标准摘要
[中文适用范围]: 该报告定义了可扩展配置检查表描述格式 (XCCDF) 版本 1.2 的规范。 该报告还定义并解释了 XCCDF 1.2 文档和产品(即软件)必须满足的要求才能声明符合规范。 本报告仅适用于 XCCDF 1.2 版。 所有其他版本均超出了本报告的范围。 [外文原描述]: ISO/IEC 18180:2013 specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and scoring. ISO/IEC 18180:2013 also defines a data model and format for storing results of security guidance or checklist testing. The intent of XCCDF is to provide a uniform foundation for expression of security checklists and other configuration guidance, and thereby foster more widespread application of good security practices.
英文名称Information technology - Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2