Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »


Product Name

CIS Hardened Images® (AWS)

Product Version

STIG Hardened Images

Date

Dec 28, 2021



Problem

The Benchmark version on the CIS Hardened Image Report does not match the version number of the Security Technical Implementation Guide (STIG) CIS Hardened Image (e.g., Hardened Image Report Benchmark v1.0.0.1/CIS Amazon Linux 2 STIG Benchmark v.2.0.0.2).

Solution

To account for the added STIG compliance, a manual check (Profile 3) is created for the STIG portion of CIS STIG Hardened Images.

Read the Exceptions.txt file to see the explanation - located in the /home/CIS_Hardened_Reports directory.

For example, an Exceptions.txt file for a STIG Hardened Images will state something similar to this:

“This image has been configured to pass consensus-based CIS Amazon Linux 2 Benchmark Level 1 and Level 2 profiles, which have been mapped to applicable Defense Information Systems Agency (DISA) Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) recommendations. A Level 3 profile has been created that includes additional requirements from the STIG that were not covered in the Level 1 and Level 2 profiles, and applicable requirements have been implemented in this image with Exceptions noted below.”

Therefore, the version differences that you are seeing are intentional and do not affect the quality of the image in any way.

Keywords; hardened image STIG

Content by Label


Copyright © 2020

Center for Internet Security®


  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.