Product Name
CIS Hardened Images® (AWS)
Product Version
STIG Hardened Images
Date
Dec 28, 2021
Problem
The Benchmark version on the CIS Hardened Image Report does not match the version number of the Security Technical Implementation Guide (STIG) CIS Hardened Image (e.g., Hardened Image Report Benchmark v1.0.0.1/CIS Amazon Linux 2 STIG Benchmark v.2.0.0.2).
Solution
To account for the added STIG compliance, a manual check (Profile 3) is created for the STIG portion of CIS STIG Hardened Images.
Read the Exceptions.txt file to see the explanation - located in the /home/CIS_Hardened_Reports directory.
For example, an Exceptions.txt file for a STIG Hardened Images will state something similar to this:
“This image has been configured to pass consensus-based CIS Amazon Linux 2 Benchmark Level 1 and Level 2 profiles, which have been mapped to applicable Defense Information Systems Agency (DISA) Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) recommendations. A Level 3 profile has been created that includes additional requirements from the STIG that were not covered in the Level 1 and Level 2 profiles, and applicable requirements have been implemented in this image with Exceptions noted below.”
Therefore, the version differences that you are seeing are intentional and do not affect the quality of the image in any way.
0 Comments