[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:06.47,Default,,0000,0000,0000,,[Keyboard typing].
Dialogue: 0,0:00:10.40,0:00:13.52,Default,,0000,0000,0000,,Hello, YouTubers. Welcome back to my
Dialogue: 0,0:00:13.52,0:00:15.28,Default,,0000,0000,0000,,NetSec YouTube channel.
Dialogue: 0,0:00:15.28,0:00:18.56,Default,,0000,0000,0000,,This is Johnny, a network and security
Dialogue: 0,0:00:18.56,0:00:19.77,Default,,0000,0000,0000,,guy.
Dialogue: 0,0:00:20.56,0:00:23.60,Default,,0000,0000,0000,,When I'm wearing my security hat,
Dialogue: 0,0:00:23.60,0:00:26.72,Default,,0000,0000,0000,,one of popular questions I got asked
Dialogue: 0,0:00:26.72,0:00:27.92,Default,,0000,0000,0000,,is about the
Dialogue: 0,0:00:27.92,0:00:32.08,Default,,0000,0000,0000,,security of the system: How do I ensure this
Dialogue: 0,0:00:32.08,0:00:35.44,Default,,0000,0000,0000,,system has been configured securely?
Dialogue: 0,0:00:35.44,0:00:38.32,Default,,0000,0000,0000,,Usually, my answer is quite simple.
Dialogue: 0,0:00:38.32,0:00:41.92,Default,,0000,0000,0000,,Let's run CIS-CAT scanning.
Dialogue: 0,0:00:41.92,0:00:44.46,Default,,0000,0000,0000,,What is CIS-CAT?
Dialogue: 0,0:00:45.68,0:00:48.96,Default,,0000,0000,0000,,This is just a tool created center for
Dialogue: 0,0:00:48.96,0:00:50.96,Default,,0000,0000,0000,,Internet Security Configuration
Dialogue: 0,0:00:50.96,0:00:53.20,Default,,0000,0000,0000,,Assessment Tool.
Dialogue: 0,0:00:53.20,0:00:55.12,Default,,0000,0000,0000,,We are going to compare the target
Dialogue: 0,0:00:55.12,0:00:58.08,Default,,0000,0000,0000,,configuration settings with core
Dialogue: 0,0:00:58.08,0:01:00.80,Default,,0000,0000,0000,,configuration settings recommended. They
Dialogue: 0,0:01:00.80,0:01:03.84,Default,,0000,0000,0000,,have hundreds of CS benchmarks for different
Dialogue: 0,0:01:03.84,0:01:05.12,Default,,0000,0000,0000,,systems.
Dialogue: 0,0:01:05.12,0:01:07.04,Default,,0000,0000,0000,,After the comparison, they're going to give
Dialogue: 0,0:01:07.04,0:01:09.76,Default,,0000,0000,0000,,you a report that shows the score of how to
Dialogue: 0,0:01:09.76,0:01:12.12,Default,,0000,0000,0000,,secure your system, and also give you
Dialogue: 0,0:01:12.12,0:01:15.20,Default,,0000,0000,0000,,recommendations for how to remediate
Dialogue: 0,0:01:15.20,0:01:18.32,Default,,0000,0000,0000,,those security holes you might have.
Dialogue: 0,0:01:18.32,0:01:20.96,Default,,0000,0000,0000,,This whole tool makes the scanning,
Dialogue: 0,0:01:20.96,0:01:23.84,Default,,0000,0000,0000,,validation, and reporting much easier and
Dialogue: 0,0:01:23.84,0:01:27.04,Default,,0000,0000,0000,,simpler for users who need to find out
Dialogue: 0,0:01:27.04,0:01:29.68,Default,,0000,0000,0000,,the best security configuration for
Dialogue: 0,0:01:29.68,0:01:30.96,Default,,0000,0000,0000,,their system.
Dialogue: 0,0:01:30.96,0:01:32.40,Default,,0000,0000,0000,,This is a
Dialogue: 0,0:01:32.40,0:01:35.36,Default,,0000,0000,0000,,very helpful and useful tool. There are
Dialogue: 0,0:01:35.36,0:01:37.04,Default,,0000,0000,0000,,two versions,
Dialogue: 0,0:01:37.04,0:01:40.72,Default,,0000,0000,0000,,such as CIS-CAT Pro and CIS-CAT Lite.
