Skip to content

Commit

Permalink
Answer key (#286)
Browse files Browse the repository at this point in the history
* rhel8-->rhel9 for section 11

Signed-off-by: Will <[email protected]>

* better inputs section in beginner

Signed-off-by: Will <[email protected]>

* removed remaining references to RHEL8

Signed-off-by: Will <[email protected]>

* rhel8-->rhel9 for section 11

Signed-off-by: Will <[email protected]>

* better inputs section in beginner

Signed-off-by: Will <[email protected]>

* removed remaining references to RHEL8

Signed-off-by: Will <[email protected]>

* updating the docker compose example

Signed-off-by: Will <[email protected]>

* consistency

Signed-off-by: Will <[email protected]>

* fixing package-lock

Signed-off-by: Will <[email protected]>

* fixing package.json

Signed-off-by: Will <[email protected]>

---------

Signed-off-by: Will <[email protected]>
  • Loading branch information
wdower authored Dec 9, 2024
1 parent 2e580ce commit 90318a0
Show file tree
Hide file tree
Showing 17 changed files with 1,896 additions and 1,824 deletions.
2,460 changes: 1,392 additions & 1,068 deletions package-lock.json

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,15 @@
},
"devDependencies": {
"@vuepress/bundler-vite": "2.0.0-rc.18",
"@vuepress/plugin-markdown-image": "2.0.0-rc.65",
"@vuepress/plugin-markdown-tab": "2.0.0-rc.65",
"@vuepress/plugin-markdown-image": "2.0.0-rc.62",
"@vuepress/plugin-markdown-tab": "2.0.0-rc.62",
"cypress": "^13.16.1",
"cypress-each": "^1.14.0",
"flowchart.ts": "^3.0.1",
"mermaid": "^11.4.1",
"start-server-and-test": "^2.0.8",
"vue": "^3.5.13",
"vuepress": "2.0.0-rc.18",
"vuepress-theme-hope": "2.0.0-rc.63"
"vuepress-theme-hope": "2.0.0-rc.59"
}
}
Binary file modified src/assets/img/Download_STIG.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified src/assets/img/Download_STIG_Viewer.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added src/assets/img/the_stig_file.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
21 changes: 13 additions & 8 deletions src/courses/advanced/03.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ In the beginner class, we worked with a simple requirements set to implement in
* be owned by the `root` user and group.
* not be readable, writeable, or executable by others.
5. The NGINX shell access should be restricted to admin users.
6. NGINX admins should have documentation on security procedures.
```

:::
Expand Down Expand Up @@ -176,16 +177,18 @@ end
@tab command

```sh
inspec exec my_nginx -t docker://nginx --input-file my_nginx/inputs-linux.yml
inspec exec my_nginx -t docker://nginx --input-file my_nginx/inputs.yml --enhanced-outcomes
```

@tab output

```sh
Profile: InSpec Profile (my_nginx)
Version: 0.1.0
Target: docker://DOCKER_CONTAINER_ID
Target ID: TARGET_ID
Redirecting to cinc-auditor...
Profile: InSpec Profile (my_nginx_answer_key)
Version: 0.1.0
Target: docker://DOCKER_CONTAINER_ID
Target ID: TARGET_ID
✔ nginx-version: NGINX version
✔ Nginx Environment version is expected to cmp >= "1.27.0"
Expand All @@ -204,10 +207,12 @@ inspec exec my_nginx -t docker://nginx --input-file my_nginx/inputs-linux.yml
✔ File /etc/nginx/nginx.conf is expected not to be executable by others
✔ nginx-shell-access: NGINX shell access
✔ Shell access for non-admin users should be removed.
N/R nginx-interview: NGINX interview
↺ This control must be manually reviewed.
Profile Summary: 4 successful controls, 1 control failure, 0 controls skipped
Test Summary: 10 successful, 1 failure, 0 skipped
Profile Summary: 4 successful controls, 1 control failure, 1 control not reviewed, 0 controls not applicable, 0 controls have error
Test Summary: 10 successful, 1 failure, 1 skipped
```

:::
Expand All @@ -217,7 +222,7 @@ Test Summary: 10 successful, 1 failure, 0 skipped
In the [beginner class](../beginner/08.md), we mentioned that you can specify an InSpec reporter to indicate the format in which you desire the results. If you want to read the results on the command line as well as save them in a JSON file, you can run this command.

```sh
inspec exec my_nginx -t docker://nginx --input-file inputs-linux.yml --reporter cli json:my_nginx_results.json --enhanced-outcomes
inspec exec my_nginx -t docker://nginx --input-file my_nginx/inputs.yml --reporter cli json:results/my_nginx_results.json --enhanced-outcomes
```

### Visualizing Results
Expand Down
4 changes: 4 additions & 0 deletions src/courses/advanced/05.md
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,8 @@ inspec exec git
@tab Output

```bash
Redirecting to cinc-auditor...

Profile: InSpec Profile (git)
Version: 0.1.0
Target: local://
Expand Down Expand Up @@ -145,6 +147,8 @@ inspec exec git
@tab Output

```bash
Redirecting to cinc-auditor...

[2023-02-22T03:21:41+00:00] ERROR: Failed to load profile git: Failed to load source for controls/example.rb: undefined method `git' for #<Inspec::ControlEvalContext:0x000000000540af38>
Profile: InSpec Profile (git)
Expand Down
Loading

0 comments on commit 90318a0

Please sign in to comment.