<xsd:element name="passwordpolicy_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>Test specific policy associated with passwords. Information is stored in the SAM or Active Directory but is encrypted or hidden so the registry_test and activedirectory_test are of no use. If this can be figured out, then the password_policy test is not needed.</xsd:documentation>
<xsd:appinfo>
<test_name>Password Policy Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, data</valid_sections>
<example>
<passwordpolicy_test id="wdt-0" check="all" comment="specific password policies are set" xmlns="http://oval.mitre.org/XMLSchema/oval#windows">
<oval:notes xmlns:oval="http://oval.mitre.org/XMLSchema/oval">
<oval:note>This is an example test written under version 4 of the OVAL schema. It is meant to give a short overview of the test and might not contain every possible child element.</oval:note>
</oval:notes>
<data operation="AND">
<max_passwd_age datatype="int">-1</max_passwd_age>
<min_passwd_age datatype="int">3600</min_passwd_age>
<min_passwd_len datatype="int">8</min_passwd_len>
<password_hist_len datatype="int">5</password_hist_len>
</data>
</passwordpolicy_test>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="max_passwd_age" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies, in seconds, the maximum allowable password age. A value of TIMEQ_FOREVER (-1) indicates that the password never expires. The minimum valid value for this element is ONE_DAY (86400).</xsd:documentation>
<xsd:appinfo>
<parent_test>Password Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="min_passwd_age" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the minimum number of seconds that can elapse between the time a password changes and when it can be changed again. A value of zero indicates that no delay is required between password updates.</xsd:documentation>
<xsd:appinfo>
<parent_test>Password Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="min_passwd_len" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the minimum allowable password length. Valid values for this element are zero through PWLEN.</xsd:documentation>
<xsd:appinfo>
<parent_test>Password Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="password_hist_len" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the length of password history maintained. A new password cannot match any of the previous usrmod0_password_hist_len passwords. Valid values for this element are zero through DEF_MAX_PWHIST.</xsd:documentation>
<xsd:appinfo>
<parent_test>Password Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="password_complexity" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A boolean value that signifies whether passwords must meet the complexity requirements put forth by the operating system.</xsd:documentation>
<xsd:appinfo>
<parent_test>Password Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="reversible_encryption" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Determines whether Windows 2000 Server, Windows 2000 Professional, and Windows XP Professional store passwords using reversible encryption.</xsd:documentation>
<xsd:appinfo>
<parent_test>Password Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
