
STIG Viewer README File
****************************************************************
*                   End User License Agreement                 *
****************************************************************

The DISA STIG Viewer Tool is a free program provided 'AS IS'.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of 
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

By using the DISA STIG Viewer, you agree to the terms listed above.


****************************************************************
*                       Important Notes                        *
****************************************************************
STIG Compatability:

The STIG Viewer is currently compatible only with STIGs that
have been converted into XCCDF XML format.  STIG documents not
in this format will not work with the STIG Viewer.

****************************************************************
*				Known Issues					*
****************************************************************

The STIG Viewer currently has limited compatibility with
UNIX/Linux systems. In order to run on a linux system, the user
must install Oracle's JRE or JDK. Depending on the Linux 
distribution, some features may work better than others.
-On Red Hat Enterprise Linux, the Checklist 'Get Target Data' 
button does not function.
-STIG Viewer does not run Solaris 11

****************************************************************
*                   0000:Table of Contents                     *
****************************************************************
1000 - STIG Explorer Program Functions

1010 - Local Data Cache
1020 - Importing a STIG
1025 - Exporting a STIG
1030 - STIGs Panel
1040 - Filter Panel
1050 - Vuln Table

2000 - Checklist Tab Functions

2010 - Opening a Checklist
2015 - Checklist Menu Options
2020 - Totals Panel
2030 - Target Data Panel
2040 - Technology Area Panel
2041 - Filter Panel
2045 - Vuln Table
2050 - General Information Panel
2051 - Vuln Information Panel
2052 - Finding Details and Comments Panels

****************************************************************
*              1000:STIG Explorer Program Functions            *
****************************************************************
1010: Local Data Cache

STIG Viewer creates and maintains a Local Data Cache responsible
for storing imported STIGs and program configurations. The Local
Data Cache is created upon initialization of the program and may
be deleted at any time.

If the Local Data Cache is unable to be created, a warning message
will be presented to the user detailing that STIG Viewer is unable
to save state between opening and closing.  

In order to fully delete the Local Data Cache, go to:
Options->Delete Local Data Cache

In order to set up the Local Data Cache, go to:
Options->Create Local Data Cache


1020: Importing a STIG

File menu:
File->Import STIG

STIGs may be imported as a STIG XML File (.xml) file or as a STIG ZIP
File (.zip) bundle.


1025: Exporting a STIG

STIG Viewer is able to export the selected STIG(s) in three different
formats: A webpage (.html), rich text document (.rtf), or a comma 
separated values file (.csv).

File menu: 
Export->Webpage(.html)

File menu:
Export->Document(.rtf)

File menu:
Export->Spreadsheet(.csv)


1030: STIGs Panel

The STIGs panel is responsible for selecting STIGs to be viewed by the
STIG Viewer as well as maintaining the STIGs held in the Local Data
Cache. The visible columns of the STIG list may be altered by selecting 
the plus sign in the upper right corner of the table then selecting
and deselecting the options shown.

There are two main forms of selection associated with the STIGs panel,
highlighting and check marking. A highlighted selection is used for 
deletion purposes. A check marked STIG is automatically sent to be displayed
along with the other checked STIGs. Additionally, check marked STIGs are 
those that are used when a checklist is created or an export option is
chosen.

-Left clicking without holding down the ctrl or shift keys both checks 
(or unchecks) and highlights the given selection.

-Left clicking while the ctrl or shift key is pressed highlights
(or de-highlights) STIGs only.

-Right clicking will highlight the given selection only and open up a 
menu with the options to 'Check All', 'Uncheck All', and 
'Remove Highlighted STIG(s)'. 

-The 'Remove Highlighted STIG(s)' option will delete any of those STIGs 
that are highlighted, regardless of their Check-mark status.

Below the table that lists the STIGs lies the profile selection drop down menu. 
Selecting a profile will alter what vulnerabilities are sent to the vuln 
table by the checked STIGs based on the profile selected.


1040: Filter Panel

The STIGs are searchable by way of a filtered search list. This list is
 maintained on the left-hand side of the screen, beneath the STIGs panel.

