What is the numbering convention for CIS Benchmarks?
Product Name
Benchmark
Product Version
All
Date/
Jan 27, 2021
Ā
Question
I am trying to determine if there is a standard number convention or standard that is used for benchmarks? Are numbers for each check based on the section number? Are numbers reused if a check is deprecated in future releases?
Answer
There is no standard numbering convention for Benchmarks. The section # and titles are created by the Benchmark developers. They are dependent on the system the Benchmark is for and are not the same across the board.
The recommendation numbers should be sequential. For example, if there are 15 recommendations for section 2, then those recommendations should be numbered sequentially 2.1, 2.2, 2.3ā¦. all the way to 2.15 If there is a skip in the recommendation # there is some kind of issue somewhere and a ticket should be raised in the related WorkBench Community.
If you would like to know why sections are named a certain way, you would have to ask that specific Benchmark Developer on the WorkBench community page that belongs to that Benchmark. You can do that by joining the community on WorkBench and raising a ticket or starting a discussion.
Recommendation numbers are reused if a check is deprecated in the future.
If you would like to know why a recommendation number has changed between Benchmark versions, please see the following support article - Why do recommendation numbers change in new Benchmark versions? - SBP Customer Facing Knowledge Base - Confluence
Ā
Here is a helpful way to think of recommendation numbers:
āIt's probably best not to think of that number as an identifier, but rather as a organizational indicator.Ā It only has meaning within the confines of a single benchmark version release.ā
Keywords - Benchmark numbering numbered # recommendation recommended
Ā