Dialogue: 0,0:01:40.72,0:01:43.92,Default,,0000,0000,0000,,In this video, I'm going to present how
Dialogue: 0,0:01:43.92,0:01:47.36,Default,,0000,0000,0000,,you can download CIS-CAT Lite, how you can
Dialogue: 0,0:01:47.36,0:01:50.48,Default,,0000,0000,0000,,run it, and how you can scan
Dialogue: 0,0:01:50.48,0:01:52.48,Default,,0000,0000,0000,,for your target.
Dialogue: 0,0:01:52.48,0:01:53.36,Default,,0000,0000,0000,,Now
Dialogue: 0,0:01:53.36,0:01:56.00,Default,,0000,0000,0000,,let's jump into my lab, and we can start.
Dialogue: 0,0:01:56.00,0:01:59.83,Default,,0000,0000,0000,,Let's start it!
Dialogue: 0,0:02:01.13,0:02:04.16,Default,,0000,0000,0000,,1. Lab Topology
Dialogue: 0,0:02:04.16,0:02:08.56,Default,,0000,0000,0000,,Now, let's take a look my lab topology.
Dialogue: 0,0:02:08.56,0:02:12.32,Default,,0000,0000,0000,,For this lab, I have three machines.
Dialogue: 0,0:02:12.32,0:02:14.80,Default,,0000,0000,0000,,One is Windows 2016,
Dialogue: 0,0:02:14.80,0:02:16.32,Default,,0000,0000,0000,,which we are going to
Dialogue: 0,0:02:16.32,0:02:19.52,Default,,0000,0000,0000,,launch CIS-CAT Lite from this machine to
Dialogue: 0,0:02:19.52,0:02:23.36,Default,,0000,0000,0000,,do the scanning for Windows 10 and
Dialogue: 0,0:02:23.36,0:02:27.20,Default,,0000,0000,0000,,51sec.local DC.
Dialogue: 0,0:02:27.20,0:02:30.00,Default,,0000,0000,0000,,All those machines are in the domain.
Dialogue: 0,0:02:30.00,0:02:33.20,Default,,0000,0000,0000,,If you are using workgroups, similar
Dialogue: 0,0:02:33.20,0:02:35.84,Default,,0000,0000,0000,,operations.
Dialogue: 0,0:02:35.84,0:02:38.72,Default,,0000,0000,0000,,Again, this is a very simple network. They're all
Dialogue: 0,0:02:38.72,0:02:40.72,Default,,0000,0000,0000,,running in the same
Dialogue: 0,0:02:40.72,0:02:44.32,Default,,0000,0000,0000,,network, 192.168.2.
Dialogue: 0,0:02:44.32,0:02:46.88,Default,,0000,0000,0000,,If you have firewall between
Dialogue: 0,0:02:46.88,0:02:50.80,Default,,0000,0000,0000,,your CIS-CAT Lite server and your
Dialogue: 0,0:02:50.80,0:02:54.00,Default,,0000,0000,0000,,destinations, you may need to open your
Dialogue: 0,0:02:54.00,0:02:55.44,Default,,0000,0000,0000,,firewalls,
Dialogue: 0,0:02:55.44,0:02:58.78,Default,,0000,0000,0000,,but that will be in a different topic.
Dialogue: 0,0:02:59.02,0:03:02.39,Default,,0000,0000,0000,,2. Download
Dialogue: 0,0:03:03.04,0:03:06.40,Default,,0000,0000,0000,,Now, let's download the CIS-CAT Lite
Dialogue: 0,0:03:06.40,0:03:08.32,Default,,0000,0000,0000,,version. It's a free
Dialogue: 0,0:03:08.32,0:03:09.44,Default,,0000,0000,0000,,CAT tool
Dialogue: 0,0:03:09.44,0:03:12.47,Default,,0000,0000,0000,,to scan your destination.
Dialogue: 0,0:03:13.76,0:03:16.64,Default,,0000,0000,0000,,You can directly, using Google,
Dialogue: 0,0:03:16.64,0:03:19.92,Default,,0000,0000,0000,,search for "CIS-CAT Lite." The first link will jump
Dialogue: 0,0:03:19.92,0:03:20.80,Default,,0000,0000,0000,,out,
Dialogue: 0,0:03:20.80,0:03:23.44,Default,,0000,0000,0000,,and it will be
Dialogue: 0,0:03:23.68,0:03:25.52,Default,,0000,0000,0000,,this page.
