Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

8.12. SCAP Security Guide profiles supported in RHEL 7

Use only the SCAP content provided in the particular minor release of RHEL. This is because components that participate in hardening are periodically updated with new capabilities. SCAP content changes to reflect these updates, but it is not always backward compatible.
In the following tables, you can find the profiles provided in each minor version of RHEL, together with the version of the policy with which the profile aligns.

Table 8.2. SCAP Security Guide profiles supported in RHEL 7.9

Profile nameProfile IDPolicy version
French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Levelxccdf_org.ssgproject.content_profile_anssi_nt28_enhanced
RHEL 7.9.4 and lower:draft
RHEL 7.9.5 and higher:1.2
French National Agency for the Security of Information Systems (ANSSI) BP-028 High Levelxccdf_org.ssgproject.content_profile_anssi_nt28_high
RHEL 7.9.6 and lower:draft
RHEL 7.9.7 and higher:1.2
French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Levelxccdf_org.ssgproject.content_profile_anssi_nt28_intermediary
RHEL 7.9.4 and lower: draft
RHEL 7.9.5 and higher:1.2
French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Levelxccdf_org.ssgproject.content_profile_anssi_nt28_minimal
RHEL 7.9.4 and lower:draft
RHEL 7.9.5 and higher:1.2
C2S for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_C2Snot versioned
CIS Red Hat Enterprise Linux 7 Benchmarkxccdf_org.ssgproject.content_profile_cis2.2.0
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis5.4
Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)xccdf_org.ssgproject.content_profile_cuir1
Australian Cyber Security Centre (ACSC) Essential Eightxccdf_org.ssgproject.content_profile_e8not versioned
Health Insurance Portability and Accountability Act (HIPAA)xccdf_org.ssgproject.content_profile_hipaanot versioned
NIST National Checklist Program Security Guidexccdf_org.ssgproject.content_profile_ncpnot versioned
OSPP - Protection Profile for General Purpose Operating Systems v4.2.1xccdf_org.ssgproject.content_profile_ospp4.2.1
PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss_centric3.2.1
PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.2.1
[DRAFT] DISA STIG for Red Hat Enterprise Linux Virtualization Host (RHELH)xccdf_org.ssgproject.content_profile_rhelh-stigdraft
VPP - Protection Profile for Virtualization v. 1.0 for Red Hat Enterprise Linux Hypervisor (RHELH)xccdf_org.ssgproject.content_profile_rhelh-vpp1.0
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profile for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_standardnot versioned
DISA STIG for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig
RHEL 7.9.0 and 7.9.1: 1.4
RHEL 7.9.2 to 7.9.4: V3R1
RHEL 7.9.5 and 7.9.6:V3R2
RHEL 7.9.7 and higher:V3R3
DISA STIG with GUI for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig_gui
RHEL 7.9.7 and higher:V3R3

Table 8.3. SCAP Security Guide profiles supported in RHEL 7.8

Profile nameProfile IDPolicy version
DRAFT - ANSSI DAT-NT28 (enhanced)xccdf_org.ssgproject.content_profile_anssi_nt28_enhanceddraft
DRAFT - ANSSI DAT-NT28 (high)xccdf_org.ssgproject.content_profile_anssi_nt28_highdraft
DRAFT - ANSSI DAT-NT28 (intermediary)xccdf_org.ssgproject.content_profile_anssi_nt28_intermediarydraft
DRAFT - ANSSI DAT-NT28 (minimal)xccdf_org.ssgproject.content_profile_anssi_nt28_minimaldraft
C2S for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_C2Snot versioned
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis5.4
Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)xccdf_org.ssgproject.content_profile_cuir1
Australian Cyber Security Centre (ACSC) Essential Eightxccdf_org.ssgproject.content_profile_e8not versioned
Health Insurance Portability and Accountability Act (HIPAA)xccdf_org.ssgproject.content_profile_hipaanot versioned
NIST National Checklist Program Security Guidexccdf_org.ssgproject.content_profile_ncpnot versioned
OSPP - Protection Profile for General Purpose Operating Systems v4.2.1xccdf_org.ssgproject.content_profile_ospp4.2.1
PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss_centric3.2.1
PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.2.1
[DRAFT] DISA STIG for Red Hat Enterprise Linux Virtualization Host (RHELH)xccdf_org.ssgproject.content_profile_rhelh-stigdraft
VPP - Protection Profile for Virtualization v. 1.0 for Red Hat Enterprise Linux Hypervisor (RHELH)xccdf_org.ssgproject.content_profile_rhelh-vpp1.0
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profile for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_standardnot versioned
DISA STIG for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig1.4

