Glossary
benchmark
In compliance terminology, a security standard against which to measure the compliance of a system. Also called a security benchmark. The solaris benchmark and PCI DSS are two benchmarks.
Common Vulnerabilities and Exposure
A reference method for publicly known security vulnerabilities in networked computer systems. This international list of vulnerabilities is kept by the Mitre Corporation.
Enterprise Health Check
A benchmark that determines how compliant your system is with Oracle Solaris 11.4 best practices. Best practices include highlighting legacy software that is targeted for removal in an upcoming Oracle Solaris 11.4 Support Repository Update (SRU).
metadata
In compliance terminology, a keyword=value pair or tag that identifies an assessment. Assessments always run with system tags, and users can add their own tags. Later, users can select, identify, copy, list, and delete assessments according to their metadata.
pick screen
An instance of a TUI, a textual user interface. The pick screen is an editor that is implemented in the curses programming language. It provides a GUI-like interface on a text-only device, such as a console or a hardware ANSI terminal.
policy
Generally, a plan or course of action that influences or determines decisions and actions. Specifically, compliance policy is the selection of a benchmark or profile or tailoring that reflects the security compliance requirements for a system. You check the compliance of your system against the policy.
profile
In compliance terminology, a refinement of a benchmark. The Recommended and Baseline profiles are refinements of the solaris benchmark.
report
In compliance terminology, a display of the results of an assessment. Compliance reports can be in text, html, or xml format.
roster
In compliance terminology, a script that identifies assessments to run on remote systems.
Systems can be collected into roster groups, and attributes such as policy can be assigned at the roster, group, and node scopes. When run, a roster assesses compliance on its included systems asynchronously from the local system.