This page provides a listing of all the tests that are available in the different component schemas.
Deprecated tests are lined through.
family_test |
The family_test element is used to check the family a certain system belongs to. This test basically allows the high level
system types (window, unix, ios, etc.) to be tested. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a family_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
filehash_test |
The file hash test is used to check the hashes associated with a specified file. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a filehash_object and the optional state element specifies the different hashes to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
filehash58_test |
The file hash test is used to check a specific hash type associated with a specified file. It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references a filehash58_object and the optional state element specifies an expected hash value. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
environmentvariable_test |
The environmentvariable_test element is used to check an environment variable found on the system. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a environmentvariable_object and the optional state element specifies the metadata
to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
environmentvariable58_test |
The environmentvariable_test element is used to check an environment variable for the specified process, which is identified
by its process ID, on the system . It extends the standard TestType as defined in the oval-definitions-schema and one should
refer to the TestType description for more information. The required object element references a environmentvariable_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
ldap_test |
The LDAP test is used to check information about specific entries in an LDAP directory. It extends the standard TestType as
defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references an ldap_object and the optional state element, ldap_state, specifies the metadata to check. The
evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
ldap57_test |
The LDAP test is used to check information about specific entries in an LDAP directory. It extends the standard TestType as
defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references an ldap57_object and the optional state element, ldap57_state, specifies the metadata to check.
The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
sql_test |
The sql test is used to check information stored in a database. It is often the case that applications store configuration
settings in a database as opposed to a file. This test has been designed to enable those settings to be tested. It extends
the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more
information. The required object element references a wmi_object and the optional state element specifies the metadata to
check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
sql57_test |
The sql test is used to check information stored in a database. It is often the case that applications store configuration
settings in a database as opposed to a file. This test has been designed to enable those settings to be tested. It extends
the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more
information. The required object element references a wmi_object and the optional state element specifies the metadata to
check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
textfilecontent54_test |
The textfilecontent54_test element is used to check the contents of a text file (aka a configuration file) by looking at individual
blocks of text. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType
description for more information. The required object element references a textfilecontent54_object and the optional state
element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from
the TestType.
|
textfilecontent_test |
The textfilecontent_test element is used to check the contents of a text file (aka a configuration file) by looking at individual
lines. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description
for more information. The required object element references a textfilecontent_object and the optional state element specifies
the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
unknown_test |
An unknown test acts as a placeholder for tests whose implementation is unknown. Any information that is known about the test
should be held in the notes child element that is available through the extension of the abstract test element. It extends
the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more
information. Note that for an unknown test, the required check attribute that is part of the extended TestType should be ignored
during evaluation and hence can be set to any valid value.
|
variable_test |
The variable test allows the value of a variable to be compared to a defined value. As an example one might use this test
to validate that a variable being passed in from an external source falls within a specified range. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a variable_object and the optional state element specifies the value to check. The
evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
xmlfilecontent_test |
The xmlfilecontent_test element is used to explore the contents of an xml file. This test allows specific pieces of an xml
document specified using xpath to be tested. It extends the standard TestType as defined in the oval-definitions-schema and
one should refer to the TestType description for more information. The required object element references a xmlfilecontent_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
spwebapplication_test |
The spwebapplication test is used to check the properties or permission settings of a SharePoint web application. It extends
the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more
information. The required object element references a spwebapplication_object and the optional state element specifies the
data to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
spgroup_test |
The spgroup test is used to check the group properties for site collections. It extends the standard TestType as defined in
the oval-definitions-schema and one should refer to the TestType description for more information. The required object element
references an spwebapplication_object and the optional state element specifies the data to check. The evaluation of the test
is guided by the check attribute that is inherited from the TestType.
|
spweb_test |
The spweb test is used to check the properties for site collections. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references an spwebapplication_object
and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that
is inherited from the TestType.
|
splist_test |
The splist test is used to check the properties of lists associated with a SharePoint site or site collection. It extends
the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more
information. The required object element references an splist_object and the optional state element specifies the data to
check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
spantivirussettings_test |
The spantivirussettings test is used to check the settings for antivirus software associated with a SharePoint deployment. |
spsiteadministration_test |
The spsiteadministration test is used to check the properties of a site. It extends the standard TestType as defined in the
oval-definitions-schema and one should refer to the TestType description for more information. The required object element
references an spwebapplication_object and the optional state element specifies the data to check. The evaluation of the test
is guided by the check attribute that is inherited from the TestType.
