With this API, you can get the details of a specified control within a specified section of a compliance policy.
|
Parameter |
Required/Optional |
Data Type |
Description |
|---|---|---|---|
| policyId={value} | Required | Integer | The ID of the policy for which you want to list all section details. |
| sectionNumber={value} | Required | Integer | Enter the section number for which you want to list all details. |
| controlId={value} | Required | Integer | Enter the ID of the control for which you want to retrieve the details. |
API Request
curl -X 'GET' \'<qualys_base_url>/pcas/v3/policy/section/control?policyId=5656121§ionNumber=1&controlId=1072'
\ -H 'accept: application/json'
\ -H 'Authorization: Bearer 'token'XML Output
{
"controlId": 1071,
"sectionNumber": 1,
"controlNumber": 1,
"statement": "Status of the 'Minimum Password Length' setting",
"criticality": "URGENT",
"isControlDisable": false,
"technologies": [
{
"technologyId": 1,
"technologyName": "Windows XP desktop",
"evaluate": {
"dp": {
"k": "win.auth.passwords.minlen",
"v": [
"0"
],
"l": 0,
"description": "The following Integer value <B>X</B> indicates the current status of the <B>Minimum Password Length (min_pass_len)</B> setting for local accounts.",
"op": "ge",
"fv": [
{
"value": "161803399999999",
"set": "0",
"description": "Attribute not found"
}
]
}
},
"remediation": "To establish the recommended configuration via GP, set the following UI path to 14 or more character(s):\n\n\tComputer Configuration\\Policies\\Windows Settings\\Security Settings\\Account Policies\\Password Policy\\Minimum password length",
"rationale": "Among the several characteristics that make 'user identification' via password a secure and workable solution is setting a 'minimum password length' requirement. Each character that is added to the password length squares the difficulty of breaking the password via 'brute force,' which attempts using every combination possible within the password symbol set-space, in order to discover a user's password. While no 'minimum length' can be guaranteed secure, eight (8) is commonly considered to be the minimum for most application access, along with requiring other password security factors, such as increasing the size of the symbol set-space by requiring mixed-cases, along with other forms of password variability creation, increases the difficulty of breaking any password by brute-force attack."
}
]
}