Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

How can agencies use Security Content Automation Protocol (SCAP) USGCB content to automate FISMA compliance of technical controls?

agencies automate automation compliance content FISMA Protocol scap security usgcb
0
Posted

How can agencies use Security Content Automation Protocol (SCAP) USGCB content to automate FISMA compliance of technical controls?

0 CommentsAdd a Comment

1 Answer

0

The XCCDF-based SCAP content contains Common Configuration Enumeration (CCE) identifiers. The CCEs are mapped to the 800-53 controls and posted to the National Vulnerability Database (NVD) data feed located at http://nvd.nist.gov/cce.cfm. CCE to 800-53 mappings can also be obtained on a per checklist basis for Tier III checklists at checklists.nist.gov. This data can be used to demonstrate NIST Special Publication (SP) 800-53 assessment and compliance evidence.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123