This isn't the right forum, since it's specifically for RH and other Linux 
based scores.  You're probably going to have to contact DISA directly related 
to problems with the Windows STIGs and benchmarks.

Tom A.

-----Original Message-----
From: <> 
Sent: Friday, October 11, 2019 5:26 PM
Subject: EXTERNAL: SCAP not Matching STIG

This may be the wrong place to ask this, but I've been looking at this for 
hours  and was hoping someone could either explain what I'm seeing or point to 
someplace that I can ask.

I am trying to understand why several checks are missing  using the SCAP 
content with the SCAP Compliance Checker 5.2.1.   Using the SCAP content for 
Windows 10 (V1R15) and comparing to the STIG of the same version there are 
several checks for Exploit Protection that is not in the SCAP content, but are 
listed in the STIG.

For example  V-77097 (WN10-EP-000040), V-77101 (WN10-EP-000050) are missing.  
There are several others as well for Exploit Protection.  Shouldn't the SCAP 
content for V1R15 match what the STIG of the same version states that needs to 
be checked. 

What am I missing?

Thank You
scap-security-guide mailing list --
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

Open-scap-list mailing list

Reply via email to