CIS: Windows Server 2022
This document provides information about the hotfix containing Windows Server 2022 Security Configuration Benchmark Version 1.0.0. This template contains implementation for 419 rules that that can be installed on TrueSight Server Automation 22.2.
Before you begin
Before you install this hotfix, ensure that you perform the following:
- Some policy settings require the installation of the SecGuide custom templates included with the STIG package. SecGuide.admx and SecGuide.adml (These files can be downloaded from Microsoft site) must be copied to the Target Machine at \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
- Some policy settings require the installation of the MSS-Legacy custom templates included with the STIG package. MSS-Legacy.admx and MSS-Legacy.adml (These files can be downloaded from Microsoft site) must be copied to the Target Machine at \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
- Save a backup of the extended_objects folder, which is at the following location on the file server:
<File_Server_Root>/extended_objects/
Step 1: Downloading and installing the files
Download the CIS_Template_and_EO package from the EPD location and extract its contents to a temporary location on the file server.
Step 2: Replacing the extended object scripts on the file server
- Navigate to the extended objects script files on your file server:
<File_Server_Root>/extended_objects/ - Replace the Extended Object script files on your file server, with the extracted Extended Object script files stored in the temporary location:
<temporary_location_on_file_server>/extended_objects/
- Navigate to the extended objects script files on your file server:
Step 3: Importing the Compliance Content
- Log on the Console.
- Right-click on Component Templates and click Import.
- Select the Import (Version-neutral) option.
- Select the updated CIS - Windows Server 2022.zip package from the temporary location.
- The CIS template for Windows server 2022 is available in the CIS - Windows Server 2022 zip package. To import the templates, select the CIS - Windows Server 2022 and click Next.
Ensure that you select the Update objects according to the imported package and Preserve template group path options and click Next.
Navigate to the last screen of the wizard and click Finish.
The templates are imported successfully.
Rules within the template
The template contains 419 rules.
The following are the details of the 272 rules provided in the zip package. It contains the following types of rules:
- Rules that check for compliance (audit) and provides remediation - 394
- Rules that check for compliance(audit) but do not provide remediation - 24
- Rules that do not check for compliance and do not provide remediation - 1
The following are the details of the rules that are divided into parts:
- Rules not divided into parts = 393
- Rules divided into two parts = (5 Rule (5 * 2) = 10
- Rules divided into 3 parts = (1 Rule (1*3))=3
- Rules divided into 5 parts (1 Rule (1*5))=5
So, the current rule count according to CIS Windows 2022 template after running the compliance job is 419.