Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: CPE Management
Special Forums Cybersecurity IT Security RSS CPE Management Post 302474251 by Linux Bot on Tuesday 23rd of November 2010 07:30:03 PM
Old 11-23-2010
CPE Management
Image  Better Stay On Top of Those CPE's

Ok for a person that is as organized as I am to not stay on top of his CPE's the way I did is strange. Couple that with the fact that I got audited not once, but twice over the last 3 months by both ISACA and ISC2 (I soon after went out and bought a lottery ticket), and I realized I was not as prepared as I should have been. Now it has been hard the last 3 years to get out to training events, meetings, etc., work and travel have prohibited it most of the time.

Never the less after going through both audit processes, I realized I needed an efficient and easy way to track my CPE's, what I had, where, when, how many CPE's were counted and by which organization, ect. This led me to use my excel document matrix skills to put together a tracking matrix for CPE's.

Also I have recently found out from a little bird I know, that both of these organizations are starting to clamp down on bogus CPE's, this I find to be a good thing, it strengthens our certifications and what they mean. But it also means its even now more important to have a system in place to know how many CPE's you have, you need and that you keep the evidence for them.

I also cannot emphasis enough of how IMPORTANT it is TO KNOW exactly what THE CPE POLICY is for the organizations you belong to and the certifications you hold. Do not assume anything, or you will find yourself scrambling during an audit or worse have to retake your test to keep your certification.

There are for example very distinctive differences between say ISACA and ISC2,  where one organization will credit a CPE and the other will not, or where they both may, but one will credit 3 CPE's for something and the other organization may only credit 1 CPE for that same thing. You need to know what these things are so you can A. pursue CPE's you can use for both and B. so you can be more efficient with your time away from work.

After self auditing myself over the last 2-3 weeks, I find out I have30 CPE's (this is over 1 cycle or 3 years) I can use with one and not the other and then 12 for the other I can use for the first one, aaaaaarrrrrrrgh, but you know that's my fault.

So to recap and maybe learn from my experience,  Better Stay On Top of Those CPE's!

Image
Image

More...
 

8 More Discussions You Might Find Interesting

1. Programming

Need to know about Event Management

Hi I need to understand abt Event Management Library for example..A module will be responsible for Handling the event posted by the other modules...and creating a new process for handling the event posted by the other modules..also after completing the event clearing of the event... Need to... (3 Replies)
Discussion started by: nathgopi214
3 Replies

2. Shell Programming and Scripting

Log Management

In a cluster there are 4 servers namely, Master-1,Master2,Slave-1,Slave-2 The logs of these servers are saved in a specific location- /nas/archive/"under the specific server name". I need to take the logs of each server,archive it and put it in another location according to the servers.can... (3 Replies)
Discussion started by: Lekha Rajesh
3 Replies

3. UNIX and Linux Applications

Password management / centralized password management

Hello all, I need help for build server call as Password management / centralized password management server. My situation and example: I have 600 server in my server room running on Linux then I need 1 server only can create login/password and then user can login to all 600 server no... (2 Replies)
Discussion started by: sheikh76
2 Replies

4. IP Networking

IP Management

Hello all, I was wondering which way do you use to manage you IPs? For example in our case we have excel sheets and we export them in html first and import it to a server running apache, so to be visible from all. But i was wondering if there are any way (prefer a way running in web server)... (2 Replies)
Discussion started by: @dagio
2 Replies

5. AIX

Help with user management

Hi When i search for a user it shows that the user doesn't exist # lsuser x090817 3004-687 User "x090817" does not exist. But under /var/spool/mail/ the file named x090817 still exists. 4700 1 -rw-rw---- 1 2090817 mail 603 Apr 12 2010 /var/spool/mail/x090817... (1 Reply)
Discussion started by: aixaixaixaix
1 Replies

6. Shell Programming and Scripting

Memory management

Hello all. I have a script that uses two arrays in the beginning. Saves certain values that i am extracting from df -h command. array1 and array2 where i is from 0 to 9. It then goes on and saves the values of the arrays into variables. for i 0 to 9 , tmp= array2 // I am no writing the... (4 Replies)
Discussion started by: Junaid Subhani
4 Replies