The Filters applied in STIG Viewer will affect the current visible 
vulnerability list that is displayed in the center table. Successive 
additions to the table (Check Marking another STIG) will also be filtered
based upon the current list of filters.

The various filters, at this time, do not affect what selections are sent
to the Export functions, nor checklist creation.

-Adding a filter:
Simply select a Filter from the drop-down menu, input a
keyword if necessary, select whether the filter will include or 
exclude the selection, finally, press the 'add' button.

-Removing a filter:
Highlight the desired filter in the list of current applied filters.
Multiple filters in this list can be highlighted by shift and or ctrl 
clicking entries. Press the 'Remove Filter(s)' button to remove
those filters selected, or, press the 'Remove All Filters' button
to remove all current filters.


The various types of filters and their corresponding elements searched:

Keyword	    	  
- Searches most text fields in all vulns currently displayed, does not
check the severity attribute

Rule Title 		  
- Searches the Rule Title text of all vulns currently displayed

STIG ID     	  
- Searches the STIG ID of all vulns currently displayed

Rule ID           
- Searches the Rule ID of all vulns currently displayed

Vulnerability ID  
- Searches the Vul ID of all vulns currently displayed 

IA Control  	  
- Searches the IA Control value(s) of all vulns currently displayed

CAT I	    	  
- Shows or hides currently displayed vulns that are considered CAT I's 

CAT II	    	  
- Shows or hides currently displayed vulns that are considered CAT II's

CAT III	    	  
- Shows or hides currently displayed vulns that are considered CAT III's

CCI     	  
- Searches CCI number, description and reference of currently displayed
vulns


1050: Vuln Table

To view a particular entry in the vuln table, simply select an entry in 
the Vuln Table, the center table.

The selected vulnerability will populate the right hand of the screen that
possibly consists of the 'General Information', 'Discussion', 'Fix Text', 
'Check Content', 'CCI', and 'Miscellaneous' panels. If a STIG does not 
have information for a particular panel, the panel will not be displayed.

Like the STIGs panel, the Vuln Table's visible columns can be altered by
selecting the various options brought up by clicking the plus sign in the
top right corner of the table.

The available selections in the vuln table are affected by what is checked
in the STIGs panel, and by what filters are applied by the Filter Panel.


****************************************************************
*                     2000: Checklist tab                      *
****************************************************************
2010: Opening a Checklist

There are a few options for opening a new Checklist. All are
listed under the Checklist menu option given in the STIG Explorer.
All options, when successfully called, will open up and switch windows
to the 'Checklist' tab.

Checklist->Open Checklist from File
-This option will open a checklist from file, Checklists 2.x variants
of STIG Viewer should be able to be opened by STIG Viewer 2.5, however,
checklists from 2.5 will not be able to be opened by previous versions.

Checklist->Import v1.2 Checklist
-A special compatibility option was designed for STIG Viewer 2.x that
is able to open up checklists from STIG Viewer 1.2. *CAUTION* Once 
overwritten, the checklist will not be able to be opened in STIG 
Viewer 1.2 again.

Checklist->Create Checklist - Check Marked STIG(s)
-A new checklist will be created that consists of vulnerabilities from
the STIGs that are currently checked in the STIGs Panel. 


2015: Checklist Menu Options

The Checklist tab has three main menu items: File, Import, and Export.
The options under File deal with saving the current checklist. The 
Import item deals with importing XCCDF results files to the Checklist. 
Export provides options for exporting a checklist to a different format.

File->Save Checklist
-If the checklist already represents a checklist file saved to the system,
this option will save the current checklist to that file. Otherwise,
the option will open up a 'save as' menu that allows the user to 
save the checklist to a checklist file on the system.

File->Save Checklist As
-'Save Checklist As' allows the user to save the current checklist to
a file of his or her choosing on the system that is running STIG viewer.
The checklist file may be opened at a later time or on a different instance
of STIG Viewer 2.5 using the 'Open Checklist from File' option in the 
STIG Explorer tab.

