Statement Of Cce Implementation; Statement Of Cpe Implementation - McAfee PASCDE-AB-IA - Policy Auditor For Servers Product Manual

Appendix A: Implementing the Security Content Automation Protocol

Statement of CCE implementation

McAfee Policy Auditor patch and vulnerability definitions are updated periodically when new
content is available. The audit results can be viewed from the Audits, Reports, or Dashboard
user interfaces.
CVE information is accessible from the Checks interface, which displays details of Common
Vulnerabilities. Users have the ability to view even more detailed CVE information from the
Check Details page, which displays the Source, ID, and URL. For example, the URL
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2122
view details about CVE-2005-2122. The security content provided by McAfee refers to CVE
identifiers when addressing vulnerabilities and whether a vendor's patch has been applied to
address the vulnerability.
Previous versions of McAfee Policy Auditor have been certified by Mitre as CVE-Compatible.
Statement of CCE implementation
CCE provides a standard system for identifying and referencing system configuration settings.
CCE identifies the configuration itself, not the means by which that configuration was reached.
CCE encourages interoperability, improves the correlation of test results, and simplifies gathering
metrics.
McAfee Policy Auditor includes CCE references in the checks content. The Checks tab lists all
the checks available to users. Clicking on a check with CCE content lists CCE references that
identify the CCE system configuration settings.
McAfee Policy Auditor version 6.0 incorporates and supports version 5.0 of the Common
Configuration Enumeration (CCE) standard. Previous versions of McAfee Policy Auditor have
been certified by Mitre as CCE-Compatible.

Statement of CPE implementation

McAfee Policy Auditor version 6.0 implements version 2.1 of the Common Platform Enumeration
(CPE) standard. CPE provides a standard reference and notation method for information
technology systems, platforms, and packages.
McAfee Policy Auditor contains the CPE data dictionary in the database with some of it in
aggregated format to promote ease of use. Information from this dictionary drives various aspects
of the McAfee Policy Auditor interface. McAfee Policy Auditor associates OVAL definitions with
CPE Names and allows users to specify CPE names at the benchmark, group, profile, or rule
level. McAfee Policy Auditor users can create audits with SCAP content that cover a number
of common operating systems and platforms.
When CPE platforms are specified, McAfee Policy Auditor uses this information to determine
whether it should evaluate compliance with a rule or group of rules. For example, an audit can
cover both Windows XP and Windows Vista operating systems but not the Windows 2000
operating system. CPE allows McAfee Policy Auditor to use the correct content on the correct
systems.
Previous versions of McAfee Policy Auditor have been certified by Mitre as CPE-Compatible.
McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6
refers the user to the Mitre site to
89