Users must ensure their use of this technology/standard is consistent with VA policies and standards, including, but not limited to, VA Handbooks 61 VA Directives 6004, 6513, and 6517 and National Institute of Standards and Technology (NIST) standards, including Federal Information Processing Standards (FIPS). Allowing use of these updates and schemas provides additional functionality for SCAP 1.3 without causing any loss of existing functionality. The SCAP version 1.3 specification is defined by the combination of NIST Special Publication (SP) 800-126 Revision 3, a set of schemas, and allows the use of particular minor version updates to SCAP 1.3 component specifications and the use of particular Open Vulnerability and Assessment Language (OVAL) core schema and platform schema versions. The Security Content Automation Protocol (SCAP) is a multi-purpose framework of component specifications that support automated configuration, vulnerability, and patch checking, security measurement, and technical control compliance activities. The Security Content Automation Protocol (SCAP) is a suite of specifications that standardize the format and nomenclature by which software flaw and security configuration information is communicated, both to machines and humans. More information on the proper use of the TRM can be found on the Technologies must be operated and maintained in accordance with Federal and Department security and
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |