8.7.2. Auditing System Settings with SCAP Security Guide

The SCAP Security Guide (SSG) project's package, scap-security-guide, contains the latest set of security polices for Linux systems. Part of scap-security-guide is also a guidance for Red Hat Enterprise Linux 6 settings. To inspect the security content available with scap-security-guide, use the oscap info module:

oscap info /usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml

~]$ oscap info /usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml

Copy to Clipboard

Toggle word wrap

The output of this command is an outline of the SSG document and it contains available configuration profiles. To audit your system settings, choose a suitable profile and run the appropriate evaluation command. For example, the following command is used to assess the given system against a draft SCAP profile for Red Hat Certified Cloud Providers:

oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_rht-ccp --results ssg-rhel6-xccdf-result.xml --report ssg-rhel6-report.html /usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml

~]$ oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_rht-ccp --results ssg-rhel6-xccdf-result.xml --report ssg-rhel6-report.html /usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml

Copy to Clipboard

Toggle word wrap

返回顶部

此内容没有您所选择的语言版本。

8.7.2. Auditing System Settings with SCAP Security Guide

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links