Import->XCCDF Results File
-Import and apply an XCCDF Results file to the STIGs that were used
to create the checklist. XCCDF Results will be mapped to their 
corresponding STIG rules. If any XCCDF Results are imported that do not
have a matching rule in the Checklist, a window will pop-up and display
the offending rule ID's from the Results file. Supported XCCDF Result formats-
'HBSS ePO/PAA' and 'SPAWAR'.

Export->Gen. CMRS Import File
-Takes the information that has been inputted into the checklist and creates
a CMRS import file.

Export->Data Export(.csv)
-Takes the information that has been inputted into the checklist and creates
a comma separated values file to hold the data.


2020: Totals Panel

The totals panel provides an easy way to visualize the current status
of a system in regards to its compliance to a STIG. There are 4 tabs
in the Totals Panel that allow the user to receive quick summaries 
on system compliance based on rule severity. For each severity category
the status totals of each applicable result is listed. The center vuln list 
is updated based upon the tab selected. 

The Various Statuses

Open 
-The rule has been observed as non-compliant on the target system.

Not Reviewed 
-The rule received no results from the Results file and was not tested.

Not a Finding
-The rule has been observed as compliant on the target system.

Not Applicable
-The rule was determined to not apply due to the nature of the requirement with
consideration to the target system.

Each status is has its own color that is used by the pie chart and the center
vuln table which will update based upon any change made to the checklist 
entries' statuses. The counts for each tab additionally will update in 
response to the changing state of the checklist.


2030: Target Data Panel

The Target Data Panel holds information that is used by a CMRS Import File,
namely the Computing/Non-Computing selection, Host Name, IP Address, MAC
Address and Fully Qualified Domain Name text fields. These may be automatically
filled in when an XCCDF Results file is imported, but may also be changed
manually or by pressing the 'Get Host Data' button.

To note the role, choose one of the selection bubbles: Workstation, Member
Server, or Domain Controller. 

The 'Web or Database STIG' check box will spawn the two text fields for Site
and Instance input when the 'Web or Database STIG' check box is checked.


2035: STIGs Panel

This panel holds a list of the current STIGs displayed in the checklist. Much
like the other tables in STIG Viewer, the visible columns may be altered
by choosing options in the list produced by pressing the plus sign in the top
right corner of the table.

Selecting a STIG in this menu will change the current visible list to include
only vulnerabilities from the selected STIG.


2040: Technology Area Panel

The purpose of the Technology Area panel is pretty simple. It includes a drop-
down menu that allows the user to select the applicable 'Technology Area' for
the checklist.


2041: Filter Panel

The Checklist tab Filter Panel works just like the STIG Explorer Filter panel
discussed in section 1030.


2045: Vuln Table

The Center vuln table fulfills the same purpose as the center vuln table in the
STIG Explorer, but does a couple things extra. In addition to populating the 
panels in the right most quadrant, it has an additional status column that
states the current status of the rule. The text will also change to a 
corresponding color to the Status and Severity of the rule.

2050: General Information Panel

Much like a few things in the Checklist tab, the General Information Panel is 
very similar to its STIG Explorer counterpart, but with additional features.
The most notable of these features is the ability to change the status
and severity of individual or multiple rule(s) at the rule level.

In order to change the status of a rule the user needs to only select one 
of the choice bubbles of the status that is desired for the rule(s) selected.

Additionally to the ability to change the status of highlighted vulnerabilities 
via mouse, there are keyboard shortcuts that change status when pressed:

'r' for 'Not Reviewed'
'o' for 'Open'
'n' for 'Not a Finding'
'x' for 'Not Applicable'

In order to change the Severity, the user must select the Severity Override
choice box and choose the desired severity. This action will bring up a 
'justification' text input field that must be filled out in order to successfully
change the severity of the given rule. Severity may only be changed one rule
at a time.


2051: Vuln Information Panel

The Vuln Information Panel holds a sub-window that has a number of tabs based 
on the fields obtained from the STIGs selected for the Checklist. If a particular
field is not present in a STIG, the tab will not show up. 


2052: Finding Details and Comments Panels

The Finding Details and Comments Panels provide an area for user inputted
data. 
