nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

CIS Benchmarks

stryder144

Holy moly, folks! I downloaded quite a few of the CIS Benchmarks and started to look through them. I opened the first one, for Windows 10 Enterprise, and nearly choked on my meal...931 pages long! If you've ever read through one of their benchmark documents, you know they don't have a lot of fluff. To say the least, with our upcoming adoption of Windows 10 Enterprise at work, we have our work cut out for us.

Thankfully when I opened the Ubuntu 16.04 LTS I saw that it is a more manageable 297 pages long. I guess I will be spending some time working through the Ubuntu document as it is my go-to OS.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

markulous

Yeah, those things are pretty verbose with all the group policies that they cover. Good docs though.

E Double U

I used to go through the CIS benchmarks for our Cisco equipment at my previous job. I definitely made sure I had some free time put aside for

636-555-3226

If you join CIS as a member you can download a pre-compiled GPO with all of the settings baked-in. It's all in one massive GPO, but it's ready to apply, if you've got the money. If you don't have the money, tell your work that they're paying you ?$25? an hour and it's going to take 200 hours to set it all up yourself vs paying less money to buy a 1-year membership with the settings all ready to go.

markulous

636-555-3226 wrote: »

If you join CIS as a member you can download a pre-compiled GPO with all of the settings baked-in. It's all in one massive GPO, but it's ready to apply, if you've got the money. If you don't have the money, tell your work that they're paying you ?$25? an hour and it's going to take 200 hours to set it all up yourself vs paying less money to buy a 1-year membership with the settings all ready to go.

Sounds great in theory, but 100% compliance with CIS standards isn't feasible for a lot of environments.

TacoRocket

Also one thing to focus on the CIS benchmark is that they have levels. Level 1 is stuff for people who don't have full experience with the subject they are working with. Level 2 will need people who understand how the subject (network devices, desktop, server) works.

I would break it down and proceed by level first. Then its easier to take on the 931 page PDF.

alias454

Also, you can utilize their CIS CAT tool to run reports of specific benchmarks. You can request to get a time limited demo.