BigFix Compliance: Updated CIS Checklist for CentOS Linux 7, published 2020-11-02

Product:
BigFix Compliance

Title:
Updated CIS Checklist for CentOS Linux 7 with bug fixes.

Security Benchmarks:
CIS CentOS Linux 7 Benchmark, v3.0.0

Published Sites:
CIS Checklist for CentOS Linux 7, site version 21
(The site version is provided for air-gap customers.)

Details:
Fixed and improved implementation for the following checks:

  • Ensure ntp is configured
  • Ensure gpgcheck is globally activated
  • Ensure password hashing algorithm is SHA-512
  • Ensure permissions on all logfiles are configured
  • Ensure loopback traffic is configured (A)
  • Ensure loopback traffic is configured (B)
  • Ensure password creation requirements are configured
  • Ensure SSH MaxStartups is configured
  • Ensure SSH warning banner is configured
  • Ensure rsync is not installed or the rsyncd service is masked

Actions to take:

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:

We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team

1 Like