U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4

Published

Author(s)

Neal Ziring, Stephen Quinn

Abstract

This report specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring. The specification also defines a data model and format for storing results of security guidance or checklist compliance testing. The intent of XCCDF is to provide a uniform foundation for expression of security checklists and other configuration guidance, and thereby foster more widespread application of good security practices.
Citation
NIST Interagency/Internal Report (NISTIR) - 7275rev3
Report Number
7275rev3
NIST Pub Series
NIST Interagency/Internal Report (NISTIR)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.IR.7275r3
Local Download

Keywords

benchmarks, checklists, eXtensible Configuration Checklist Description Format, FISMA, security controls, vulnerabilities, XCCDF
Cybersecurity

Citation

Ziring, N. and Quinn, S. (2008), Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.4, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7275r3, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=51269 (Accessed December 15, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 31, 2007, Updated October 12, 2021