WOLF//SEC
← All Labs
LAB 4.4-B Tier 1: In-Browser Obj 4.4 · intermediate · ~15min

SCAP & Benchmark Auditor

Audit real-world system configurations against CISCenter for Internet Security — Publishes CIS Controls and Benchmarks Benchmarks. You’ll review configuration dumps from Linux and Windows servers, flag non-compliant settings, and select the correct remediation for each finding. The lab also covers core SCAPSecurity Content Automation Protocol — Standards for automated vulnerability management components — XCCDFExtensible Configuration Checklist Description Format — Language for security checklists, OVALOpen Vulnerability and Assessment Language — Language for describing system configuration states, and CCE — that the exam expects you to recognize.

What You’ll Practice

  • Identifying non-compliant system configurations against CISCenter for Internet Security — Publishes CIS Controls and Benchmarks Benchmark standards
  • Mapping configuration findings to specific CISCenter for Internet Security — Publishes CIS Controls and Benchmarks control IDs
  • Selecting correct remediation commands for hardening Linux and Windows systems
  • Recognizing SCAPSecurity Content Automation Protocol — Standards for automated vulnerability management framework components (XCCDFExtensible Configuration Checklist Description Format — Language for security checklists, OVALOpen Vulnerability and Assessment Language — Language for describing system configuration states, CCE) and their roles

How the Exam Tests This

Objective 4.4 (Security Alerting and Monitoring) covers tools and frameworks used to assess and maintain security posture. The exam expects you to understand how SCAPSecurity Content Automation Protocol — Standards for automated vulnerability management automates compliance checks, what CISCenter for Internet Security — Publishes CIS Controls and Benchmarks Benchmarks prescribe for common OSOperating System — System software managing hardware and applications configurations, and the difference between XCCDFExtensible Configuration Checklist Description Format — Language for security checklists (checklist structure), OVALOpen Vulnerability and Assessment Language — Language for describing system configuration states (system test definitions), and CCE (configuration enumeration). Questions may present a system configuration and ask whether it meets a hardening standard, or ask you to identify which SCAPSecurity Content Automation Protocol — Standards for automated vulnerability management component handles a specific function.

Scoring

  • Compliance Detection — accuracy of flagging settings as compliant vs. non-compliant
  • Remediation Selection — correct remediation chosen for each non-compliant finding
  • SCAPSecurity Content Automation Protocol — Standards for automated vulnerability management Concepts — accuracy on XCCDFExtensible Configuration Checklist Description Format — Language for security checklists, OVALOpen Vulnerability and Assessment Language — Language for describing system configuration states, and CCE knowledge questions
  • Final score is a weighted composite of all three categories
SCAP & BENCHMARK AUDITOR

You'll audit system configurations from two servers — one Linux, one Windows — against CIS Benchmark standards. For each setting, determine if it's compliant or non-compliant. For non-compliant settings, select the correct remediation.

After the audit, answer questions about the SCAP framework components that make automated benchmarking possible.

2 scenarios • ~25 configuration settings • 3 SCAP concept questions