Product:
BigFix Compliance
Title:
Updated CIS Checklist for Ubuntu 20.04 LTS Server with bug fixes.
Security Benchmark:
CIS Ubuntu Linux 20.04 LTS Benchmark, v1.1.0
Published Sites:
CIS Checklist for Ubuntu 20.04 LTS Server, site version 7
(The site version is provided for air-gap customers.)
Details:
- Fixed and Improved implementation for the following check:
5.5.5 - Ensure default user shell timeout is 900 seconds or less.
3.5.3.3.3 - Ensure ip6tables default deny firewall policy.
3.5.3.2.3 - Ensure iptables default deny firewall policy.
1.7.2 - Ensure local login warning banner is configured properly.
1.7.3 - Ensure remote login warning banner is configured properly.
1.7.4 - Ensure permissions on /etc/motd are configured.
5.3.9 - Ensure SSH HostbasedAuthentication is disabled.
5.3.20 - Ensure SSH AllowTcpForwarding is disabled.
5.3.8 - Ensure SSH IgnoreRhosts is enabled.
5.3.16 - Ensure SSH Idle Timeout Interval is configured.
Actions to take:
- To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product, and you must be using BigFix version 9.2 and later.
- If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://help.hcltechsw.com/bigfix/10.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html
More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
- BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance - BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists
We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team