rgula at tenablesecurity
Feb 23, 2009, 10:48 AM
Post #2 of 2
Richard Puerto wrote:
> I have run the Windows XP Desktop v.2 audit files on my workstations and
> have found that many of them are failing because the configuration does not
> exactly match the configuration in the Nessus audit compliance file.
> Are the audit compliance files not scripted to be inclusive, meaning that a
> configuration on the target host can be stricter than what FDCC requires,
> with out it showing up as a failure in the compliance scan?
This would be a great discussion for the new discussions group.
Please post it there.
The short of it is, if the underlying XCCDF file states a value, then
we test for that value. If the XCCDF policy said > value or a range
or whatever, we've reflected that in the .audit file.
Tenable Network Security
Nessus mailing list
Nessus [at] list