|
spsite_test |
The spsite test is used to check the properties of a site. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references an spwebapplication_object
and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that
is inherited from the TestType.
|
spcrawlrule_test |
The spcrawlrule test is used to check the configuration or rules associated with the SharePoint system's built-in indexer
and the sites or documents that will be indexed.
|
spjobdefinition_test |
The spjobdefinition test is used to check the status of the various properties associated with scheduled jobs in the SharePoint
system.
|
bestbet_test |
The bestbet test is used to get all the best bets associated with a site. |
infopolicycoll_test |
The policycoll test is used to get all the Information Policies associated with a site. |
spdiagnosticsservice_test |
The spdiagnosticsservice test is used to check the diagnostic properties associated with a Sharepoint system. |
spdiagnosticslevel_test |
The spdiagnosticslevel_test is used to check the status of the logging features associated with a Sharepoint deployment. |
sppolicyfeature_test |
The sppolicyfeature test enables one to check the attributes associated with policies and policy features on the Sharepoint
deployment.
|
sppolicy_test |
The sppolicy test enables one to check the attributes of the policies associated with a particular URL Zone in a Sharepoint
system.
|
dnscache_test |
The dnscache_test is used to check the time to live and IP addresses associated with a domain name. The time to live and
IP addresses for a particular domain name are retrieved from the DNS cache on the local system. It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references a dnscache_object and the optional state element specifies the metadata to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
file_test |
The file test is used to check metadata associated with UNIX files, of the sort returned by either an ls command, stat command
or stat() system call. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to
the TestType description for more information. The required object element references a file_object and the optional state
element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from
the TestType.
|
fileextendedattribute_test |
The file extended attribute test is used to check extended attribute values associated with UNIX files, of the sort returned
by the getfattr command or getxattr() system call. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a fileextendedattribute_object
and the optional state element specifies the extended attributes to check. The evaluation of the test is guided by the check
attribute that is inherited from the TestType. NOTE: Solaris has a very different implementation of "extended attributes" in which the attributes are really an orthogonal
directory hierarchy of files. See the Solaris documentation for more details. The file extended attribute test only handles
simple name/value pairs as implemented by most other UNIX derived operating systems.
|
gconf_test |
The gconf_test is used to check the attributes and value(s) associated with GConf preference keys. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a gconf_object and the optional gconf_state element specifies the data to check. The
evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
inetd_test |
The inetd test is used to check information associated with different Internet services. It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references an inetd_object and the optional state element specifies the information to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
interface_test |
The interface test enumerates various attributes about the interfaces on a system. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references an interface_object and the optional state element specifies the interface information to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
password_test |
/etc/passwd. See passwd(4). The password test is used to check metadata associated with the UNIX password file, of the sort returned by the passwd command.
It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description
for more information. The required object element references a password_object and the optional state element specifies the
metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
process_test |
The process test is used to check information found in the UNIX processes. It is equivalent to parsing the output of the ps
command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description
for more information. The required object element references a process_object and the optional state element specifies the
process information to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
process58_test |
The process58_test is used to check information found in the UNIX processes. It is equivalent to parsing the output of the
ps command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType
description for more information. The required object element references a process58_object and the optional state element
references a process58_state that specifies the process information to check. The evaluation of the test is guided by the
check attribute that is inherited from the TestType.
|
routingtable_test |
The routingtable_test is used to check information about the IPv4 and IPv6 routing table entries found in a system's primary
routing table. It is important to note that only numerical addresses will be collected and that their symbolic representations
will not be resolved. This equivalent to using the '-n' option with route(8) or netstat(8). It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references a routingtable_object and the optional routingtable_state element specifies the data to check. The
evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
runlevel_test |
The runlevel test is used to check information about which runlevel specified service are scheduled to exist at. For more
information see the output generated by a chkconfig --list. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a runlevel_object
and the optional state element specifies the data to check. The evaluation of the test is guided by the check attribute that
is inherited from the TestType.
|
sccs_test |
|
shadow_test |
The shadow test is used to check information from the /etc/shadow file for a specific user. This file contains a user's password,
but also their password aging and lockout information. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references an shadow_object
and the optional state element specifies the information to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
sysctl_test |
The sysctl_test is used to check the values associated with the kernel parameters that are used by the local system. It extends
the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more
information. The required object element references a sysctl_object and the optional state element references a sysctl_state
that specifies the information to check. The evaluation of the test is guided by the check attribute that is inherited from
the TestType.