Table 8.4. SCAP Security Guide profiles supported in RHEL 7.7

Profile nameProfile IDPolicy version
C2S for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_C2Snot versioned
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis5.4
Health Insurance Portability and Accountability Act (HIPAA)xccdf_org.ssgproject.content_profile_hipaanot versioned
Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)xccdf_org.ssgproject.content_profile_nist-800-171-cuir1
OSPP - Protection Profile for General Purpose Operating Systems v. 4.2xccdf_org.ssgproject.content_profile_ospp424.2
United States Government Configuration Baselinexccdf_org.ssgproject.content_profile_ospp3.9
PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss_centric3.2.1
PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.2.1
VPP - Protection Profile for Virtualization v. 1.0 for Red Hat Enterprise Linux Hypervisor (RHELH)xccdf_org.ssgproject.content_profile_rhelh-vpp1.0
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profile for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_standardnot versioned
DISA STIG for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig-rhel7-disa1.4

Table 8.5. SCAP Security Guide profiles supported in RHEL 7.6

Profile nameProfile IDPolicy version
C2S for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_C2Snot versioned
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis5.4
Health Insurance Portability and Accountability Act (HIPAA)xccdf_org.ssgproject.content_profile_hipaanot versioned
Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)xccdf_org.ssgproject.content_profile_nist-800-171-cuir1
OSPP - Protection Profile for General Purpose Operating Systems v. 4.2xccdf_org.ssgproject.content_profile_ospp424.2
United States Government Configuration Baselinexccdf_org.ssgproject.content_profile_ospp3.9
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss_centric3.1
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.1
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profile for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_standardnot versioned
DISA STIG for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig-rhel7-disa1.4

Table 8.6. SCAP Security Guide profiles supported in RHEL 7.5

Profile nameProfile IDPolicy version
C2S for Red Hat Enterprise Linuxxccdf_org.ssgproject.content_profile_C2Snot versioned
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis-rhel7-server5.4
Common Profile for General-Purpose Systemsxccdf_org.ssgproject.content_profile_commonnot versioned
Standard Docker Host Security Profilexccdf_org.ssgproject.content_profile_docker-hostnot versioned
Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)xccdf_org.ssgproject.content_profile_nist-800-171-cuir1
United States Government Configuration Baseline (USGCB / STIG) - DRAFTxccdf_org.ssgproject.content_profile_ospp-rhel73.9
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss_centric3.1
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.1
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profilexccdf_org.ssgproject.content_profile_standardnot versioned
DISA STIG for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig-rhel7-disa1.4
STIG for Red Hat Virtualization Hypervisorxccdf_org.ssgproject.content_profile_stig-rhevh-upstream1.4

Table 8.7. SCAP Security Guide profiles supported in RHEL 7.4

Profile nameProfile IDPolicy version
C2S for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_C2Snot versioned
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis-rhel7-server5.4
Common Profile for General-Purpose Systemsxccdf_org.ssgproject.content_profile_commonnot versioned
Standard Docker Host Security Profilexccdf_org.ssgproject.content_profile_docker-hostnot versioned
Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)xccdf_org.ssgproject.content_profile_nist-800-171-cuir1
United States Government Configuration Baseline (USGCB / STIG) - DRAFTxccdf_org.ssgproject.content_profile_ospp-rhel73.9
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss_centric3.1
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.1
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profilexccdf_org.ssgproject.content_profile_standardnot versioned
DISA STIG for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_stig-rhel7-disa1.4
STIG for Red Hat Virtualization Hypervisorxccdf_org.ssgproject.content_profile_stig-rhevh-upstream 

Table 8.8. SCAP Security Guide profiles supported in RHEL 7.3

Profile nameProfile IDPolicy version
C2S for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_C2Snot versioned
Criminal Justice Information Services (CJIS) Security Policyxccdf_org.ssgproject.content_profile_cjis-rhel7-server5.4
Common Profile for General-Purpose Systemsxccdf_org.ssgproject.content_profile_commonnot versioned
CNSSI 1253 Low/Low/Low Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_nist-cl-il-alnot versioned
United States Government Configuration Baseline (USGCB / STIG)xccdf_org.ssgproject.content_profile_ospp-rhel7-servernot versioned
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dss3.1
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profilexccdf_org.ssgproject.content_profile_standardnot versioned
STIG for Red Hat Enterprise Linux 7 Server Running GUIsxccdf_org.ssgproject.content_profile_stig-rhel7-server-gui-upstream1.4
STIG for Red Hat Enterprise Linux 7 Serverxccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream1.4
STIG for Red Hat Enterprise Linux 7 Workstationxccdf_org.ssgproject.content_profile_stig-rhel7-workstation-upstream1.4

Table 8.9. SCAP Security Guide profiles supported in RHEL 7.2

Profile nameProfile IDPolicy version
Common Profile for General-Purpose Systemsxccdf_org.ssgproject.content_profile_commonnot versioned
Draft PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7xccdf_org.ssgproject.content_profile_pci-dssdraft
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned
Standard System Security Profilexccdf_org.ssgproject.content_profile_standardnot versioned
Pre-release Draft STIG for Red Hat Enterprise Linux 7 Serverxccdf_org.ssgproject.content_profile_stig-rhel7-server-upstreamdraft

Table 8.10. SCAP Security Guide profiles supported in RHEL 7.1

Profile nameProfile IDPolicy version
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)xccdf_org.ssgproject.content_profile_rht-ccpnot versioned

Additional Resources