A new check algorithm class ListFieldPermissionsRegex is added in SCU 2014-2. This algorithm can be used for all the list fields in Windows checks to enable the use of regular expressions in the parameters of a check to evaluate collected data based on required patterns.
To edit an existing complex check to allow using regular expressions:
For example, User Right for Replacing Process Level Tokens Restricted? Check from “User Rights” section of “US Federal Desktop Core Configuration Standard (FDCC) V1.0.1 for Windows Vista” standard.
You can also change the values for the other parameters based on need but those are normal fields.
Note: Regular expression provided should ideally recognize a unique data record from collected data for scoped target. Using a regular expression to identify generic patterns resulting in multiple string matches may result in unpredictable and inaccurate check evaluation outcome.
Invalid regular expressions will result in failure in check evaluation and the check will be evaluated as Unknown. The evidence generated in this case will specify the syntax errors in used regular expression.
Regular expressions can be used only in checks which are using above mentioned procedure reference. Without manual manipulation of the XML file this feature is not enabled. Hence all the predefined checks in various standards in Standard manager are unaffected.