7. UNIX for Advanced & Expert Users

Password management

You know those lists of "the most common passwords"? I was looking at one of those because I actually want to use a really common password or two on occasion. The thing is I'm skeptical that these are legitimate lists. Most things these days require at least 8 chars with a numeral. But these lists... (1 Reply)
Discussion started by: jutnobs
1 Replies

8. What is on Your Mind?

Individual Risk Management (Personal IT Security) and Browser Cache Management

Original post from this thread on browser caching. To add to this, it is an effective security measure to clear absolutely all cached data (cookies, web content, ....) when closing the browser - i.e. in case of a shutdown. It takes a bit of work to re-login to all the sites but websites will not... (7 Replies)
Discussion started by: bakunin
7 Replies

LEARN ABOUT DEBIAN

oscap

OSCAP(8)						  System Administration Utilities						  OSCAP(8)

NAME

       oscap - OpenSCAP command line tool

SYNOPSIS

       oscap [general-options] module operation [operation-options-and-arguments]

DESCRIPTION

       oscap  is  Security  Content Automation Protocol (SCAP) toolkit based on OpenSCAP library. It provides various functions for different SCAP
       specifications(modules).

GENERAL OPTIONS

       -V, --version
	      SCAP specification supported by the module.

       -q, --quiet
	      No output for certain operations, only return code.

       -h, --help
	      Help screen.

MODULES

       oval   Open Vulnerability and Assessment Language.

       xccdf  The eXtensible Configuration Checklist Description Format.

       cpe    Common Platform Enumeration.

       cvss   Common Vulnerability Scoring System

OVAL OPERATIONS

       collect [options] definitions-file
	      Probe the system and gather system characteristics for all objects in OVAL Definition file.

	      --id OBJECT-ID
		     Collect system characteristics ONLY for specified OVAL Object.

	      --variables FILE
		     Provide external variables expected by OVAL Definitions.

	      --syschar FILE
		     Write OVAL System Characteristic into file

	      --skip-valid
		     Do not validate input/output files.

       eval [options] definitions-file
	      Probe the system and evaluate all definitions from OVAL Definition file. Print result of each definition to standard  output.  oscap
	      returns  0  if  all  definitions pass. If there is an error during evaluation, the return code is 1. If there is at least one failed
	      result definition, oscap-scan finishes with return code 2.

	      --id DEFINITION-ID
		     Evaluate ONLY specified OVAL Definition.

	      --variables FILE
		     Provide external variables expected by OVAL Definitions.

	      --directives FILE
		     Use OVAL Directives content to specify desired results content.

	      --results FILE
		     Write OVAL Results into file.

	      --report FILE
		     Create human readable (HTML) report from OVAL Results.

	      --skip-valid
		     Do not validate input/output files.

       analyse [options] --results FILE definitions-file syschar-file
	      In this mode, the oscap tool does not perform data collection on the local system, but relies upon the input file,  which  may  have
	      been generated on another system. The output (OVAL Results) is printed to file specified by --results parameter

	      --variables FILE
		     Provide external variables expected by OVAL Definitions.

	      --directives FILE
		     Use OVAL Directives content to specify desired results content.

	      --skip-valid
		     Do not validate input/output files.

       validate-xml [options] definitions-file
	      Validate	given  OVAL file against a XML schema. Every found error is printed to the standard output. Return code is 0 if validation
	      succeeds, 1 if validation could not be performed due to some error, 2 if the OVAL document is not valid.

	      --definitions, --variables, --syschar, --results --directives
		     Specify whether the validated document is an OVAL Definitions file, external  OVAL  Variables,  OVAL  System  Characteristics
		     file,  OVAL Results file or OVAL Directives file. Default: definitions.

	      --schematron
		     Turn on Schematron-based validation. It is able to find more errors and inconsistencies but is much slower.

       generate <submodule> [submodule-specific-options]
	      Generate another document form an OVAL file.

	      Available submodules:

	      report [options] oval-results-file
		     Generate  a  formatted HTML page containing visualisation of an OVAL results file. Unless the --output option is specified it
		     will be written to the standard output.

