linux:compliance_cis
This is an old revision of the document!
Redhat compliance CIS
Install the package scap-security-guide to check compliance and remediation
Check
Get more information on the profile related to CIS, using the profile id (visible after the Title in the ssg-rhel8-ds.xml file): xccdf_org.ssgproject.content_profile_cis
oscap info --profile xccdf_org.ssgproject.content_profile_cis /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
Generate a result file and a html report using OpenSCAP scanner tool, CIS Benchmark version 1.0.0
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis --results scan_results.xml --report scan_report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
Remediation
/usr/share/scap-security-guide/ansible/ /usr/share/scap-security-guide/bash/ /usr/share/scap-security-guide/kickstart/
linux/compliance_cis.1726780417.txt.gz · Last modified: 2024/09/19 23:13 by manu
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
