SCAP & STIG Tutorial
In this video, I demonstrate how to run SCAP scans using the SCC tool provided to us by NWIC Atlantic, which is now publicly available. I also show you how to create Windows 10 STIG checklist and how to import the SCAP scan results to the STIG Viewer to review and remediate Not Reviewed checks. This video is for demo and test purposes only.
*STIG your system at your own risk. I recommend you create a test environment or virtual machine separate from your personal Windows machine.
"Obtaining the Software Starting with version 5.4, SCC is publicly available and can be downloaded from Defense Information Systems Agency (DISA)."
https://public.cyber.mil/stigs/scap/
Requirements and Assumptions already made prior to testing in my environment:
Windows 10 Enterprise or Pro latest featured updates (for GPO):
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
VMware Workstation Pro 16:
https://www.vmware.com/products/workstation-pro/workstation-pro-evaluation.html
You can use Oracle VirtualBox or VMware Workstation Player or Microsoft Hyper-V. I'll leave that up to you.
Downloads:
LGPO tool (used to import Group Policy Objects)
https://www.microsoft.com/en-us/download/details.aspx?id=55319
Reference:
https://www.niwcatlantic.navy.mil/2021/03/naval-information-warfare-center-atlantic-security-content-automation-protocol-compliance-checker-software-for-public-use/
Disclaimer - Opinions expressed are solely my own and do not express the views or opinions of my employer.
Видео SCAP & STIG Tutorial канала IT Videos
*STIG your system at your own risk. I recommend you create a test environment or virtual machine separate from your personal Windows machine.
"Obtaining the Software Starting with version 5.4, SCC is publicly available and can be downloaded from Defense Information Systems Agency (DISA)."
https://public.cyber.mil/stigs/scap/
Requirements and Assumptions already made prior to testing in my environment:
Windows 10 Enterprise or Pro latest featured updates (for GPO):
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
VMware Workstation Pro 16:
https://www.vmware.com/products/workstation-pro/workstation-pro-evaluation.html
You can use Oracle VirtualBox or VMware Workstation Player or Microsoft Hyper-V. I'll leave that up to you.
Downloads:
LGPO tool (used to import Group Policy Objects)
https://www.microsoft.com/en-us/download/details.aspx?id=55319
Reference:
https://www.niwcatlantic.navy.mil/2021/03/naval-information-warfare-center-atlantic-security-content-automation-protocol-compliance-checker-software-for-public-use/
Disclaimer - Opinions expressed are solely my own and do not express the views or opinions of my employer.
Видео SCAP & STIG Tutorial канала IT Videos
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Intro to STIG's & STIG Viewer](https://i.ytimg.com/vi/DCx5ZFERJz8/default.jpg)
![DISA STIGs part 1](https://i.ytimg.com/vi/hDMDdxa2j9k/default.jpg)
![Securing Infrastructure with OpenScap: The Automation Way!](https://i.ytimg.com/vi/sHZ85h2gBJk/default.jpg)
![Assessment and Remediation using the SCAP Tool](https://i.ytimg.com/vi/Q8F1Bh-fU1I/default.jpg)
![Configure and apply hardening rules in minutes with Ubuntu CIS Benchmark tooling](https://i.ytimg.com/vi/wyEX0eyoK88/default.jpg)
![An Introduction to R - A Brief Tutorial for R {Software for Statistical Analysis}](https://i.ytimg.com/vi/LjuXiBjxryQ/default.jpg)
![STIG 101: What, How and Why DISA STIGs are a GOOD thing - Asset Security](https://i.ytimg.com/vi/FhCn7_0o6nk/default.jpg)
![System Administrator Job Interview: Technical Questions and Answers](https://i.ytimg.com/vi/LtLpgcPR53E/default.jpg)
![How to improve Linux performance in a VirtualBox VM](https://i.ytimg.com/vi/tbF8jNjD_IE/default.jpg)
![Wireshark Packet Sniffing Usernames, Passwords, and Web Pages](https://i.ytimg.com/vi/r0l_54thSYU/default.jpg)
![How SSL works tutorial - with HTTPS example](https://i.ytimg.com/vi/iQsKdtjwtYI/default.jpg)
![17 How to clone ec2 instance using snapshot backup](https://i.ytimg.com/vi/jpx2lbl37nM/default.jpg)
![Using the DoD STIG and SCAP Tool Basic Rundown](https://i.ytimg.com/vi/dtHmpqevumQ/default.jpg)
![Ask ACAS - Tip 1: The 800-53 Dashboard for Configuration Auditing](https://i.ytimg.com/vi/hSvF2ZQJW_c/default.jpg)
![Kernel Basics](https://i.ytimg.com/vi/rTcnTOXf_jM/default.jpg)
![How-To Configure Windows Server 2019 as the NTP server via Group Policy](https://i.ytimg.com/vi/9OHNDZBULPo/default.jpg)
![Wazuh - How to Scan for Vulnerabilities in Windows and Linux](https://i.ytimg.com/vi/ASW5hHaGGGM/default.jpg)
![Scanning Multiple Windows Hosts with SCAP Compliance Checker (SCC)](https://i.ytimg.com/vi/HWqpdo2ePNc/default.jpg)
![MALWARE ANALYSIS - VBScript Decoding & Deobfuscating](https://i.ytimg.com/vi/3Q9-X_NRlJc/default.jpg)
![How to Export and Import Local Group Policy using LGPO](https://i.ytimg.com/vi/fBxyVgDUGU8/default.jpg)