The following scans were performed on a default installation of the noted Operating System with the SIMP Enterprise profile enforced.
OS | EE Profile | Scan Type | Benchmark Version | Pass | Fail | Total % | Certification Status |
---|---|---|---|---|---|---|---|
Red Hat 7 | cis:level:1:server | Level 1 - Server | 3.0.1 | 263 | 10 | 96% | Pending |
Red Hat 7 | cis:level:2:server | Level 2 - Server | 3.0.1 | 307 | 12 | 96% | Pending |
CentOS 7 | cis:level:1:server | Level 1 - Server | 3.0.0 | 263 | 12 | 96% | Pending |
CentOS 7 | cis:level:2:server | Level 2 - Server | 3.0.0 | 200 | 19 | 91% | Pending |
Oracle Linux 7 | cis:level:1:server | Level 1 - Server | 3.0.0 | 273 | 12 | 96% | Pending |
Oracle Linux 7 | cis:level:2:server | Level 2 - Server | 3.0.0 | 326 | 16 | 95% | Pending |
Red Hat 8 | cis:level:1:server | Level 1 - Server | 1.0.0.1 | 275 | 13 | 95% | Pending |
Red Hat 8 | cis:level:2:server | Level 2 - Server | 1.0.0.1 | 331 | 17 | 95% | Pending |
CentOS 8 | cis:level:1:server | Level 1 - Server | 1.0.0.1 | 273 | 15 | 95% | Pending |
CentOS 8 | cis:level:2:server | Level 2 - Server | 1.0.0.1 | 328 | 19 | 95% | Pending |
Oracle Linux 8 | cis:level:1:server | Level 1 - Server | 1.0.0.1 | 276 | 15 | 95% | Pending |
Oracle Linux 8 | cis:level:2:server | Level 2 - Server | 1.0.0.1 | 334 | 19 | 95% | Pending |
The following report details the status of each CIS recommendation in the SIMP EE compliance data.
Paper policy
controls refer to organizational policy requirements and cannot be reasonably enforced by SIMP at this time.Mapped
controls have enforcement and reporting support.Unmapped
controls are not supported at this time. A reason for the lack of support is provided for each unmapped control.OS | Unmapped Controls | Paper Policy | Mapped | Total |
---|---|---|---|---|
Red Hat 7 | 16 (6%) | 231 (93%) | 247 | |
CentOS 7 | 14 (5%) | 231 (94%) | 245 | |
Oracle Linux 7 | 14 (5%) | 231 (94%) | 245 | |
CentOS 8 | 12 (5%) | 220 (94%) | 232 | |
Red Hat 8 | 14 (5%) | 220 (94%) | 234 | |
Oracle Linux 8 | 12 (5%) | 220 (94%) | 232 |
The following controls require administrative documentation:
The following controls are mapped:
svckill::mode: enforcing
for full compliance. This is not enabled globally for safety reasons.svckill::mode: enforcing
for full compliance. This is not enabled globally for safety reasons.svckill::mode: enforcing
for full compliance. This is not enabled globally for safety reasons.