RH415 - ch10s06

As the student user on the workstation machine, use the lab command to prepare your environment for this exercise, and to ensure that all required resources are available.

[student@workstation ~]$ lab start insights-running

Instructions

On the workstation machine, open a web browser and navigate to the Hybrid Cloud Console at https://console.redhat.com/insights/. Log in with your Red Hat account. Navigate to Security → Compliance → SCAP Policies.
Click Create new policy.
Select RHEL 9 as the operating system, and filter the policy types by using the server keyword in the Policy type search field.
Select the CIS Red Hat Enterprise Linux 9 Benchmark for Level 1 - Server policy and click Next.
Review the policy details and click Next.
Select the serverd.lab.example.com system to be added to this policy, and click Next.
Customize the policy for the environment's needs. Select the Sudo and Updating Software rules, and click Next.
Review your custom policy, and click Finish
On the serverd machine, install the SCAP Security Guide.
1. Log in to the serverd machine as the student user. No password is required.
```
[student@workstation ~]$ ssh student@serverd
[student@serverd ~]$
```
2. Use the sudo -i command to switch identity to the root user. Use student as the password.
```
[student@serverd ~]$ sudo -i
[sudo] password for student: student
[root@serverd ~]#
```
3. Install the scap-security-guide package, which provides the SCAP Security Guide.
```
[root@serverd ~]# dnf install scap-security-guide
...output omitted...
Complete!
```

Run the insights-client --compliance command.

[root@serverd ~]# insights-client --compliance
System uses SSG version 0.1.66
Saved tailoring file for xccdf_org.ssgproject.content_profile_cis_server_l1 to /var/tmp/oscap_tailoring_file-xccdf_org.ssgproject.content_profile_cis_server_l1.fruiolnu.xml
Running scan for xccdf_org.ssgproject.content_profile_cis_server_l1... this may take a while
Uploading Insights data.
Successfully uploaded report for serverd.lab.example.com.

Navigate to the Security → Compliance → Reports page to view the compliance reports.
Click the CIS Red Hat Enterprise Linux 9 Benchmark for Level 1 - Server policy to see the report details:
Click serverd.lab.example.com to see the report details for this server.

Finish

On the workstation machine, use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish insights-running

Discuss Red Hat Security: Linux in Physical, Virtual, and Cloud

Go to community

Welcome to the Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415) group!

Deanna

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Security: Linux in Physical, Virtual, and Cloud! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH415.Read more about Red Hat Security: Linux in Physical, Virtual, and Cloud here.

415

Revision: rh415-9.2-a821299