Dialogue: 0,0:03:25.52,0:03:28.08,Default,,0000,0000,0000,,For this form, what you need to do is--you
Dialogue: 0,0:03:28.08,0:03:30.00,Default,,0000,0000,0000,,don't need to provide your credit card.
Dialogue: 0,0:03:30.00,0:03:32.08,Default,,0000,0000,0000,,You provide your minimum personal
Dialogue: 0,0:03:32.08,0:03:34.24,Default,,0000,0000,0000,,information: name,
Dialogue: 0,0:03:34.24,0:03:36.48,Default,,0000,0000,0000,,organization, role,
Dialogue: 0,0:03:36.48,0:03:40.16,Default,,0000,0000,0000,,email, sector, country,
Dialogue: 0,0:03:40.16,0:03:42.24,Default,,0000,0000,0000,,how many employees, and how did you hear
Dialogue: 0,0:03:42.24,0:03:43.60,Default,,0000,0000,0000,,about us.
Dialogue: 0,0:03:43.60,0:03:45.04,Default,,0000,0000,0000,,Then,
Dialogue: 0,0:03:45.04,0:03:48.88,Default,,0000,0000,0000,,click the "Get CIS-CAT" button.
Dialogue: 0,0:03:48.88,0:03:50.64,Default,,0000,0000,0000,,In a couple of minutes,
Dialogue: 0,0:03:50.64,0:03:52.40,Default,,0000,0000,0000,,you should be able to get the email like
Dialogue: 0,0:03:52.40,0:03:53.92,Default,,0000,0000,0000,,this:
Dialogue: 0,0:03:53.92,0:03:56.72,Default,,0000,0000,0000,,CIS Center for Internet Security,
Dialogue: 0,0:03:56.72,0:03:59.68,Default,,0000,0000,0000,,CIS-CAT version 4,
Dialogue: 0,0:03:59.68,0:04:03.36,Default,,0000,0000,0000,,and the download link here.
Dialogue: 0,0:04:04.80,0:04:06.00,Default,,0000,0000,0000,,Click the link,
Dialogue: 0,0:04:06.00,0:04:07.92,Default,,0000,0000,0000,,and the download should happen
Dialogue: 0,0:04:07.92,0:04:10.40,Default,,0000,0000,0000,,immediately.
Dialogue: 0,0:04:10.40,0:04:14.16,Default,,0000,0000,0000,,At about 148 megabytes.
Dialogue: 0,0:04:14.16,0:04:16.32,Default,,0000,0000,0000,,Depending on your internet speed, one
Dialogue: 0,0:04:16.32,0:04:18.24,Default,,0000,0000,0000,,minute, two minutes, you should be able to
Dialogue: 0,0:04:18.24,0:04:19.41,Default,,0000,0000,0000,,get it.
Dialogue: 0,0:04:20.57,0:04:23.60,Default,,0000,0000,0000,,So that how you can get it.
Dialogue: 0,0:04:23.60,0:04:25.68,Default,,0000,0000,0000,,You may also get this
Dialogue: 0,0:04:25.68,0:04:27.92,Default,,0000,0000,0000,,email as well to show you how to get
Dialogue: 0,0:04:27.92,0:04:30.96,Default,,0000,0000,0000,,started with CIS-CAT Lite.
Dialogue: 0,0:04:30.96,0:04:32.64,Default,,0000,0000,0000,,That will help you
Dialogue: 0,0:04:32.64,0:04:34.80,Default,,0000,0000,0000,,to start to use
Dialogue: 0,0:04:34.80,0:04:36.24,Default,,0000,0000,0000,,this tool.
Dialogue: 0,0:04:37.84,0:04:40.24,Default,,0000,0000,0000,,You also can register for webmail
Dialogue: 0,0:04:40.24,0:04:42.56,Default,,0000,0000,0000,,to get more information.
