U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects SCAP Validation Program

Security Content Automation Protocol Validation Program SCAPVP

SCAP 1.2 Validation

Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements (NIST IR 7511 Rev. 4) released January 2016 includes updates pertaining to platforms, component specification test requirements, and introduces module validation as well as the SCAP Inside labeling program. Please see the Summary of Changes table for a complete list of changes between NISTIR 7511 Revision 3 and NISTIR 7511 Revision 4.

SCAP Capabilities

Authenticated Configuration Scanner

The capability to audit and assess a target system to determine its compliance with a defined set of configuration requirements using target system logon privileges. The ACS capability includes the functionality previously covered by FDCC Scanner and USGCB Scanner capabilities.

  • CVE Option (optional CVE support may be combined with ACS)

    The CVE option is the capability to support CVEs. This option may be awarded in conjunction with the ACS validation. The CVE option cannot be claimed by itself.

  • OCIL Option (optional OCIL support may be combined with ACS)

    The OCIL option is the capability to support the Open Checklist Interactive Language (OCIL) to collect information (data) from people and or from existing data stores by other collection efforts. The OCIL option cannot be claimed by itself. This option may only be claimed in conjunction with the Authenticated Configuration Scanner (ACS) capability

Platforms

With the release of NISTIR 7511 Revision 4, vendors may request testing of products for the following platforms.

Microsoft Windows

Microsoft Windows XP Professional with Service Pack 3

Microsoft Windows Vista with Service Pack 2 or later

Microsoft Windows 7 SP1 or later, 32-bit edition

Microsoft Windows 7 SP1 or later, 64-bit edition

Microsoft Windows 8.1 SP0 or later, 32-bit edition

Microsoft Windows 8.1 SP0 or later, 64-bit edition

Microsoft Windows 10 SP0 or later, 32-bit edition

Microsoft Windows 10 SP0 or later, 64-bit edition

Microsoft Windows Server 2012 R2 SP0 or later, 64-bit edition

Red Hat Enterprise Linux

Red Hat Enterprise Linux 5, 32-bit edition

Red Hat Enterprise Linux 5, 64-bit edition

Red Hat Enterprise Linux 6, 32-bit edition

Red Hat Enterprise Linux 6, 64-bit edition

Red Hat Enterprise Linux 7, 64-bit edition

Apple Mac OS

Apple Mac OS 10.11 (OS X El Capitan)

Contacts

SCAP Validation Inquiries
ir7511comments@nist.gov

Created November 06, 2017, Updated July 16, 2021