|
uname_test |
The uname test reveals information about the hardware the machine is running on. This information is the parsed equivalent
of uname -a. For example: "Linux quark 2.6.5-7.108-default #1 Wed Aug 25 13:34:40 UTC 2004 i686 i686 i386 GNU/Linux" or "Darwin
TestHost 7.7.0 Darwin Kernel Version 7.7.0: Sun Nov 7 16:06:51 PST 2004; root:xnu/xnu-517.9.5.obj~1/RELEASE_PPC Power Macintosh
powerpc". It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType
description for more information. The required object element references a uname_object and the optional state element specifies
the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
xinetd_test |
The xinetd test is used to check information associated with different Internet services. It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references an inetd_object and the optional state element specifies the information to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
accesstoken_test |
The accesstoken_test is used to check the properties of a Windows access token as well as individual privileges and rights
associated with it. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the
TestType description for more information. The required object element references an accesstoken_object and the optional state
element specifies the data to check. The evaluation of the test is guided by the check attribute that is inherited from the
TestType.
|
activedirectory_test |
The active directory test is used to check information about specific entries in active directory. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references an activedirectory_object and the optional state element specifies the metadata to
check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
activedirectory57_test |
The active directory test is used to check information about specific entries in active directory. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references an activedirectory57_object and the optional state element specifies the metadata to
check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
auditeventpolicy_test |
The auditeventpolicy_test is used to check different types of events the system should audit. It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references a auditeventpolicy_object and the optional state element specifies the metadata to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
auditeventpolicysubcategories_test |
The auditeventpolicysubcategories_test is used to check the audit event policy settings on a Windows system. These settings
are used to specify which system and network events are monitored. For example, if the credential_validation element has
a value of AUDIT_FAILURE, it means that the system is configured to log all unsuccessful attempts to validate a user account
on a system. It is important to note that these audit event policy settings are specific to certain versions of Windows. As
a result, the documentation for that version of Windows should be consulted for more information on each setting. The test
extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for
more information. The required object element references a auditeventpolicy_object and the optional state element specifies
the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
dnscache_test |
The dnscache_test is used to check the time to live and IP addresses associated with a domain name. The time to live and
IP addresses for a particular domain name are retrieved from the DNS cache on the local system. The entries in the DNS cache
can be collected using Microsoft's DnsGetCacheDataTable() and DnsQuery() API calls. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a dnscache_object and the optional state element specifies the metadata to check. The evaluation of the
test is guided by the check attribute that is inherited from the TestType.
|
file_test |
The file test is used to check metadata associated with Windows files. It extends the standard TestType as defined in the
oval-definitions-schema and one should refer to the TestType description for more information. The required object element
references a file_object and the optional state element specifies the metadata to check. The evaluation of the test is guided
by the check attribute that is inherited from the TestType.
|
fileauditedpermissions53_test |
The file audit permissions test is used to check the audit permissions associated with Windows files. Note that the trustee's
audited permissions are the audit permissons that the SACL grants to the trustee or to any groups of which the trustee is
a member. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType
description for more information. The required object element references a fileauditedpermissions_object and the optional
state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited
from the TestType.
|
fileauditedpermissions_test |
The file audited permissions test is used to check the audit permissions associated with Windows files. Note that the trustee's
audited permissions are the audit permissons that the SACL grants to the trustee or to any groups of which the trustee is
a member. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType
description for more information. The required object element references a fileauditedpermissions_object, and the optional
state element references a fileauditedpermissions_state that specifies the metadata to check. The evaluation of the test is
guided by the check attribute that is inherited from the TestType.