Dialogue: 0,0:04:42.95,0:04:45.93,Default,,0000,0000,0000,,3. Run CIS-CAT Lite
Dialogue: 0,0:04:46.40,0:04:49.20,Default,,0000,0000,0000,,After you download the software,
Dialogue: 0,0:04:49.20,0:04:50.56,Default,,0000,0000,0000,,you will see
Dialogue: 0,0:04:50.56,0:04:52.16,Default,,0000,0000,0000,,this zip file:
Dialogue: 0,0:04:52.16,0:04:56.92,Default,,0000,0000,0000,,CIS-CAT Lite version 4.21.0.
Dialogue: 0,0:04:57.28,0:04:58.80,Default,,0000,0000,0000,,To run it,
Dialogue: 0,0:04:58.80,0:05:00.64,Default,,0000,0000,0000,,you don't need to install it.
Dialogue: 0,0:05:00.64,0:05:04.47,Default,,0000,0000,0000,,The only thing you need to do is extract all.
Dialogue: 0,0:05:07.76,0:05:09.28,Default,,0000,0000,0000,,I'm running
Dialogue: 0,0:05:09.28,0:05:12.56,Default,,0000,0000,0000,,CIS-CAT Lite in my virtual machine.
Dialogue: 0,0:05:12.56,0:05:16.08,Default,,0000,0000,0000,,I'm giving it 8 gigabytes of RAM
Dialogue: 0,0:05:16.08,0:05:18.84,Default,,0000,0000,0000,,and 4 virtual CPUs.
Dialogue: 0,0:05:19.92,0:05:21.36,Default,,0000,0000,0000,,It depends on
Dialogue: 0,0:05:21.36,0:05:24.80,Default,,0000,0000,0000,,how many system you need to scan.
Dialogue: 0,0:05:24.80,0:05:26.56,Default,,0000,0000,0000,,Usually,
Dialogue: 0,0:05:26.56,0:05:28.32,Default,,0000,0000,0000,,even 4 gigabytes of RAM
Dialogue: 0,0:05:28.32,0:05:30.32,Default,,0000,0000,0000,,and 2 virtual CPUs are
Dialogue: 0,0:05:30.32,0:05:33.68,Default,,0000,0000,0000,,more than enough.
Dialogue: 0,0:05:37.44,0:05:40.00,Default,,0000,0000,0000,,Once you unzip it, you will get
Dialogue: 0,0:05:40.00,0:05:41.20,Default,,0000,0000,0000,,access to
Dialogue: 0,0:05:41.20,0:05:43.84,Default,,0000,0000,0000,,this folder,
Dialogue: 0,0:05:43.84,0:05:49.47,Default,,0000,0000,0000,,and you will find the "accessor-ui.exe" file.
Dialogue: 0,0:05:50.48,0:05:58.63,Default,,0000,0000,0000,,To run it, it is very simple. Just right-click this "accessor-ui.exe" file and choose
Dialogue: 0,0:05:58.63,0:06:00.48,Default,,0000,0000,0000,,"Run as administrator."
Dialogue: 0,0:06:00.48,0:06:05.20,Default,,0000,0000,0000,,You will see it shows CIS-CAT Pro access
Dialogue: 0,0:06:05.20,0:06:08.56,Default,,0000,0000,0000,,in the Windows title.
Dialogue: 0,0:06:08.88,0:06:11.68,Default,,0000,0000,0000,,If we are syncing this, "Oh, maybe I
Dialogue: 0,0:06:11.68,0:06:13.36,Default,,0000,0000,0000,,download the wrong one,"
Dialogue: 0,0:06:13.36,0:06:16.64,Default,,0000,0000,0000,,but actually, the Windows title shows
Dialogue: 0,0:06:16.64,0:06:19.52,Default,,0000,0000,0000,,"CIS-CAT Pro Accessor."
Dialogue: 0,0:06:19.52,0:06:22.64,Default,,0000,0000,0000,,Eventually, you will get the CIS-CAT Lite
Dialogue: 0,0:06:22.64,0:06:23.76,Default,,0000,0000,0000,,version
Dialogue: 0,0:06:23.76,0:06:24.64,Default,,0000,0000,0000,,since
Dialogue: 0,0:06:24.64,0:06:26.32,Default,,0000,0000,0000,,it's
Dialogue: 0,0:06:26.32,0:06:29.28,Default,,0000,0000,0000,,a restricted version of this Pro.
Dialogue: 0,0:06:29.28,0:06:34.20,Default,,0000,0000,0000,,You will see here "CIS-CAT Lite."
