All Symantec Control Compliance Suite (CCS) SCAP Evaluation results return with around 97% failure.

book

Article ID: 158380

calendar_today

Updated On:

Products

Control Compliance Suite Windows

Issue/Introduction

When the customer runs an SCAP evaluation job such as the SCAP benchmark located at https://iase.disa.mil/stigs/os/windows/u_windows_2008_r2_ms_v1r7_stig_benchmark_20130329.zip, the results returned revealed that almost every check had failed, usually around or near the 97% mark.

An error from the Data Collector would appear as something like this:

6/12/2013 1:47:40 PM,Windows Data Collector: query returned with message(s).," Error occurred while fetching trustees : The Trustee parameter regular expression is invalid! Parameter= *. Error : The parameter is incorrect. - The Trustee parameter regular expression is invalid! Parameter= * - The parameter is incorrect.","Warning ",Domain Name\Machine-Name,Windows Machine,,

Cause

Product defect. The SCAP profiles contained some rules which referred to local variables containing objects wrapped inside.  Data collection for such rules\objects was not working and an exception was thrown.

Due to this exception for some of the rules, no data collection was performed for the other rules in the SCAP profile therefore most of the rules resulted in a FAIL status.

Resolution

Install Quick Fix 10328 for CCS 11.0 with Product Update 2013-2 & Security Content Update 2013-1.  Please see the attached QF file in this KB article.


Applies To

Microsoft Windows Server 2008 R2

Attachments

CCS_v11.0_PU_10328_3250426_3250423_QF.zip get_app