Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Product Name

CIS Benchmarks

Product Version

All

Date

Problem

I would like the assessor to skip a check during an assessment,

Solution

To skip a check, the benchmark you are running must be tailored/customized.

To customize a benchmark follow the steps below:

1.) Find a CIS published benchmark within WorkBench. Either using the "Benchmarks" navigation link or within a given community.

2.) Click the Fork link of the left-sidebar.

3.) A modal will appear asking if you would like to customize the benchmark metadata before forking. This can easily be done after the fork completes as well.

  • Choosing customize will display the edit benchmark form, once submitted successfully, you'll be redirected to the forked benchmark.

  • Choosing just fork will take you to the forked benchmark.

4.) Depending on the size of the Benchmark, the resulting page may have a progress bar indicating the progress of the background job that is creating the fork. Once complete it will refresh the page on your new forked Benchmark.

5.) To run the assessment in CISCAT you will need to download the XCCF and OVAL files and copy them to your CISCAT benchmarks/ folder.

Instructional video on how to customize a Benchmark: https://cisecurity.wistia.com/medias/oe666d764r

There is more detail on Benchmark Customization here: https://workbench.cisecurity.org/support-center/pages/cis-benchmark-customization

Only certain benchmarks are available for customization. Currently (July 2019) the ONLY published Benchmarks that support being customized / tailored, modifying recommendation artifacts, and exporting XCCDF and OVAL for use by CIS-CAT are the following:

  • CIS Microsoft Windows 10 Enterprise Release 1709 Benchmark v1.4.0

  • CIS Microsoft Windows 10 Enterprise Release 1803 Benchmark v1.5.0

  • CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark v1.1.0

  • CIS Microsoft IIS 10 Benchmark v1.1.0

  • CIS Amazon Linux 2 Benchmark v1.0.0

  • CIS Debian Linux 9 Benchmark v1.0.0

  • CIS Debian Linux 8 Benchmark v2.0.0

  • CIS RHEL 7 Benchmark v2.2.0.1

  • CIS CentOS 7 v2.2.0

 

Newer versions of these Benchmarks may work. An updated list is coming soon.

Keywords - skip check recommendation assessment customize tailor fork

Copyright © 2020

Center for Internet Security®

Privacy Policy

  • No labels