SCAP Glossary
The following are the selected acronyms and abbreviations related to SCAP compliance:
- ARF: Asset Reporting Format
- CCE: Common Configuration Enumeration
- CCSS: Common Configuration Scoring System
- CPE: Common Platform Enumeration
- CVE: Common Vulnerabilities and Exposures
- CVSS: Common Vulnerability Scoring System
- FDCC: Federal Desktop Core Configuration
- FIRST: Forum of Incident Response and Security Teams
- NIST: National Institute of Standards and Technology
- NVD: National Vulnerability Database
- OCIL: Open Checklist Interactive Language
- OVAL: Open Vulnerability and Assessment Language
- SCAP: Security Content Automation Protocol
- TMSAD: Trust Model for Security Automation Data
- XCCDF: Extensible Configuration Checklist Document Format