Product Name
CIS Hardened Images® (AWS)
Product Version
All
Date
Problem
I am having issues with my HI due to the CIS security recommendations in place.
Solution
Reviewing the content within the corresponding Benchmark PDF is imperative for an overall successful application of the Build Kit, as there may be some settings that your organization needs to exempt itself from, due to unique operational requirements. Applying the Build Kit to a system without proper testing and review may result in a negative impact within your environment. It is acceptable if 100% of the benchmark is not applied, as it is the responsibility and decision of each organization to determine which settings are applicable to their unique needs. Please make note that you will need to make adjustments for use with Cloud and Standalone versions of Windows. The Windows Workstation Benchmarks and Build Kits are made for domain joined systems and not stand-alone/cloud systems.
If you have not done so, please read through the BuildKit README included with your Build Kit.
To find the specific recommendations that are causing the issue you will need to go through the Benchmark, search key words and read the impact statements of the relating recommendations
Search through the benchmark for the remediation that is causing the impact.
Through searching keywords, you should find which recommendations are causing the issue and then reverse the remediation directions to turn the recommendation off.
For example, if you are using Windows 2016 Server and you are having an issue with the RDP configuration, you should:
Login to CIS WorkBench - https://workbench.cisecurity.org/
Go to Benchmarks on the top Navigation bar
Search for Windows Server 2016
Download the PDF version of the Benchmark
Search for the word ‘RDP’ or other related words such as 'remote connection' using ctr+f
Go to the recommendations related to RDP and remote connections
Recommendation
18.9.59.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL' (Automated)
Relates to RDP.Read the recommendation
Under the Remediation section, there is an explanation of how to enable or disable the recommendation.
Rinse and repeat for each issue you are having.
Add Comment