On Tuesday, September 02, 2014 08:48:17 AM Martin Preisler wrote: > > Several participants in the thread "Re: New report and guide in openscap > > 1.1.0" > > raised concerned over a language "The system is not compliant!" in the > > report. > > I decided to avoid using the word compliant at all in this case. > XCCDF spec defines what it means on the report but people may think > the word has a different meaning and may be shocked. > > So instead I decided to explicitly say how many rules failed or were > inconclusive. > > For example: > "The target system did not satisfy conditions of 131 rules! Furthermore, > the results of 2 rules were inconclusive. Please review rule results > and consider applying remediation."
Inconclusive is a word that I would not use. It prejudices the results by indicating that something may or may not be wrong and it can't really tell. That's not the message I want from any tool. Imagine running badblocks, aide, or find and the message output is that it's inconclusive. :-) I'd simply say something to the effect that the scan has findings that need to be reviewed. Short & simple. -Steve -- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