|
fileeffectiverights53_test |
The file effective rights test is used to check the effective rights associated with Windows files. Note that the trustee's
effective access rights are the access rights that the DACL grants to the trustee or to any groups of which the trustee is
a member. The fileeffectiverights53_test element extends the standard TestType as defined in the oval-definitions-schema and
one should refer to the TestType description for more information. The required object element references a fileeffectiverights53_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
fileeffectiverights_test |
The file effective rights test is used to check the effective rights associated with Windows files. Note that the trustee's
effective access rights are the access rights that the DACL grants to the trustee or to any groups of which the trustee is
a member. The fileeffectiverights_test element extends the standard TestType as defined in the oval-definitions-schema and
one should refer to the TestType description for more information. The required object element references a fileeffectiverights_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
group_test |
The group_test allows the different users and subgroups, that directly belong to specific groups (identified by name), to
be tested. When the group_test collects the groups on the system, it should only include the local and built-in group accounts
and not domain group accounts. However, it is important to note that domain group accounts can still be looked up. Also,
note that the subgroups of the group will not be resolved to find indirect user and group members. If the subgroups need to
be resolved, it should be done using the sid_object. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a group_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
group_sid_test |
The group_sid_test allows the different users and subgroups, that directly belong to specific groups (identified by SID),
to be tested. When the group_sid_test collects the group SIDs on the system, it should only include the local and built-in
group SIDs and not domain group SIDs. However, it is important to note that domain group SIDs can still be looked up. Also,
note that the subgroups of the group will not be resolved to find indirect user and group members. If the subgroups need to
be resolved, it should be done using the sid_sid_object. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a group_sid_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
interface_test |
The interface test enumerate various attributes about the interfaces on a system. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references an interface_object and the optional state element specifies the interface information to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
lockoutpolicy_test |
The lockout policy test enumerates various attributes associated with lockout information for users and global groups in the
security database. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the
TestType description for more information. The required object element references a lockoutpolicy_object and the optional
state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited
from the TestType.
|
metabase_test |
The metabase test is used to check information found in the Windows metabase. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a metabase_object and the optional state element specifies the metadata to check. The evaluation of the
test is guided by the check attribute that is inherited from the TestType.
|
passwordpolicy_test |
The password policy test is used to check specific policy associated with passwords. It is important to note that these policies
are specific to certain versions of Windows. As a result, the documentation for that version of Windows should be consulted
for more information. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the
TestType description for more information. The required object element references a passwordpolicy_object and the optional
state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited
from the TestType. NOTE: This information is stored in the SAM or Active Directory but is encrypted or hidden so the registry_test and activedirectory57_test
are of no use. If this can be figured out, then the password_policy test is not needed.
|
port_test |
The port test is used to check information about the available ports on a Windows system. It extends the standard TestType
as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required
object element references a port_object and the optional state element specifies the port information to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
printereffectiverights_test |
The printer effective rights test is used to check the effective rights associated with Windows printers. The printereffectiverights_test
element extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description
for more information. The required object element references a printereffectiverights_object and the optional state element
specifies the metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
process_test |
The process_test is used to check information found in the Windows processes. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a process_object and the optional state element references a process_state element that specifies the process
information to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
process58_test |
The process58_test is used to check information found in the Windows processes. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a process58_object and the optional state element references a process58_state element that specifies the
process information to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
registry_test |
The registry test is used to check metadata associated with Windows registry key. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a registry_object and the optional state element specifies the registry data to check. The evaluation of
the test is guided by the check attribute that is inherited from the TestType.
|
regkeyauditedpermissions53_test |
The registry key audited permissions test is used to check the audit permissions associated with Windows registry keys. Note
that the trustee's audited permissions are the audit permissons that the SACL grants to the trustee or to any groups of which
the trustee is a member. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to
the TestType description for more information. The required object element references a regkeyauditedpermissions53_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
regkeyauditedpermissions_test |
The registry key audited permissions test is used to check the audit permissions associated with Windows registry keys. Note
that the trustee's audited permissions are the audit permissons that the SACL grants to the trustee or to any groups of which
the trustee is a member. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to
the TestType description for more information. The required object element references a regkeyauditedpermissions_object and
the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute that
is inherited from the TestType.
|
regkeyeffectiverights53_test |
The registry key effective rights test is used to check the effective rights associated with Windows files. Note that the
trustee's effective access rights are the access rights that the DACL grants to the trustee or to any groups of which the
trustee is a member. The regkeyeffectiverights53_test element extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a regkeyeffectiverights53_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
regkeyeffectiverights_test |
The registry key effective rights test is used to check the effective rights associated with Windows files. Note that the
trustee's effective access rights are the access rights that the DACL grants to the trustee or to any groups of which the
trustee is a member. The regkeyeffectiverights_test element extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a regkeyeffectiverights_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
service_test |
The service_test is used to check metadata associated with Windows services. It extends the standard TestType as defined in
the oval-definitions-schema and one should refer to the TestType description for more information. The required object element
references a service_object and the optional state elements specify the metadata to check. The evaluation of the test is guided
by the check attribute that is inherited from the TestType.
