How to skip a check when running an CIS-CAT Pro assessment
Product Name
CIS Benchmarks
Product Version
All
Date
Jan 27, 2021
Problem
I would like the assessor to skip a check during an assessment.
Solution
To skip a check, the benchmark you are running must be tailored/customized.
To customize a benchmark follow the steps below:
1.) Find a CIS published benchmark within WorkBench. Either using the "Benchmarks" navigation link or within a given community.
2.) Click the Fork button in the top menu bar.
3.) A modal will appear asking if you would like to customize the benchmark metadata before forking. This can easily be done after the fork completes as well.
Choosing customize will display the edit benchmark form, once submitted successfully, you'll be redirected to the forked benchmark.
Choosing just fork will take you to the forked benchmark.
4.) Depending on the size of the Benchmark, the resulting page may have a progress bar indicating the progress of the background job that is creating the fork. Once complete it will refresh the page on your new forked Benchmark.
5.) In the left frame select the recommendation you want to skip
Click Edit in the top menu
Change the Assessment Status option from Automated to Manual
Click Submit
6.) To run the Tailored Benchmark assessment in CIS-CAT Pro Assessor;
Click on Export in the top menu
Select XCCDF + OVAL
Download and unzip the files to you CIS-CAT Assessor Benchmarks folder
Run the assessment
There is more detail on Benchmark Customization as well as an instructional video here: https://workbench.cisecurity.org/support-center/pages/cis-benchmark-customization
Only certain benchmarks are available for customization. The list of supported tailoring benchmarks can be found here: https://workbench.cisecurity.org/support-center/pages/supported-tailoring-benchmarks
*You must be logged into WorkBench to view these pages*
Keywords - skip check recommendation assessment customize tailor fork