搜索

此内容没有您所选择的语言版本。

8.3.3. Scanning the System

download PDF
The main functionality of SCAP Workbench is to perform security scans on a selected system in accordance with the given XCCDF or data stream file. To evaluate your system against the selected security policy, follow these steps:
  1. Select a security policy by using either the Open SCAP Security Guide window, or Open Other Content in the File menu and search the respective XCCDF, SCAP RPM or data stream file.

    Warning

    Selecting a security policy results in the loss of any previous customization changes that were not saved. To re-apply the lost options, you have to choose the available profile and customization content again. Note that your previous customizations may not be applicable with the new security policy.
  2. To use a pre-arranged a file with customized security content specific to your use case, you can load this file by clicking on the Customization combo box. You can also create a custom tailoring file by altering an available security profile. For more information, see Section 8.3.4, “Customizing Security Profiles”.
    1. Select the (no customization) option if you do not want to use any customization for the current system evaluation. This is the default option if no previous customization was selected.
    2. Select the (open customization file...) option to search for the particular tailoring file to be used for the current system evaluation.
    3. If you have previously used some customization file, SCAP Workbench remembers this file and adds it to the list. This simplifies repetitive application of the same scan.
  3. Select a suitable security profile by clicking the Profile combo box.
    1. To modify the selected profile, click the Customize button. For more information about profile customization, see Section 8.3.4, “Customizing Security Profiles”.
  4. Select either of two Target radio buttons to scan either a local or a remote machine.
    1. If you have selected a remote system, specify it by entering the user name, host name, and the port information as shown in the following example. If you have previously used the remote scan, you can also select a remote system from a list of recently scanned machines.
      Specifying a Remote System

      Figure 8.3. Specifying a Remote System

  5. You can allow automatic correction of the system configuration by selecting the Remediate check box. With this option enabled, SCAP Workbench attempts to change the system configuration in accordance with the security rules applied by the policy, should the related checks fail during the system scan.

    Warning

    If not used carefully, running the system evaluation with the remediation option enabled could render the system non-functional.
  6. Click the Scan button to initiate the system scan.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.