Versions Compared

Old Version 2

changes.mady.by.user Amanda McGown

Saved on

compared with

New Version Current

changes.mady.by.user Andrew Dannenberger

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Name

CIS-CAT Pro Assessor v4

Product Version

v4.x.x+

Date

Requirements

  • Download your CIS-CAT license zip file from CIS WorkBench. If you are not sure where to get your license file, see this SecureSuite License page for CIS-CAT Pro Assessor.

  • A network file share (e.g., NFS, Samba) installed and target systems mounted.

  • Administrator access to your CIS-CAT host server.

  • CIS-CAT centralized workflow requires Java versions 8 or 11, which is included in the “with Java” download of Assessor v4 under the \jre folder.

Warning

If you are using NFS, ensure that port 2049 is open. If you are using Samba, ensure that port 445 is open.

Implementation Steps

  1. Create a /cis root folder on the network file share location

  2. Copy the latest CIS-CAT Pro Assessor v4 bundle to /cis and extract. The structure should look like the following: /cis/Assessor

  3. Decide where assessment reports should output to and select the appropriate script to use cis-cat-centralized.sh or cis-cat-centralized-ccpd.sh

  4. Locate the required scripts in the /cis/Assessor/misc/Unix-Linux folder of the CIS-CAT Pro Assessor v4 bundle: cis-cat-centralized.sh OR cis-cat-centralized-ccpd.sh

Info

There are some parameters in the centralized script files that users can customize, such as default Benchmarks and Profile levels. Please see the “Customize the Default Benchmark and Profiles” section of the Centralized Unix/Linux setup in the CIS-CAT Pro Assessor Configuration Guide.

  1. Run the centralized script with the following command: sudo ./cis-cat-centralized.sh

Note

You may first have to run the chmod +x command to make the script executable.

Note

The following error can sometimes occur when attempting the first run of the script: java.lang.NullPointerException: Cannot invoke method tokenize on null object

This occurs because virtual CD/DVD disks are still mounted. Eject/unmount those disks and the scan should proceed uninterrupted. Please see the How to fix NullPointerException Knowledge Base article for more details.

  1. Once the scan completes, the reports location will be shown and the script will exit.

Keywords; CIS-CAT Pro Assessor Linux centralized scan quick start guide

Content by Label

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel = "sbp_fer"

Copyright © 2024

Center for Internet Security®

Privacy Policy

Page Properties
hiddentrue

Action

Name(s)

Date

Linked ticket

Created by

Andrew Dannenberger

Reviewed by

SBP Product Technical Support Team (Amanda McGown Allan Cornwell Amar Malik (Unlicensed) Andrew Dannenberger Chris Boldiston Nick Romanzo Parami Swenson)

Approved by

Amanda McGown

Remove by