6.5.1. SCAP Scan Results¶

Components have different SCAP scans that apply to their systems.

The SCAP Security Guide is the general metric by which SIMP systems are measured.

The associated SCAP profile should be referenced in each associated document.

The following scan results are available for the various subsystems:

6.5.1.3. How to Run a SCAN¶

Download the latest SSG Release OVAL ZIP file onto the target system
Unzip the downloaded file and cd into the directory
Make sure that you have the openscap-scanner package installed
Run oscap xccdf eval --profile <profile_name> --results ~/scan-output.xml --report ~/scan-output.html ssg-<OS>-ds.xml
- You can get the list of available profiles by running oscap info ssg-<OS>-ds.xml
- For example, to run the STIG profile on CentOS 7, you would run the following command:
```
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa --results ~/scan-output.xml --report ~/scan-output.html ssg-centos7-ds.xml
```

Read the Docs v: 6.2.0-0

Versions: latest; stable; 6.2.0-0; 6.1.0-0; 6.1.0-rc1; 6.0.0-0; 6.0.0-beta; 5.2.1-0; 5.2.0-0; 5.1.0-3; 5.1.0-2; 5.1.0-1; 5.1.0-0; 4.3.1-0; 4.3.0-0; 4.2.0-2; 4.2.0-1; 4.2.0-0; master

Downloads

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.