Dialogue: 0,0:06:34.88,0:06:38.48,Default,,0000,0000,0000,,It uses the same Web GUI as the Pro version.
Dialogue: 0,0:06:38.48,0:06:39.52,Default,,0000,0000,0000,,The only
Dialogue: 0,0:06:39.52,0:06:42.64,Default,,0000,0000,0000,,thing is this is a restricted version.
Dialogue: 0,0:06:42.64,0:06:45.28,Default,,0000,0000,0000,,It's a Lite version, and also you will
Dialogue: 0,0:06:45.28,0:06:47.60,Default,,0000,0000,0000,,see they want you to
Dialogue: 0,0:06:47.60,0:06:49.60,Default,,0000,0000,0000,,see the documentation, which is Pro
Dialogue: 0,0:06:49.60,0:06:52.48,Default,,0000,0000,0000,,documentation. You won't find too much
Dialogue: 0,0:06:52.48,0:06:55.04,Default,,0000,0000,0000,,information about the Lite, but you will see
Dialogue: 0,0:06:55.04,0:06:57.71,Default,,0000,0000,0000,,everything for the Pro.
Dialogue: 0,0:06:58.43,0:07:01.42,Default,,0000,0000,0000,,4. Assess Local System
Dialogue: 0,0:07:02.56,0:07:05.36,Default,,0000,0000,0000,,Once you launch the Web GUI, scanning
Dialogue: 0,0:07:05.36,0:07:07.36,Default,,0000,0000,0000,,the system gonna be very simple, either
Dialogue: 0,0:07:07.36,0:07:09.60,Default,,0000,0000,0000,,local or remote.
Dialogue: 0,0:07:09.60,0:07:11.44,Default,,0000,0000,0000,,The Lite version
Dialogue: 0,0:07:11.44,0:07:15.04,Default,,0000,0000,0000,,has no limitation on how many targets you
Dialogue: 0,0:07:15.04,0:07:16.88,Default,,0000,0000,0000,,can scan,
Dialogue: 0,0:07:16.88,0:07:18.48,Default,,0000,0000,0000,,so you can scan local and the remote
Dialogue: 0,0:07:18.48,0:07:21.20,Default,,0000,0000,0000,,system. Let's start from this local system
Dialogue: 0,0:07:21.20,0:07:22.40,Default,,0000,0000,0000,,first.
Dialogue: 0,0:07:22.40,0:07:25.60,Default,,0000,0000,0000,,The local system is Windows 2016, as I
Dialogue: 0,0:07:25.60,0:07:28.64,Default,,0000,0000,0000,,mentioned before. So we are going to
Dialogue: 0,0:07:28.64,0:07:31.36,Default,,0000,0000,0000,,use
Dialogue: 0,0:07:33.20,0:07:37.44,Default,,0000,0000,0000,,Windows Server CIS controls
Dialogue: 0,0:07:37.44,0:07:40.96,Default,,0000,0000,0000,,Assessment Module: Implementation Group 1,
Dialogue: 0,0:07:40.96,0:07:43.44,Default,,0000,0000,0000,,which is the minimum requirement for the
Dialogue: 0,0:07:43.44,0:07:45.08,Default,,0000,0000,0000,,server.
Dialogue: 0,0:07:46.32,0:07:47.92,Default,,0000,0000,0000,,And we're going to choose this one,
Dialogue: 0,0:07:47.92,0:07:50.24,Default,,0000,0000,0000,,automated checks, and the survey
Dialogue: 0,0:07:50.24,0:07:51.44,Default,,0000,0000,0000,,questions.
Dialogue: 0,0:07:51.44,0:07:52.96,Default,,0000,0000,0000,,So, you will get a lot of survey
Dialogue: 0,0:07:52.96,0:07:58.16,Default,,0000,0000,0000,,questions for the interactive answers.
Dialogue: 0,0:07:58.16,0:07:59.60,Default,,0000,0000,0000,,One thing:
Dialogue: 0,0:07:59.60,0:08:01.28,Default,,0000,0000,0000,,The Lite version,
Dialogue: 0,0:08:01.28,0:08:04.00,Default,,0000,0000,0000,,this is different from the Pro version:
Dialogue: 0,0:08:04.00,0:08:07.04,Default,,0000,0000,0000,,you only have limited benchmarks.