		     --output FILE
			    Write the report to this file instead of standard output.

       list-probes [options]
	      List supported object types (i.e. probes)

	      --static
		     List all probes defined in the internal tables.

	      --dynamic
		     List all probes supported on the current system (this is default behavior).

	      --verbose
		     Be verbose.

XCCDF OPERATIONS

       eval [options] xccdf-file [oval-definitions-files]
	      Perform evaluation driven by XCCDF file and use OVAL as checking engine. Print result of each rule to standard output. oscap returns
	      0  if all rules pass. If there is an error during evaluation, the return code is 1. If there is at least one failed rule, oscap-scan
	      finishes with return code 2.

	      You may specify all required OVAL Definition files as last parameters. If you don't do that, oscap tool will try to  load  all  OVAL
	      Definition files referenced from XCCDF automaticaly(search in the same path as XCCDF).

	      --profile PROFILE
		     Select a particular profile from XCCDF document.

	      --results FILE
		     Write XCCDF results into file.

	      --report FILE
		     Write HTML report into file. You also have to specify --result for this feature to work.

	      --oval-results
		     Generate  OVAL  Result  file  for	each  OVAL  session  used  for evaluation. File with name 'original-oval-definitions-file-
		     name.result.xml' will be generated for each referenced OVAL file. This option (with conjunction  with  the  --report  option)
		     also enables inclusion of additional OVAL information in the XCCDF report.

	      --export-variables
		     Generate  OVAL  Variables	documents  which contain external variables' values that were provided to the OVAL checking engine
		     during evaluation. The filename format is 'original-oval-definitions-filename-session-index.variables-variables-index.xml'.

	      --skip-valid
		     Do not validate input/output files.

       resolve -o output-file xccdf-file
	      Resolve an XCCDF file as described in the XCCDF specification. It will flatten inheritance  hierarchy  of  XCCDF	profiles,  groups,
	      rules, and values. Result is another XCCDF document, which will be written to output-file.

	      --force
		     Force resolving XCCDF document even if it is already marked as resolved.

       validate-xml [options] xccdf-file
	      Validate	given XCCDF file against a XML schema. Every found error is printed to the standard output. Return code is 0 if validation
	      succeeds, 1 if validation could not be performed due to some error, 2 if the XCCDF document is not valid.

       export-oval-variables [options] xccdf-file [oval-definitions-files]
	      Collect all the XCCDF values that would be used by OVAL during evaluation of a certain profile and export  them  as  OVAL  external-
	      variables document(s). The filename format is 'original-oval-definitions-filename-session-index.variables-variables-index.xml'.

	      --profile PROFILE
		     Select a particular profile from XCCDF document.

       generate [options] <submodule> [submodule-specific-options]
	      Generate another document form an XCCDF file such as security guide or result report.

	      --profile ID
		     Apply profile with given ID to the Benchmark before further processing takes place.

	      --format FMT
		     Specify  output  format.  This  option  applies  only  on	document  generators  (i.e. guide, report). Avalable formats: html
		     (default), docbook.

	      Available submodules:

	      guide [options] xccdf-file
		     Generate a formatted document containing a security guide from a XCCDF Benchmark. Unless the --output option is specified	it
		     will be written to the standard output. Without profile being set only groups (not rules) will be included in the output.

		     --output FILE
			    Write the guide to this file instead of standard output.

		     --hide-profile-info
			    Information on chosen profile (e.g. rules selected by the profile) will be excluded from the document.

	      report [options] xccdf-file
		     Generate  a  document  containing	results of a XCCDF Benchmark execution. Unless the --output option is specified it will be
		     written to the standard output. ID of the TestResult element to visualise defaults to the most recent  result  (according	to
		     the end-time attribute).

		     --output FILE
			    Write the report to this file instead of standard output.

		     --result-id ID
			    ID of the XCCDF TestResult from which the report will be generated.

		     --show what
			    Specify  what result types shall be displayed in the result report. The default is to show everything except for rules
			    with results notselected and notapplicable. The what part is a comma-separated list of  result  types  to  display	in
			    addition  to  the  default. If result type is prefixed by a dash '-', it will be excluded from the results. If what is
			    prefixed by an equality sign '=', a following list specifies exactly what rule types to include in the report.  Result
			    types are: pass, fixed, notchecked, notapplicable, notselected, informational, unknown, error, fail.

