McAfee PASCDE-AB-IA Product Guide - Page 49

Scoring Audits When McAfee Policy Auditor performs an audit on a system, it generates information about system compliance that includes a compliance score. The software supports the four scoring models described in the National Institute of Standards and Technology (NIST) document Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4 (http://csrc.nist.gov/publications/nistir/ir7275r3/NISTIR-7275r3.pdf): • Default scoring model • Flat unweighted scoring model • Flat scoring model • Absolute scoring model The software is preconfigured to use a normalized implementation of the flat unweighted score model. You can change the scoring model and the software recalculates scores to reflect the change. Contents Default scoring model Flat unweighted scoring model Flat scoring model Absolute scoring model Changing the scoring model Default scoring model The default scoring model computes the score independently for each collection of subgroups and rules in each group, and again for each rule and group within the audit's benchmark(s). Despite the name of the scoring model, McAfee Policy Auditor does not use this model for its preconfigured scoring model. Instead, the software uses a normalized version of the flat unweighted scoring model that makes it easier to compare audit scores. Calculating scores using the default scoring model The calculated test score under the default scoring model depends upon the number of groups, subgroups, and rules in benchmarks within an audit. This means that audits containing large benchmarks can yield a high score while audits containing small benchmarks can yield a low score. Audits can also have rules that are based on the system configuration, so it is possible, for example, for the same audit to yield one score on an Windows XP system and another score on a Windows 7 system. McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6 49