Red Hat Training

A Red Hat training course is available for RHEL 8

7.12. RHEL 8에서 지원되는 SCAP 보안 가이드 프로필

RHEL의 특정 마이너 릴리스에서 제공된 SCAP 콘텐츠만 사용합니다. 강화에 참여하는 구성 요소가 새로운 기능으로 업데이트되는 경우가 있기 때문입니다. 이러한 업데이트를 반영하기 위해 SCAP 콘텐츠 변경이 필요하지만 이전 버전과 항상 호환되지는 않습니다.

다음 표에서는 프로필이 정렬되는 정책 버전과 함께 RHEL의 각 마이너 버전에서 제공되는 프로필을 찾을 수 있습니다.

표 7.2. RHEL 8.9에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Level

xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced

2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 High Level

xccdf_org.ssgproject.content_profile_anssi_bp28_high

2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Level

xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary

2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Level

xccdf_org.ssgproject.content_profile_anssi_bp28_minimal

2.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

RHEL 8.9.0 및 RHEL 8.9.2:2.0.0
RHEL 8.9.3:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

RHEL 8.9.0 및 RHEL 8.9.2:2.0.0
RHEL 8.9.3:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l1

RHEL 8.9.0 및 RHEL 8.9.2:2.0.0
RHEL 8.9.3:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l2

RHEL 8.9.0 및 RHEL 8.9.2:2.0.0
RHEL 8.9.3:3.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Australian Cyber Security Centre (ACSC) ISM Official

xccdf_org.ssgproject.content_profile_ism_o

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

RHEL 8.9.0 및 RHEL 8.9.2:3.2.1
RHEL 8.9.3:4.0

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

RHEL 8.9.0 및 RHEL 8.9.2:V1R11
RHEL 8.9.3:V1R13

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) with GUI for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig_gui

RHEL 8.9.0 및 RHEL 8.9.2:V1R11
RHEL 8.9.3:V1R13

표 7.3. RHEL 8.8에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Level

xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced

2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 High Level

xccdf_org.ssgproject.content_profile_anssi_bp28_high

2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Level

xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary

2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Level

xccdf_org.ssgproject.content_profile_anssi_bp28_minimal

2.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

RHEL 8.8.0 및 RHEL 8.8.5:2.0.0
RHEL 8.8.6:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

RHEL 8.8.0 및 RHEL 8.8.5:2.0.0
RHEL 8.8.6:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l1

RHEL 8.8.0 및 RHEL 8.8.5:2.0.0
RHEL 8.8.6:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l2

RHEL 8.8.0 및 RHEL 8.8.5:2.0.0
RHEL 8.8.6:3.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Australian Cyber Security Centre (ACSC) ISM Official

xccdf_org.ssgproject.content_profile_ism_o

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

RHEL 8.8.0 및 RHEL 8.8.5:3.2.1
RHEL 8.8.6:4.0

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

RHEL 8.8.0 및 RHEL 8.8.5:V1R9
RHEL 8.8.6:V1R13

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) with GUI for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig_gui

RHEL 8.8.0 및 RHEL 8.8.5:V1R9
RHEL 8.8.6:V1R13

표 7.4. RHEL 8.7에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Level

xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 High Level

xccdf_org.ssgproject.content_profile_anssi_bp28_high

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Level

xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Level

xccdf_org.ssgproject.content_profile_anssi_bp28_minimal

1.2

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

2.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

2.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l1

2.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l2

2.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Australian Cyber Security Centre (ACSC) ISM Official

xccdf_org.ssgproject.content_profile_ism_o

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

RHEL 8.7.0 및 RHEL 8.7.1:V1R7
RHEL 8.7.2 이상:V1R9

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) with GUI for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig_gui

RHEL 8.7.0 및 RHEL 8.7.1:V1R7
RHEL 8.7.2 이상:V1R9

표 7.5. RHEL 8.6에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Level

xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced

RHEL 8.6.0에서 8.6.10:1.2
RHEL 8.6.11 이상:2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 High Level

xccdf_org.ssgproject.content_profile_anssi_bp28_high

RHEL 8.6.0에서 8.6.10:1.2
RHEL 8.6.11 이상:2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Level

xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary

RHEL 8.6.0에서 8.6.10:1.2
RHEL 8.6.11 이상:2.0

French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Level

xccdf_org.ssgproject.content_profile_anssi_bp28_minimal

RHEL 8.6.0에서 8.6.10:1.2
RHEL 8.6.11 이상:2.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

RHEL 8.6.0에서 RHEL 8.6.2:1.0.0
RHEL 8.6.6.3에서 RHEL 8.6.15:2.0.0
RHEL 8.6.16 이상:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

RHEL 8.6.0에서 RHEL 8.6.2:1.0.0
RHEL 8.6.6.3에서 RHEL 8.6.15:2.0.0
RHEL 8.6.16 이상:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l1

RHEL 8.6.0에서 RHEL 8.6.2:1.0.0
RHEL 8.6.6.3에서 RHEL 8.6.15:2.0.0
RHEL 8.6.16 이상:3.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l2

