BigFix Compliance: Updated CIS Checklist for CentOS Linux 7, published 2019-10-28

Product:
BigFix Compliance

Title:
Updated CIS Checklist for CentOS Linux 7 with few bug fixes.

Security Benchmarks:
CIS CentOS Linux 7 Benchmark, v2.1.1

Published Sites:
CIS checklist for CentOS Linux 7, site version 9
(The site version is provided for air-gap customers.)

Details:
Fixed and improved implementation for the following checks:

• Ensure nodev option set on /tmp partition
• Ensure noexec option set on /tmp partition
• Ensure nosuid option set on /tmp partition
• Ensure nosuid option set on /var/tmp partition
• Ensure nodev option set on /var/tmp partition
• Ensure noexec option set on /var/tmp partition
• Ensure nodev option set on /home partition

Actions to take:
• To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.

• If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:

• Developer Works:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20Checklists
• BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance

We hope you find this latest release of SCM content useful and effective. Thank you!

– The BigFix Compliance team