CIS Level 1 Guidelines
- Support Red Hat Enterprise Linux 9 and,
- Ubuntu 22.04, 24.04 Pro
Red Hat
Install OpenSCAP
yum install openscap-scanner scap-security-guideGenerate a result file and a HTML report using OpenSCAP scanner tool
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis_server_l1 --results scan_results.xml --report scan_report.html /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xmlRemediation of CIS Level 1 issues
Generate a remediation script based on the ssg-rhel9-ds.xml file:
oscap xccdf generate fix --profile xccdf_org.ssgproject.content_profile_cis_server_l1 --fix-type bash --output remediations.sh /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xmlAnd execute remediation script.
./remediations.shReview the results after remediation
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis_server_l1 --results scan_results.xml --report scan_report.html /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml
Ubuntu Pro
Install the UA client
sudo apt install ubuntu-advantage-toolsSet up the Ubuntu Security Guide
sudo ua enable usg && sudo apt install usgAuditing an Ubuntu System for DISA-STIG compliance
sudo usg audit cis_level1_serverApplying the CIS rules to a set of systems
sudo usg fix cis_level1_server
Was this page helpful?
On This Page
CIS Level 1 GuidelinesRed HatInstall OpenSCAPGenerate a result file and a HTML report using OpenSCAP scanner toolRemediation of CIS Level 1 issuesReview the results after remediationUbuntu ProInstall the UA clientSet up the Ubuntu Security GuideAuditing an Ubuntu System for DISA-STIG complianceApplying the CIS rules to a set of systems