Richard Puerto wrote: > I have run the Windows XP Desktop v.2 audit files on my workstations and > have found that many of them are failing because the configuration does not > exactly match the configuration in the Nessus audit compliance file. > > Are the audit compliance files not scripted to be inclusive, meaning that a > configuration on the target host can be stricter than what FDCC requires, > with out it showing up as a failure in the compliance scan? > > Richard
hi Richard, This would be a great discussion for the new discussions group. https://discussions.nessus.org/ Please post it there. The short of it is, if the underlying XCCDF file states a value, then we test for that value. If the XCCDF policy said > value or a range or whatever, we've reflected that in the .audit file. Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