Dialogue: 0,0:08:07.04,0:08:10.40,Default,,0000,0000,0000,,The Pro version provides
Dialogue: 0,0:08:10.40,0:08:13.44,Default,,0000,0000,0000,,hundreds of benchmarks for you to use, but
Dialogue: 0,0:08:13.44,0:08:15.52,Default,,0000,0000,0000,,here the benchmarks only limited to a
Dialogue: 0,0:08:15.52,0:08:17.92,Default,,0000,0000,0000,,couple, from Windows 10,
Dialogue: 0,0:08:17.92,0:08:19.52,Default,,0000,0000,0000,,Ubuntu,
Dialogue: 0,0:08:19.52,0:08:21.04,Default,,0000,0000,0000,,Google Chrome,
Dialogue: 0,0:08:21.04,0:08:21.92,Default,,0000,0000,0000,,and the
Dialogue: 0,0:08:21.92,0:08:25.36,Default,,0000,0000,0000,,minimum requirement for Windows Server.
Dialogue: 0,0:08:25.36,0:08:27.68,Default,,0000,0000,0000,,After you choose the benchmarks and the
Dialogue: 0,0:08:27.68,0:08:29.44,Default,,0000,0000,0000,,profile--
Dialogue: 0,0:08:29.44,0:08:31.12,Default,,0000,0000,0000,,basically, the profile I would think of as
Dialogue: 0,0:08:31.12,0:08:34.24,Default,,0000,0000,0000,,always being a baseline--
Dialogue: 0,0:08:35.60,0:08:38.08,Default,,0000,0000,0000,,and you can add it.
Dialogue: 0,0:08:38.08,0:08:40.72,Default,,0000,0000,0000,,So, once you choose "Add," it will
Dialogue: 0,0:08:40.72,0:08:42.08,Default,,0000,0000,0000,,give you
Dialogue: 0,0:08:42.08,0:08:44.24,Default,,0000,0000,0000,,a text box to ask you
Dialogue: 0,0:08:44.24,0:08:46.88,Default,,0000,0000,0000,,questions.
Dialogue: 0,0:08:46.88,0:08:48.00,Default,,0000,0000,0000,,You can just
Dialogue: 0,0:08:48.00,0:08:50.08,Default,,0000,0000,0000,,click "OK." That's
Dialogue: 0,0:08:50.08,0:08:51.72,Default,,0000,0000,0000,,about
Dialogue: 0,0:08:51.72,0:08:57.20,Default,,0000,0000,0000,,29 questions for this survey.
Dialogue: 0,0:08:57.20,0:08:58.32,Default,,0000,0000,0000,,So,
Dialogue: 0,0:08:58.32,0:09:00.56,Default,,0000,0000,0000,,for me, I'm just quickly
Dialogue: 0,0:09:00.56,0:09:04.00,Default,,0000,0000,0000,,demonstrating the process. I will click
Dialogue: 0,0:09:04.00,0:09:08.28,Default,,0000,0000,0000,,"Yes" for all questions.
Dialogue: 0,0:09:23.44,0:09:26.16,Default,,0000,0000,0000,,So, once all questions have been answered,
Dialogue: 0,0:09:26.16,0:09:28.32,Default,,0000,0000,0000,,the selected profile and
Dialogue: 0,0:09:28.32,0:09:31.52,Default,,0000,0000,0000,,benchmark will be in this selected
Dialogue: 0,0:09:31.52,0:09:33.52,Default,,0000,0000,0000,,section.
Dialogue: 0,0:09:33.52,0:09:35.36,Default,,0000,0000,0000,,After that,
Dialogue: 0,0:09:35.36,0:09:38.32,Default,,0000,0000,0000,,we can choose "Next."
Dialogue: 0,0:09:38.32,0:09:41.44,Default,,0000,0000,0000,,Here are the report output options.
Dialogue: 0,0:09:41.44,0:09:43.36,Default,,0000,0000,0000,,Since we are using the Lite version, we only
Dialogue: 0,0:09:43.36,0:09:47.76,Default,,0000,0000,0000,,have HTML. It's already selected for us.
Dialogue: 0,0:09:47.76,0:09:50.56,Default,,0000,0000,0000,,If you're using the Pro, you can use CSV, text,
Dialogue: 0,0:09:50.56,0:09:53.28,Default,,0000,0000,0000,,XML, and JSON.
