BigFix Compliance: Updated CIS Checklist for RHEL 7, Centos Linux 7 published 2020-07-31

BigFix Compliance

Updated CIS Red Hat Enterprise Linux 7, Centos Linux 7 Benchmark with bugfixes.

Security Benchmarks:
CIS Red Hat Enterprise Linux 7 Benchmark, v2.2.0
CIS Centos Linux 7 Benchmark, v2.2.0

Published Sites:
CIS Checklist for RHEL 7 site version 28
CIS Checklist for Centos 7 site version 18
(The site version is provided for air-gap customers.)

Fixed and improved implementation for the following checks:

  • Ensure wireless interfaces are disabled
  • Ensure authentication required for single user_mode
  • Ensure NFS and RPC are not enabled
  • Ensure firewall rules exist for all open ports
  • Ensure access to the su command is restricted
  • Ensure mail transfer agent is configured for local-only mode

Actions to take:
To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.
If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resource:
BigFix Forum:

BigFix Compliance SCM Checklists:
We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team