		     --oval-template template-string
			    To	use the ability to include additional information from OVAL in xccdf result file, a template which will be used to
			    obtain OVAL result file names has to be specified. The template can be either a filename or a string containing  wild-
			    card  character  (percent sign '%'). Wildcard will be replaced by the original OVAL definition file name as referenced
			    from the XCCDF file. This way it is possible to obtain OVAL information even from XCCDF documents referencing  several
			    OVAL  files.  To  use this option with results from an XCCDF evaluation, specify %.result.xml as a OVAL file name tem-
			    plate.

	      fix [options] xccdf-file
		     Generate a script that shall bring the system to a state of compliance with given XCCDF Benchmark.

		     --output FILE
			    Write the report to this file instead of standard output.

		     --result-id ID
			    With this option the script generating engine will pick rules that failed for given test and generate fixes  only  for
			    them.

		     --template ID|FILE
			    Template  to  be  used to generate the script. If it contains a dot '.' it is interpreted as a location of a file with
			    the template definition. Otherwise it identifies a template from standard set which currently includes: bash  (default
			    if	no  --template	switch present). Brief explanation of the process of writing your own templates is in the XSL file
			    xsl/fix.xsl in the openscap data directory. You can also take a look at the default template xsl/fixtpl-bash.xml.

CPE OPERATIONS

       check name
	      Check whether name is in correct CPE format.

       match name dictionary.xml
	      Find an exact match of CPE name in the dictionary.

CVSS OPERATIONS

       score cvss_vector
	      Calculate score from a CVSS vector. Prints base score for base CVSS vector, base and temporal score for temporal CVSS  vector,  base
	      and temporal and environmental score for environmental CVSS vector.

       describe cvss_vector
	      Describe individual components of a CVSS vector in a human-readable format and print partial scores.

       CVSS vector consists of several slash-separated components specified as key-value pairs. Each key can be specified at most once. Valid CVSS
       vector has to contain at least base CVSS metrics, i.e. AV, AC, AU, C, I, and A. Following table summarizes the components and possible val-
       ues (second column is metric category: B for base, T for temporal, E for environmental):

	      AV:[L|A|N]	    B	Access vector: Local, Adjacent network, Network

	      AC:[H|M|L]	    B	Access complexity: High, Medium, Low

	      AU:[M|S|N]	    B	Required authentication: Multiple instances, Single instance, None

	      C:[N|P|C] 	    B	Confidentiality impact: None, Partial, Complete

	      I:[N|P|C] 	    B	Integrity impact: None, Partial, Complete

	      A:[N|P|C] 	    B	Availability impact: None, Partial, Complete

	      E:[ND|U|POC|F|H]	    T	Exploitability: Not Defined, Unproven, Proof of Concept, Functional, High

	      RL:[ND|OF|TF|W|U]     T	Remediation Level: Not Defined, Official Fix, Temporary Fix, Workaround, Unavailable

	      RC:[ND|UC|UR|C]	    T	Report Confidence: Not Defined, Unconfirmed, Uncorroborated, Confirmed

	      CDP:[ND|N|L|LM|MH|H]  E	Collateral Damage Potential: Not Defined, None, Low, Low-Medium, Medium-High, High

	      TD:[ND|N|L|M|H]	    E	Target Distribution: Not Defined, None, Low, Medium, High

	      CR:[ND|L|M|H]	    E	Confidentiality requirement: Not Defined, Low, Medium, High

	      IR:[ND|L|M|H]	    E	Integrity requirement: Not Defined, Low, Medium, High

	      AR:[ND|L|M|H]	    E	Availability requirement: Not Defined, Low, Medium, High

CONTENT

	National Vulnerability Database - http://web.nvd.nist.gov/view/ncp/repository

	Red Hat content repository - http://www.redhat.com/security/data/oval/

AUTHOR

       Peter Vrabec <pvrabec@redhat.com>

Red Hat 							     Jun 2010								  OSCAP(8)
All times are GMT -4. The time now is 02:06 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy