We are considering using one of the RH6 profiles from the SCAP content on this site as a benchmark for our systems. I've looked over the site and still have a few questions.
Is the content and profiles here based off the "Standalone XCCDF - Red Hat 6 STIG, Version 1, Release 2"? Or is this a completely unrelated effort? The "Standalone XCCDF - Red Hat 6 STIG, Version 1, Release 2" has 9 profiles ranging from MAC 1 to MAC 3, but they all have the same checks enabled, so not much help to me. How are the Profiles found in the SCAP content on this site determined? They seem to be good realistic profiles, but I'm just curious how the Profile configuration was determined. I am just trying to understand the relationship between the DISA Standalone XCCDF - Red Hat 6 STIG, Version 1, Release 2 and the content found on the https://fedorahosted.org/scap-security-guide/ site. _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
