CIS: Ubuntu Linux Enterprise Server 22.04

The Center for Internet Security (CIS) template for Ubuntu Linux Enterprise Server 22.04, Version 1.0.0 was published on August 30, 2022. This template contains implementation for 333 rules that can be installed on TrueSight Server Automation 20.x or later.

  • The existing customized template is renamed before you import the new one (by performing the steps given below).

Before you begin

Before you import this template, make sure that the following requirements are met:

  • Rename any existing customized template before you import the latest template.
  • Back up the extended_objects   folder located in the  <APPRSERVER_INSTALL_DIR>/share/sensors  directory on all the Application Servers in a multiple Application Server environment. This folder contains the extended object scripts.

Step 1: Download the files

  1. Access the following EPD link and click the TSSA 23.4.00 CIS Updates for Ubuntu22_04 1.0.0 link to download the  CIS - Ubuntu Linux Enterprise Server 22.04  package:
    You must log in or register to view this page
  2. Expand to view the checksum-related information

    Verify the downloaded content by using checksums:

    S.No

    File Name

    MD5SUM

    1

    CIS - Ubuntu Linux Enterprise Server 22.04.zip

    97fd129b49b6f852b2093cd47d01149c

    2

    ExtendedObjects.zip

    222ada061fd7ed244cd2f4e7dbce2034

  3. Extract the contents of the ExtendedObjects .zip file to a temporary directory and copy the extracted files to the existing <APPRSERVER_INSTALL_DIR>/share/sensors directory on all the Application Servers.
  4. Move the CIS - Ubuntu Linux Enterprise Server 22.04.zip file to the server where the TrueSight Server Automation console is installed.

Step 2: Import the compliance content

  1. Log in to the TrueSight Server Automation console.
  2. Right-click Component Templates and select Import.
    image-2024-4-22_17-42-39-1.png
  3. Select the Import (Version-neutral) option and click OK.
    image-2024-4-22_17-43-23-1.png

  4. Select the CIS - Ubuntu Linux Enterprise Server 22.04.zip package from the temporary location and click Next.
    The CIS template for CIS - Ubuntu Linux Enterprise Server 22.04 is available in the CIS - Ubuntu Linux Enterprise Server 22.04.zip  package.

    image-2024-4-22_17-45-10-1.png

  5. Select the Update objects according to the imported package and Preserve template group path options, and click Next.
    image-2024-4-22_17-45-59-1.png
  6. Navigate to the last screen of the wizard and then click Finish.
    image-2024-4-22_17-46-26-1.png

  7. After the template is imported successfully, Click OK.
    The imported template is displayed under CIS Compliance Content  >  CIS.
    image-2024-4-22_17-46-58-1.png

    Important

    • After you have sucessfully imported the template, check the default values for the template's local and global properties and make sure that they meet the organization standards.
    • Be sure to assign a value to the PROFILE_NAME property; otherwise, local will be used as the default value.

Rules within the template

The 333 rules provided in the zip package contain the following types of rules:

  • Rules that check for compliance (audit) and provide remediation—256
  • Rules that check for compliance (audit) but do not provide remediation—57
  • Rules that do not check for compliance and do not provide remediation—20

The following are the details of the rules that are divided into parts:

  • Rules not divided into parts = 253
  • Rules divided into two parts (16 Rules) so (16 * 2) = 32
  • Rules divided into three parts (7 Rules) so (7 * 3) = 21
  • Rules divided into four parts (1 Rule) so (1 * 4) = 4
  • Rules divided into five parts (1 Rule) so (1 * 5) = 5
  • Rules divided into six parts (3 Rules) so (3 * 6) = 18

The current rule count according to CIS - Ubuntu Linux Enterprise Server 22.04 template after running the compliance job is 333 (253+32+21+4+5+18).

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*