|
serviceeffectiverights_test |
The service effective rights test is used to check the effective rights associated with Windows services. Note that the trustee's
effective access rights are the access rights that the DACL grants to the trustee or to any groups of which the trustee is
a member. The serviceeffectiverights_test element extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a serviceeffectiverights_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
sharedresource_test |
The shared resource test is used to check properties associated with any shared resource on the system. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a sid_object and the optional state element specifies the metadata to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
sid_test |
The SID test is used to check properties associated with the specified SID. It extends the standard TestType as defined in
the oval-definitions-schema and one should refer to the TestType description for more information. The required object element
references a sid_object and the optional state element specifies the metadata to check. The evaluation of the test is guided
by the check attribute that is inherited from the TestType.
|
sid_sid_test |
The sid_sid_test is used to check properties associated with the specified SID. It extends the standard TestType as defined
in the oval-definitions-schema and one should refer to the TestType description for more information. The required object
element references a sid_sid_object and the optional state element specifies the metadata to check. The evaluation of the
test is guided by the check attribute that is inherited from the TestType. Note that this sid_sid test was added in version 5.4 as a temporary fix. There is a need within the community to identify
things like users and groups by both the name and the SID. For version 6 of OVAL, work is underway for a better solution
to the problem, but for now, a second test was added to satisfy the need.
|
uac_test |
The user access control test is used to check setting related to User Access Control within Windows. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a uaac_object and the optional state element specifies the metadata to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
user_test |
The user_test is used to check information about Windows users. When the user_test collects the users on the system, it should
only include the local and built-in user accounts and not domain user accounts. However, it is important to note that domain
user accounts can still be looked up. Also, note that the collection of groups, for which a user is a member, is not recursive.
The only groups that will be collected are those for which the user is a direct member. For example, if a user is a member
of group A, and group A is a member of group B, the only group that will be collected is group A. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a user_object and the optional state element specifies the metadata to check. The evaluation
of the test is guided by the check attribute that is inherited from the TestType.
|
user_sid55_test |
The user_sid55_test is used to check information about Windows users. When the user_sid55_test collects the user SIDs on the
system, it should only include the local and built-in user SIDs and not domain user SIDs. However, it is important to note
that domain user SIDs can still be looked up. Also, note that the collection of groups, for which a user is a member, is not
recursive. The only groups that will be collected are those for which the user is a direct member. For example, if a user
is a member of group A, and group A is a member of group B, the only group that will be collected is group A. It extends the
standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a user_sid55_object and the optional state element specifies the metadata to check.
The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
user_sid_test |
The user_sid_test is used to check information about Windows users. When the user_sid_test collects the user SIDs on the system,
it should only include the local and built-in user SIDs and not domain user SIDs. However, it is important to note that domain
user SIDs can still be looked up. Also, note that the collection of groups, for which a user is a member, is not recursive.
The only groups that will be collected are those for which the user is a direct member. For example, if a user is a member
of group A, and group A is a member of group B, the only group that will be collected is group A. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a user_sid_object and the optional state element specifies the metadata to check. The
evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
volume_test |
The volume_test is used to check information about different storage volumes found on a Windows system. This includes the
various system flags returned by GetVolumeInformation(). It is important to note that these system flags are specific to certain
versions of Windows. As a result, the documentation for that version of Windows should be consulted for more information.
It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description
for more information. The required object element references a volume_object and the optional state element specifies the
metadata to check. The evaluation of the test is guided by the check attribute that is inherited from the TestType.
|
wmi_test |
The wmi test is used to check information accessed by WMI. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a wmi_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
wmi57_test |
The wmi57 test is used to check information accessed by WMI. It extends the standard TestType as defined in the oval-definitions-schema
and one should refer to the TestType description for more information. The required object element references a wmi57_object
and the optional state element specifies the metadata to check. The evaluation of the test is guided by the check attribute
that is inherited from the TestType.
|
wuaupdatesearcher_test |
The wuaupdatesearcher_test is used to evaluate patch level in a Windows environment utilizing the WUA (Windows Update Agent)
interface. It is based on the Search method of the IUpdateSearcher interface found in the WUA API. It extends the standard
TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information.
The required object element references a wuaupdatesearcher_object and the optional state element specifies the metadata to
check. The evaluation of the test is guided by the check attribute that is inherited from the TestType. Note that WUA can work off of many different sources including WSUS, update.microsoft.com, and a local cab file. The content
source is specific to a given system evaluating a wuaupdatesearcher_test and thus is not defined by this test. The tool being
used for evaluation should determine what content source is best for the system being assessed and then evaluate this test
based on that selection.
|