Scripted deployment of server hardening

We have spent some time exploring the CIS Benchmarks and how they are intended to be worked with. Now, let us turn our attention to more practical matters—how to audit them and how to implement them. In this book, we have focused on Ansible as our chosen tool for automating such tasks, and indeed Ansible is an excellent solution for this purpose. With that said, of course, you will have noticed that the examples in the CIS Benchmark document itself are often shell commands or, in some cases, are simply statements regarding configuration lines that should exist (or not exist) in a given file.

In order to clearly explain the auditing and implementation of the CIS Benchmark on a Linux system, I have split ...

Get Hands-On Enterprise Automation on Linux now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.