8.2/8.3 enhanced outcomes

src/courses/user/08.md

@@ -24,13 +24,14 @@ If you see multiple profiles available and are unsure which to use, read the REA
 
 - Since we are using the profile from GitHub, we will use the GitHub link `https://github.com/mitre/nginx-stigready-baseline` to specify the profile.
 - Because we are using a Docker container that is running in our lab environment, we can specify the target as `-t docker://nginx`.
-- We can choose to output the results to the command line and to a file like this: `--reporter cli json:./results/nginx_vanilla_results.json`
 - We can add the inputs file that we created so the profile is tailored to our environment like this: `--input-file inputs.yml`
+- We can include [other flags](https://docs.chef.io/inspec/cli/#syntax-5) like `--enhanced-outcomes` to configure settings for how the test is run.
+- We can choose to output the results to the command line and to a file like this: `--reporter cli json:./results/nginx_vanilla_results.json`
 
 To execute this command to run the GitHub profile on your target system, run this `inspec exec` command:
 
 ```sh
-inspec exec https://github.com/mitre/nginx-stigready-baseline -t docker://nginx --input-file inputs.yml --reporter cli json:./results/nginx_vanilla_results.json
+inspec exec https://github.com/mitre/nginx-stigready-baseline -t docker://nginx --input-file inputs.yml --enhanced-outcomes --reporter cli json:./results/nginx_vanilla_results.json
 ```
 
 ## 8.3 Run the Command
@@ -42,35 +43,29 @@ Enter the command from the previous step in your terminal and press enter. It wi
 You should see output similar to that below. The whole profile should execute in only a couple minutes.
 
 ```sh
-inspec exec https://github.com/mitre/nginx-stigready-baseline -t docker://nginx --input-file inputs.yml --reporter cli json:./results/nginx_vanilla_results.json
-[2023-11-01T02:41:29+00:00] WARN: URL target https://github.com/mitre/nginx-stigready-baseline transformed to https://github.com/mitre/nginx-stigready-baseline/archive/master.tar.gz. Consider using the git fetcher
-  ...
-     ×  is expected not to be nil
-     expected: not nil
-          got: nil
-     ↺  This test is NA because the ssl_client_certificate directive has not been configured.
-  ↺  V-56029: The NGINX web server must augment re-creation to a stable and known
+inspec exec https://github.com/mitre/nginx-stigready-baseline -t docker://nginx --input-file inputs.yml --enhanced-outcomes --reporter cli json:./results/nginx_vanilla_results.json
+...
+  N/R  V-56029: The NGINX web server must augment re-creation to a stable and known
     baseline.
      ↺  This test requires a Manual Review: Interview the SA and ask for documentation on the
          disaster recovery methods for the NGINX web server in the event of the necessity for rollback.
-  ↺  V-56031: The NGINX web server must encrypt user identifiers and passwords.
+  N/A  V-56031: The NGINX web server must encrypt user identifiers and passwords.
      ↺  This check is NA because NGINX does not manage authentication.
   ✔  V-56033: The web server must install security-relevant software updates within
     the configured time period directed by an authoritative source (e.g., IAVM,
     CTOs, DTMs, and STIGs).
-     ✔  NGINX version v1.25.3 installed is not more then one patch level behind v1.25.2 is expected to cmp >= "1.25.2"
-     ✔  NGINX version v1.25.3 installed is greater than or equal to the organization approved version v1.23.1 is expected to cmp >= "1.23.1"
+     ✔  NGINX version v1.27.2 installed is not more then one patch level behind v1.27.2 is expected to cmp >= "1.27.2"
+     ✔  NGINX version v1.27.2 installed is greater then or equal to the organization approved version v1.23.1 is expected to cmp >= "1.23.1"
   ✔  V-56035: The NGINX web server must display a default hosted application web page, not
     a directory listing, when a requested web page cannot be found.
      ✔  The root directory /usr/share/nginx/html should include the default index.html file.
-  ↺  V-61353: The web server must remove all export ciphers to protect the
-  confidentiality and integrity of transmitted information. (2 skipped)
-     ↺  This test is NA because the ssl_prefer_server_ciphers directive has not been configured.
-     ↺  This test is NA because the ssl_ciphers directive has not been configured.
-
+  ✔  V-61353: The web server must remove all export ciphers to protect the
+  confidentiality and integrity of transmitted information.
+     ✔  The ssl_prefer_server_cipher should be set to on.
+...
 
-Profile Summary: 27 successful controls, 26 control failures, 36 controls skipped
-Test Summary: 137 successful, 91 failures, 55 skipped
+Profile Summary: 65 successful controls, 3 control failures, 10 controls not reviewed, 11 controls not applicable, 0 controls have error
+Test Summary: 303 successful, 3 failures, 24 skipped
 ```
 
 You see that many of the tests pass, while others fail and may require investigation.
@@ -87,7 +82,7 @@ You should also see your results in a JSON file located in `/results` folder wit
 InSpec allows you to output your test results to one or more reporters. You can configure the reporter(s) using either the `--config` option or the `--reporter` option. While you can configure multiple reporters to write to different files, only one reporter can output to the screen (stdout).
 
 ```sh
-inspec exec https://github.com/mitre/nginx-stigready-baseline -t ssh://TARGET_USERNAME:TARGET_PASSWORD@TARGET_IP --reporter cli json:baseline_output.json
+inspec exec https://github.com/mitre/nginx-stigready-baseline -t ssh://TARGET_USERNAME:TARGET_PASSWORD@TARGET_IP --enhanced-outcomes --reporter cli json:baseline_output.json
 ```
 
 #### Syntax