Chii chinonzi SCAP?
SCAP inotsanangurwa nekuchengetedzwa kweKachengetedzwa Kwekuchengetedzwa Kwekuchengetedza. Chinangwa chayo ndechokushandisa zvakatogadzwa-kugamuchirwa kwehutano hwemasangano kumasangano ayo haasi iye zvino kana kuti asina kushanda kusina simba.
Mune mamwe mazwi, inobvumira vashandi vekuchengeteka kuti vaone makombiyuta, software, nemamwe madivayiri achienderana nesarudzo yekuchengeteka yakatemerwa kuti vaone kana sarudzo uye mapepa emapurogiramu zvinoshandiswa kune zvavanenge vachifananidzwa nazvo.
National Vulnerability Database (NVD) ndiyo hurumende yeUnited States repository yeCAPAP.
Cherechedza: Zvimwe zvekuchengeteka zvakafanana neCAPAP zvinosanganisira SACM (Security Automation uye Continuous Monitoring), CC (Common Criteria), SWID (Software Identification) tags, uye FIPS (Federal Information Processing Standards).
SCAP Iine Zvimwe Zvikamu Zvikuru
Iko kune zvikamu zviviri zvekuchengetedzwa kweKachengetedzwa Content Automation Protocol:
SCAP Content
SCAP zvinyorwa zvinyorwa zviri pachena zviripo zvakagadzirwa neNational Institute of Standards uye Technologies (NIST) uye vashandisirwo vayo vashandi. Zvinyorwa zvinyorwa zvinoitwa kubva "zvakachengeteka" zvigadziriswa zvinogamuchirwa naNIST pamwe neshamwari dze SCAP.
Chiitiko chaizova Federal Desktop Core Configuration, icho chiri chekuchengetedzwa kwakaomeswa kushandiswa kweimwe shanduro yeMicrosoft Windows . Zvinyorwa zvinoshanda sechinyorwa chekuenzanisa kwehurongwa huri kuongororwa ne SCAP scanning tools.
SCAP Scanji
A SCAP scanner isiri iyo inofanidza chinangwa chekombiyuta kana sarudzo yekushanda uye / kana chikwata chechikwata chinopesana neicho cheSAPAP chekutanga.
Icho chigwaro chichacherechedza chero kukanganisa uye kugadzira mushumo. Vamwe SCAP scanji vanewo mano ekugadzirisa kakombiyuta inotarisirwa uye kuitora kuti iite maererano nechetsetse yepamusoro.
Kune zvikwata zvizhinji zvekutengesa uye zvakasununguka SCAP scan zvinowanikwa zvichienderana nehutano hwakatarwa hunodiwa. Mamwe mapikicha anoshandiswa kugadzirisa-kushandiswa kwepamusoro apo vamwe vakagadzirirwa kushandisa PC imwe neimwe.
Iwe unogona kuwana urongwa hweSAPAP zvishandiso paNVD. Mimwe mienzaniso yezvikwata zve SCAP zvinosanganisira ThreatGuard, Tenable, Red Hat, uye IBM BigFix.
Vashandi veChefisi vanoda ruzivo rwavo rwakavimbiswa sevari kutevera SCAP, vanogona kutaura neNVLAP yakagamuchirwa SCAP yekugadzirisa lab.