.
> Shouldn't the SCAP content for V1R15 match what the STIG of the same
> version states that needs to be checked.
>
> What am I missing?
>
> Thank You
> _______________________________________________
> scap-security-guide mailing list --
> scap-security-guide at lists.fedorahosted.org
> To unsubscribe send an email to
> scap-security-guide-leave at lists.fedorahosted.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20191011/c68c47bd/attachment.htm>
More information about the Open-scap-list
mailing list