To perform a CIS Benchmark, do as follows:
- Login to Security Center.
- Click Scan network in the main menu.
- Click Scan profiles.
- Click +Create scan profile > Policy scan profile.
- Under General Information, name your scan profile.
- Click Policy and choose the template that matches your OS.
- Here you will find the CIS Security Software Certification for CIS Benchmark.
- After a policy scan is completed with any of the choices above you open the “Scan Network” tab and choose the download button on the far right with the results:
- Under the headline Authentication you can add a new authentication record or choose an existing one for Windows and Linux/Unix. Notice that you can only have one authentication record per profile and operating system.
- Linux/Unix authentication record
Authentication information
The authentication information will be the name you type in.
Name
Select a name.
Port
Type in if you want to use a certain port for your authentication, otherwise, the standard port 22 will be used.
Choose if you want to authenticate with either username and password or by using a private key, type in your credentials, and you are done. - Windows authentication record
Authentication information
The authentication information will be the name you type in.
Name
Select a name.
Type in the credentials you would like to use for your authenticated scan.
Read this for more information regarding authenticated network scans:
https://support.holmsecurity.com/hc/en-us/articles/360019811432-How-does-authenticated-networks-scans-work-
- Linux/Unix authentication record
- Click OK.
- Done!
For more information regarding Holm & CIS, please visit:
https://www.cisecurity.org/partner/holm-security (external link)
0 Comments