The DISA STIG content is based on the SCAP Security Guide (SSG) content. DISA's STIG-creation processes and additional requirements have caused some divergence in content between the STIG and the SSG. Getting the actual content (as opposed to the way the content is formatted) in synch is an ongoing effort. The difference in the XCCDF between the STIG and the SSG is an artifact of the way SCAP has been implemented at DISA.
I hope this answers some of your questions. Thanks, Leland -- Leland Steinke, Security+ DISA FSO Technical Support Contractor tapestry technologies, Inc 717-267-5797 (DSN 570) [email protected] (gov't) [email protected] (com'l) > -----Original Message----- > From: [email protected] [mailto:scap- > [email protected]] On Behalf Of > [email protected] > Sent: Tuesday, December 10, 2013 7:42 PM > To: [email protected] > Subject: Understanding Content > > We are considering using one of the RH6 profiles from the SCAP content > on this site as a benchmark for our systems. I've looked over the site > and still have a few questions. > > Is the content and profiles here based off the "Standalone XCCDF - Red > Hat 6 STIG, Version 1, Release 2"? Or is this a completely unrelated > effort? The "Standalone XCCDF - Red Hat 6 STIG, Version 1, Release 2" > has 9 profiles ranging from MAC 1 to MAC 3, but they all have the same > checks enabled, so not much help to me. How are the Profiles found in > the SCAP content on this site determined? They seem to be good > realistic > profiles, but I'm just curious how the Profile configuration was > determined. I am just trying to understand the relationship between > the > DISA Standalone XCCDF - Red Hat 6 STIG, Version 1, Release 2 and the > content found on the https://fedorahosted.org/scap-security-guide/ > site. > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
