[Open-scap] SCAP not Matching STIG
joescap at mm.st
joescap at mm.st
Fri Oct 11 21:40:30 UTC 2019
Using this site as a way to to look at the STIG: https://cyber.trackr.live/stig/Windows_10_STIG/1/15 and looking at V-77189, I don't see anything that indicates that it's a manual check. Maybe I'm missing something. Using the same site and going to the SCAP area and looking at the same version in SCAP format, that check (and others) are not in the SCAP.
This came up because some of our folks were scanning a system using the SCAP Compliance Checker tool and another was using a Nessus audit file (that has all the checks in the STIG enabled) and the percentage pass was much higher using the SCAP tool since several checks were not in the SCAP content.
On Fri, Oct 11, 2019, at 3:28 PM, Gabe Alford wrote:
> Are the checks manual checks and can't be automated through SCAP?
>
> On Fri, Oct 11, 2019 at 3:26 PM <joescap at mm.st> wrote:
> > This may be the wrong place to ask this, but I've been looking at this for hours and was hoping someone could either explain what I'm seeing or point to someplace that I can ask.
> >
> > I am trying to understand why several checks are missing using the SCAP content with the SCAP Compliance Checker 5.2.1. Using the SCAP content for Windows 10 (V1R15) and comparing to the STIG of the same version there are several checks for Exploit Protection that is not in the SCAP content, but are listed in the STIG.
> >
> > For example V-77097 (WN10-EP-000040), V-77101 (WN10-EP-000050) are missing. There are several others as well for Exploit Protection. Shouldn't the SCAP content for V1R15 match what the STIG of the same version states that needs to be checked.
> >
> > What am I missing?
> >
> > Thank You
> > _______________________________________________
> > scap-security-guide mailing list -- scap-security-guide at lists.fedorahosted.org
> > To unsubscribe send an email to scap-security-guide-leave at lists.fedorahosted.org
> > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list at redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
More information about the Open-scap-list
mailing list