Systems Hardening with CIS Standards

From "What are CIS Benchmarks" (accessed by Benjamin Hobbs on 7/12/2023)

• CIS Benchmarks are a collection of best practices for securely configuring IT systems, software, networks, and cloud infrastructure. They were published by the Center for Internet Security (CIS). Currently, there are more than 140 in total over seven core technology categories.

7 Core Categories of CIS Benchmarks

1. Operating Systems Benchmarks

2. Server software benchmarks

3. Cloud Provider benchmarks

4. Mobile Device Benchmarks

5. Network Device Benchmarks

6. Desktop Software Benchmarks

7. Multi-function Print Device Benchmarks

CIS Benchmarks questions for Understanding

1. What are three benefits of following CIS Benchmarks?

   • The Collective Global Expertise of IT and Cybersecurity Professionals
   • Compliance Management Consistency
   • Regularly updated, step-by-step guidance for securing every area of the IT infrastructure

2. What are the seven core categories of CIS Benchmarks?

   • Operating Systems Benchmarks
   • Server software benchmarks
   • Cloud Provider benchmarks
   • Mobile Device Benchmarks
   • Network Device Benchmarks
   • Desktop Software Benchmarks
   • Multi-function Print Device Benchmarks

3. How would you convince your manager that applying CIS Benchmarks could fast-track your organization’s compliance?

   • Not only are the benchmarks created by global professionals...not only are they up-to-date AND detailed step-by-step...BUT they ALSO are consistent across compliance standards so they are widely accepted no matter the framework.

What more do I want to know?

Additional Materials

The below resources are not a part of this reading assignment but will enrich your understanding of the topic.

Bookmark and Review

• Center for Internet Security (CIS)
• Basics of the CIS Hardening Guidelines
• Case Study: How CIS Controls Can Limit the Cascading Failures During an Attack