Cyber security issues have received significant attention over the last several years as the amount of valuable and sensitive data that is available online continues to increase. Configuration management has always been a key component of any IT security policy and the Federal Desktop Core Configuration (FDCC) seeks to leverage this by creating a standard to which all Windows XP and Vista desktop systems must comply. Doing so eliminates a wide range of potential attacks by disabling unneeded services, applying patches in a timely manner, establishing strong access controls, and many other important configuration options available within the operating system.
The Windows Vista FDCC is based on DoD customization of the Microsoft Security Guides for both Windows Vista and Internet Explorer 7.0. Microsoft's Vista Security Guide was produced through a collaborative effort with DISA, NSA, and NIST. The guide reflects the consensus recommended settings from DISA, NSA, and NIST for the Windows Vista platform. The Windows XP FDCC is based on the DoD customization of the SSLF recommendations in Microsoft's Security Guide for Internet Explorer 7.0. To learn more about the FDCC, visit http://fdcc.nist.gov.
To help facilitate adoption, the Security Content Automation Protocol (SCAP) was chosen by OMB as the means by which FDCC policy is expressed and distributed as machine-readable content. OMB Memorandum 08-22 mandates the use of SCAP tools to assess and continuously monitor FDCC compliance based on this machine-readable representation of the policy. SCAP existed prior to the introduction of the FDCC and is being implemented widely across a variety of use cases. To learn more, visit http://scap.nist.gov.