added proposed modifications+1

Signed-off-by: George M Dias <[email protected]>
mitre · Dec 13, 2024 · e3892f7 · e3892f7
1 parent 84608c1
commit e3892f7
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 8 deletions.
diff --git a/src/courses/delta/03.md b/src/courses/delta/03.md
@@ -29,19 +29,22 @@ The `update_controls4delta` process may be the only command needed as it specifi
 The process of preparing controls from one baseline to another (baseline X to Y) consists of:
 
 1. The directory where baseline X controls are located is provided.
-3. An InSpec json formatted file containing all baseline X controls is provided or generated.
+2. An InSpec json formatted file containing all baseline X controls is provided or generated.
     a - The json file is generated using the [inspec or cinc-auditor] json CLI command
 3. A XCCDF file containing the new baseline Y guidance is provided. The file is obtained from the appropriate site.
     a - The baseline Y XCCDF lists all controls appropriate for the provided baseline. It also includes (most often) a field (legacy) where it indicates the control's previous name(s). The process uses this field to map old control names to the new controls.
     b - If there is no mapping found, then the `delta` process must be invoked to convert the baselines ([see use cases](./04.html#use-cases-for-running-delta))
 
 You can invoke the command as such:
-```
-saf generate update_controls4delta -X ./baseline_Y_xccdf_guidance_file.xml -J baseline_X_summary.json -c baseline_X_controls_directory
+```sh
+saf generate update_controls4delta \
+-X ./baseline_Y_xccdf_guidance_file.xml \
+-J baseline_X_summary.json \
+-c baseline_X_controls_directory
 ```
 
 Additional capabilities can be obtained using the `-h or --help` flag on the `update_controls4delta` command as such:
-```
+```sh
 saf generate update_controls4delta --help
 ```
 
@@ -62,8 +65,12 @@ The `delta` process extends the capabilities of the `update_controls4delta` proc
 <br>
 
 You can invoke the command as such:
-```
-saf generate delta -X ./baseline_Y_xccdf_guidance_file.xml -J baseline_X_summary.json -o new_baseline_Y_controls_directory -M -c baseline_X_controls_directory
+```sh
+saf generate delta \
+-X ./baseline_Y_xccdf_guidance_file.xml \
+-J baseline_X_summary.json \
+-o new_baseline_Y_controls_directory \
+-M -c baseline_X_controls_directory
 ```
 <br>
 
@@ -72,7 +79,7 @@ The `-M` and `-c` flags can be removed if not using fuzzy matching feature.
 :::
 
 Additional capabilities can be obtained using the `-h or --help` flag on the `delta` command as such:
-```
+```sh
 saf generate delta --help
 ```
 

diff --git a/src/courses/delta/README.md b/src/courses/delta/README.md
@@ -27,4 +27,4 @@ that demands importance vigilance of continuous monitoring and notification of v
 To effectively established an ongoing monitoring process, we need to know what to check for, and
 update the content being checked as vulnerabilities are identified. The MITRE training class [Beginner Security Automation Developer Class](https://deploy-preview-256--mitre-saf-training.netlify.app/courses/beginner/) provides an insight on how to use InSpec Profiles (a collection of automated tests) to conduct testes based on some security guidances.
 
-As long as the testes are based on valid security guidances all is well, but the moment the security guidances change, the tests become obsolete and require new tests or existing tests to be updated, that is where the `delta` process comes in to the rescue.
+As long as the testes are based on valid security guidances all is well, but the moment the security guidances change, the tests become obsolete and require new tests or existing tests to be updated, that is where the `delta` process comes into the rescue.