Get full access to Hands-On Enterprise Automation on Linux and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

Scripted deployment of server hardening

We have spent some time exploring the CIS Benchmarks and how they are intended to be worked with. Now, let us turn our attention to more practical matters—how to audit them and how to implement them. In this book, we have focused on Ansible as our chosen tool for automating such tasks, and indeed Ansible is an excellent solution for this purpose. With that said, of course, you will have noticed that the examples in the CIS Benchmark document itself are often shell commands or, in some cases, are simply statements regarding configuration lines that should exist (or not exist) in a given file.

In order to clearly explain the auditing and implementation of the CIS Benchmark on a Linux system, I have split ...

Get Hands-On Enterprise Automation on Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now