McAfee PASCDE-AB-IA Product Guide - Page 88
Statement of SCAP implementation, Statement of CVE implementation
View all McAfee PASCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 88 highlights
Appendix A: Implementing the Security Content Automation Protocol Statement of SCAP implementation Statement of SCAP implementation The Security Content Automation Protocol (SCAP) is a collection of six open standards developed jointly by various United States government organizations and the private sector. Security content conforming to the SCAP standard can be used by any product that supports the standard and the results can be shared among these products. McAfee Policy Auditor allows users to import and export benchmarks and checks that use SCAP. Users can tailor or edit benchmarks within the McAfee Benchmark Editor interface and activate them for use in audits. Benchmarks determine whether a system complies with the benchmark rules. Benchmarks also return results that can be converted to a human-readable format. Benchmarks and checks incorporate the following reference protocols to ensure that all rules are processed accurately and appropriately, and that the results appear properly in reports and export files: • Common Vulnerabilities and Exposures (CVE) • Common Configuration Enumeration (CCE) • Common Platform Enumeration (CPE) • Common Vulnerability Scoring System (CVSS) • eXtensible Configuration Checklist Description Format (XCCDF) • Open Vulnerability and Assessment Language (OVAL) McAfee Policy Auditor version 6.0 is compliant with SCAP 1.1 and provides the ability to detect and assess thousands of systems from a McAfee Policy Auditor server. This standardization allows regulatory authorities and security administrators to construct definitive security guidance and to compare results reliably and repeatedly. McAfee Policy Auditor is designed exclusively around SCAP and manages all aspects of analyzing systems for compliance. It uses XCCDF and OVAL to determine what items to check and how to check them. It uses the CPE, CCE, CVSS, and CVE reference protocols to ensure that all rules are accurately and appropriately evaluated during system audits. The SCAP standard references are visible in the interface, reports, and export files. Statement of CVE implementation McAfee Policy Auditor version 6.0 fully implements and supports the Common Vulnerabilities and Exposures (CVE) standard vulnerability dictionary. CVE provides unique, standardized identifiers for security vulnerabilities. CVE address vulnerability and exposure issues, not compliance items. McAfee Policy Auditor implements and supports CVE enumeration, which provides standardized references to known vulnerabilities. CVE uses a named list of information security weaknesses, providing standardized identifiers to facilitate a universal naming convention. Each CVE identifier consists of: • A CVE identifier number, such as CVE-2008-0042. • An indication of whether the CVE has a status of "entry" or "candidate." • A description of the vulnerability. • A list of any references, such as advisories or OVAL identification. 88 McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6