Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Name

CIS Hardened Images® (AWS)

Product Version

STIG Hardened Images

Date

Dec 28, 2021



Problem

Info

The Benchmark version on the CIS Hardened Image Report does not match the version number of the Security Technical Implementation Guide (STIG) CIS Hardened Image (e.g., Hardened Image Report Benchmark v1.0.0.1/CIS Amazon Linux 2 STIG Benchmark v.2.0.0.2).

Solution

To account for the added STIG compliance, a manual check (Profile 3) is created for the STIG portion of CIS STIG Hardened Images.

Read the Exceptions.txt file to see the explanation - located in the /home/CIS_Hardened_Reports directory.

For example, an Exceptions.txt file for a STIG Hardened Images will state something similar to this:

“This image has been configured to pass consensus-based CIS Amazon Linux 2 Benchmark Level 1 and Level 2 profiles, which have been mapped to applicable Defense Information Systems Agency (DISA) Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) recommendations. A Level 3 profile has been created that includes additional requirements from the STIG that were not covered in the Level 1 and Level 2 profiles, and applicable requirements have been implemented in this image with Exceptions noted below.”

Therefore, the version differences that you are seeing are intentional and do not affect the quality of the image in any way.

Keywords; hardened image STIG

Content by Label

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel = "sbp_fer"

Copyright © 2020

Center for Internet Security®


Page Properties
hiddentrue

Action

Name(s)

Date

Linked ticket

https://cisecurity.atlassian.net/browse/SUPPORT-16962

Created by

Andrew Dannenberger

Reviewed by

Approved by

Remove by