Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Name

CIS-CAT Pro Assessor v4

Product Version

v4.X

Date

02



Overview

This guide shows how to perform a remote Linux scanning environment for CIS-CAT Pro Assessor from a Linux system.

Requirements

  • CIS-CAT Pro Assessor (CLI version without GUI)

  • Installation of OpenSSH server and client software

  • SSH access to the server (normally port 22)

  • A user with sudo privileges

Implementation Steps

  1. Navigate to the /Assessor/config directory.

  2. Open the sessions.properties file using the text editor of your choice and go to the “Sample Remote Linux Connection” section. Uncomment the lines, as seen below in the screenshot, and input the values to connect to the remote target:

  1. Save the file.

Info

For details on the configuration properties for sessions.properties, please see the following section from Assessor's Configuration Guide: https://ccpa-docs.readthedocs.io/en/latest/Configuration%20Guide/#linux-sessions.

4. Navigate back to the /Assessor directory.

5. Run the following command (note that the Benchmark will depend on the target system):

>sudo ./Assessor-CLI.sh -b benchmarks/CIS_Ubuntu_Linux_22.04_LTS_Benchmark_v1.0.0-xccdf.xml -html

Note

The xccdf.xml file of the Benchmark must be used.

Info

CIS-CAT Pro Assessor will automatically use a sessions file if configured.

  1. You will be prompted to enter the password for the target system and the scan will start (output truncated):

  1. Once the scan is complete, you will see an “Assessment Results Summary” along with the location of the generated HTML report:

  1. The /reports directory will contain the ARF.xml and HTML reports:

Keywords; Linux remote scanning quick start guide assessor

Content by Label

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel = "sbp_fer"

Copyright © 2020

Center for Internet Security®


Page Properties
hiddentrue

Action

Name(s)

Date

Linked ticket

Created by

Reviewed by

Approved by

Remove by