Publisher Summary This chapter provides an understanding of the security standards and demonstrates how the Nessus 3 can be used to help monitor and ensure compliance within an organization. Nessus 3 is the latest version of the popular Nessus software to be released to the public. It is a complete rewrite of the original code and provides dramatic improvements in the areas of effectiveness, efficiency, and speed. Tenable Network Security has increased the value of the product by including a number of sample configuration files that are available to registered users of their Direct Feed or Security Center products. Nessus 3 can be used to check compliance against any known regulation or requirements. This includes FERPA, HIPAA, NIST, CIS, Sarbanes-Oxley, and NERC. The compliance checks used within Nessus are completely dependent on the statements placed in the audit file. Audit files are text based configuration files that tell Nessus 3 what to check for. Nessus 3 audits can be performed against the target host's configuration, or against content in the files on the host. Current audit file types include Unix, Windows, and WindowsFiles.