Profile Applicability:
• Level 1
Description:
Keeping the operating system and installed software up-to-date with the latest patches, updates, and security software is essential for maintaining system security. This helps mitigate vulnerabilities, fix bugs, and protect against emerging threats.
Rationale:
Regular installation of updates and security patches reduces the risk of exploitation by attackers and improves overall system stability and security posture.
Impact:
Pros:
Protects systems from known vulnerabilities.
Enhances system reliability and performance.
Ensures compliance with security policies and standards.
Cons:
Updates may occasionally introduce compatibility issues.
Requires maintenance windows and administrative oversight.
Default Value:
Systems may or may not have automated updates enabled by default depending on the distribution and configuration.
Pre-requisites:
Root or sudo privileges to install updates and security software.
Network connectivity to update repositories and download patches.
Remediation:
Test Plan:
Using Linux command line:
Check for available updates:
RPM-based systems:
yum check-update
Debian-based systems:
apt update apt list --upgradable
Verify installation of critical security patches and software packages.
Confirm presence of security software (e.g., antivirus, intrusion detection).
Implementation Plan:
Using Linux command line:
Install all available updates and patches:
RPM-based:
yum update -y
Debian-based:
apt upgrade -y
Install or update security software as needed.
Schedule regular update checks and patch management processes.
Backout Plan:
Using Linux command line:
If updates cause issues, revert to previous system state using backups or snapshots.
Roll back or remove problematic updates if necessary.
References:
CIS Amazon Linux 2 Benchmark v3.0.0