SUMMARY To create Center for Internet Security compliance scans, you must configure benchmark
profiles. You use CIS compliance scans to test for Windows and Red Hat Enterprise Linux CIS
benchmark compliance.
- Click the Vulnerabilities tab.
- In the navigation pane, click .
- On the toolbar, click Add Benchmark.
- If you want to use pre-defined centralized credentials, select the Use Centralized
Credentials checkbox .
Credentials that are used to scan Linux operating systems must have root privileges. Credentials
that are used to scan Windows operating systems must have administrator
privileges.
-
If you are not using dynamic scanning, select a JSA Vulnerability Manager
scanner from the Scan Server list.
- To enable dynamic scanning, click the Dynamic server selection
checkbox.
If you configured domains in the Domain Management window in the
Admin tab, you can select a domain from the Domain
list. Only assets within the CIDR ranges and domains that are configured for your scanners are
scanned.
- In the When To Scan tab, set the
run schedule, scan start time, and any pre-defined operational windows.
- In the Email tab, define what information
to send about this scan and to whom to send it.
- If you are not using centralized credentials, add the credentials
that the scan requires in the Additional Credentials tab.
Credentials that are used to scan Linux operating systems must have root privileges. Credentials
that are used to scan Windows operating systems must have administrator
privileges.
- Click Save.