McAfee PASCDE-AB-IA Product Guide - Page 89
Statement of CCE implementation, Statement of CPE implementation
View all McAfee PASCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 89 highlights
Appendix A: Implementing the Security Content Automation Protocol Statement of CCE implementation McAfee Policy Auditor patch and vulnerability definitions are updated periodically when new content is available. The audit results can be viewed from the Audits, Reports, or Dashboard user interfaces. CVE information is accessible from the Checks interface, which displays details of Common Vulnerabilities. Users have the ability to view even more detailed CVE information from the Check Details page, which displays the Source, ID, and URL. For example, the URL http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2122 refers the user to the Mitre site to view details about CVE-2005-2122. The security content provided by McAfee refers to CVE identifiers when addressing vulnerabilities and whether a vendor's patch has been applied to address the vulnerability. Previous versions of McAfee Policy Auditor have been certified by Mitre as CVE-Compatible. Statement of CCE implementation CCE provides a standard system for identifying and referencing system configuration settings. CCE identifies the configuration itself, not the means by which that configuration was reached. CCE encourages interoperability, improves the correlation of test results, and simplifies gathering metrics. McAfee Policy Auditor includes CCE references in the checks content. The Checks tab lists all the checks available to users. Clicking on a check with CCE content lists CCE references that identify the CCE system configuration settings. McAfee Policy Auditor version 6.0 incorporates and supports version 5.0 of the Common Configuration Enumeration (CCE) standard. Previous versions of McAfee Policy Auditor have been certified by Mitre as CCE-Compatible. Statement of CPE implementation McAfee Policy Auditor version 6.0 implements version 2.1 of the Common Platform Enumeration (CPE) standard. CPE provides a standard reference and notation method for information technology systems, platforms, and packages. McAfee Policy Auditor contains the CPE data dictionary in the database with some of it in aggregated format to promote ease of use. Information from this dictionary drives various aspects of the McAfee Policy Auditor interface. McAfee Policy Auditor associates OVAL definitions with CPE Names and allows users to specify CPE names at the benchmark, group, profile, or rule level. McAfee Policy Auditor users can create audits with SCAP content that cover a number of common operating systems and platforms. When CPE platforms are specified, McAfee Policy Auditor uses this information to determine whether it should evaluate compliance with a rule or group of rules. For example, an audit can cover both Windows XP and Windows Vista operating systems but not the Windows 2000 operating system. CPE allows McAfee Policy Auditor to use the correct content on the correct systems. Previous versions of McAfee Policy Auditor have been certified by Mitre as CPE-Compatible. McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6 89