Linux is considered to be a secure operating system by default. Still there is a lot to learn about system hardening and technical auditing. This 1-hour presentation explains the need for hardening and auditing of your systems. We discussed some additional documents and tools, to further help this endeavor.
This presentation is suitable for both beginners and those with experience in system hardening.
36. SCAP features
● Common Vulnerabilities and Exposures (CVE)
● Common Configuration Enumeration (CCE)
● Common Platform Enumeration (CPE)
● Common Vulnerability Scoring System (CVSS)
● Extensible Configuration Checklist Description Format (XCCDF)
● Open Vulnerability and Assessment Language (OVAL)
Starting with SCAP version 1.1
● Open Checklist Interactive Language (OCIL) Version 2.0
Starting with SCAP version 1.2
● Asset Identification
● Asset Reporting Format (ARF)
● Common Configuration Scoring System (CCSS)
● Trust Model for Security Automation Data (TMSAD)
36