RHEL 8.6.0에서 RHEL 8.6.2:1.0.0
RHEL 8.6.6.3에서 RHEL 8.6.15:2.0.0
RHEL 8.6.16 이상:3.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Australian Cyber Security Centre (ACSC) ISM Official

xccdf_org.ssgproject.content_profile_ism_o

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

RHEL 8.6.0:V1R5
RHEL 8.6.1 및 RHEL 8.6.2:V1R6
RHEL 8.6.3에서 RHEL 8.6.6:V1R7
RHEL 8.6.7에서 RHEL 8.6.10:V1R9
RHEL 8.6.15:V1R11
RHEL 8.6.15:V1R11 RHEL 8.6.15 및 RHEL 8.6.16 및 이후 버전:6.15

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) with GUI for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig_gui

RHEL 8.6.0:V1R5
RHEL 8.6.1 및 RHEL 8.6.2:V1R6
RHEL 8.6.3에서 RHEL 8.6.6:V1R7
RHEL 8.6.7에서 RHEL 8.6.10:V1R9
RHEL 8.6.15:V1R11
RHEL 8.6.15:V1R11 RHEL 8.6.15 및 RHEL 8.6.16 및 이후 버전:6.15

표 7.6. RHEL 8.5에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Level

xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 High Level

xccdf_org.ssgproject.content_profile_anssi_bp28_high

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Level

xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Level

xccdf_org.ssgproject.content_profile_anssi_bp28_minimal

1.2

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

1.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

1.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l1

1.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l2

1.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Australian Cyber Security Centre (ACSC) ISM Official

xccdf_org.ssgproject.content_profile_ism_o

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

RHEL 8.5.0에서 RHEL 8.5.3:V1R3
RHEL 8.5.4 이상:V1R5

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) with GUI for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig_gui

RHEL 8.5.0에서 RHEL 8.5.3:V1R3
RHEL 8.5.4 이상:V1R5

표 7.7. RHEL 8.4에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

French National Agency for the Security of Information Systems (ANSSI) BP-028 Enhanced Level

xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 High Level

xccdf_org.ssgproject.content_profile_anssi_bp28_high

RHEL 8.4.4 이상:1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 Intermediary Level

xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary

1.2

French National Agency for the Security of Information Systems (ANSSI) BP-028 Minimal Level

xccdf_org.ssgproject.content_profile_anssi_bp28_minimal

1.2

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Server

xccdf_org.ssgproject.content_profile_cis

RHEL 8.4.3 이상:1.0.0
RHEL 8.4.4에서 RHEL 8.4.10:1.0.1
RHEL 8.4.11 이상:2.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

xccdf_org.ssgproject.content_profile_cis_server_l1

RHEL 8.4.4에서 RHEL 8.4.10:1.0.1
RHEL 8.4.11 이상:2.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l1

RHEL 8.4.4에서 RHEL 8.4.10:1.0.1
RHEL 8.4.11 이상:2.0.0

CIS Red Hat Enterprise Linux 8 Benchmark for Level 2 - Workstation

xccdf_org.ssgproject.content_profile_cis_workstation_l2

RHEL 8.4.4에서 RHEL 8.4.10:1.0.1
RHEL 8.4.11 이상:2.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

Australian Cyber Security Centre (ACSC) ISM Official

xccdf_org.ssgproject.content_profile_ism_o

RHEL 8.4.4 이상: 버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

RHEL 8.4.3 및 이전:V1R1
RHEL 8.4.4에서 RHEL 8.4.7:V1R3
RHEL 8.4.8:V1R5
RHEL 8.4.10:V1R6
RHEL 8.4.14:V1R7
RHEL 8.4.14:V1R7 RHEL 8.4.15 이상:V1R9

The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) with GUI for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig_gui

RHEL 8.4.4에서 RHEL 8.4.7:V1R3
RHEL 8.4.8:V1R5
RHEL 8.4.9에서 RHEL 8.4.10:V1R6
RHEL 8.4.14:V1R7
RHEL 8.4.15 이상:V1R9

표 7.8. RHEL 8.3에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

CIS Red Hat Enterprise Linux 8 Benchmark

xccdf_org.ssgproject.content_profile_cis

1.0.0

Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)

xccdf_org.ssgproject.content_profile_cui

r1

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

HIPAA(Health Insurance Portability and Accountability Act)

xccdf_org.ssgproject.content_profile_hipaa

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

[DRAFT] The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

초안

표 7.9. RHEL 8.2에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

Australian Cyber Security Centre (ACSC) Essential Eight

xccdf_org.ssgproject.content_profile_e8

버전이 지정되지 않음

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

[DRAFT] DISA STIG for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_stig

초안

표 7.10. RHEL 8.1에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

4.2.1

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1

표 7.11. RHEL 8.0에서 지원되는 SCAP 보안 가이드 프로필

프로파일 이름프로파일 ID정책 버전

OSPP - Protection Profile for General Purpose Operating Systems

xccdf_org.ssgproject.content_profile_ospp

초안

PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8

xccdf_org.ssgproject.content_profile_pci-dss

3.2.1