Dialogue: 0,0:09:53.28,0:09:55.04,Default,,0000,0000,0000,,And we can pick
Dialogue: 0,0:09:55.04,0:09:58.56,Default,,0000,0000,0000,,the destination, and you leave it as default.
Dialogue: 0,0:09:58.56,0:10:01.20,Default,,0000,0000,0000,,You also can save the configuration file
Dialogue: 0,0:10:01.20,0:10:03.20,Default,,0000,0000,0000,,for the future use, and you don't
Dialogue: 0,0:10:03.20,0:10:08.00,Default,,0000,0000,0000,,have to do all the selection again.
Dialogue: 0,0:10:08.16,0:10:10.24,Default,,0000,0000,0000,,Click "Next."
Dialogue: 0,0:10:10.24,0:10:12.56,Default,,0000,0000,0000,,So it will ask you for
Dialogue: 0,0:10:12.56,0:10:16.96,Default,,0000,0000,0000,,confirmation to start the assessment.
Dialogue: 0,0:10:17.12,0:10:19.04,Default,,0000,0000,0000,,The assessment usually
Dialogue: 0,0:10:19.04,0:10:20.00,Default,,0000,0000,0000,,takes
Dialogue: 0,0:10:20.00,0:10:24.20,Default,,0000,0000,0000,,two minutes to get done.
Dialogue: 0,0:10:45.20,0:10:46.64,Default,,0000,0000,0000,,Alright,
Dialogue: 0,0:10:46.64,0:10:49.52,Default,,0000,0000,0000,,we got a report.
Dialogue: 0,0:10:50.32,0:10:54.72,Default,,0000,0000,0000,,Then, you can choose "View HTML," and
Dialogue: 0,0:10:54.72,0:10:58.08,Default,,0000,0000,0000,,that will show you a really nice report
Dialogue: 0,0:10:58.08,0:11:01.32,Default,,0000,0000,0000,,in your browser.
Dialogue: 0,0:11:02.56,0:11:05.76,Default,,0000,0000,0000,,For my machine, the automated checks
Dialogue: 0,0:11:05.76,0:11:07.84,Default,,0000,0000,0000,,failed 11
Dialogue: 0,0:11:07.84,0:11:09.20,Default,,0000,0000,0000,,items,
Dialogue: 0,0:11:09.20,0:11:12.40,Default,,0000,0000,0000,,we have 4 passed.
Dialogue: 0,0:11:12.40,0:11:14.64,Default,,0000,0000,0000,,For user survey questions, we got 29
Dialogue: 0,0:11:14.64,0:11:16.80,Default,,0000,0000,0000,,questions since we selected "Yes" for all
Dialogue: 0,0:11:16.80,0:11:19.52,Default,,0000,0000,0000,,of them, we passed 100%.
Dialogue: 0,0:11:19.52,0:11:21.36,Default,,0000,0000,0000,,Total
Dialogue: 0,0:11:21.36,0:11:22.96,Default,,0000,0000,0000,,77%
Dialogue: 0,0:11:22.96,0:11:24.34,Default,,0000,0000,0000,,pass.
Dialogue: 0,0:11:26.48,0:11:29.20,Default,,0000,0000,0000,,You should be able to see all the check
Dialogue: 0,0:11:29.20,0:11:30.90,Default,,0000,0000,0000,,details.
Dialogue: 0,0:11:34.80,0:11:38.00,Default,,0000,0000,0000,,For each failed item,
Dialogue: 0,0:11:38.00,0:11:41.04,Default,,0000,0000,0000,,you will see remediation recommendations
Dialogue: 0,0:11:41.04,0:11:43.12,Default,,0000,0000,0000,,here.
Dialogue: 0,0:11:43.12,0:11:45.04,Default,,0000,0000,0000,,That should help you
Dialogue: 0,0:11:45.04,0:11:46.32,Default,,0000,0000,0000,,to remedy
Dialogue: 0,0:11:46.32,0:11:49.60,Default,,0000,0000,0000,,the failed items.
Dialogue: 0,0:11:49.60,0:11:54.76,Default,,0000,0000,0000,,So, this is the local scanning.
Dialogue: 0,0:11:56.32,0:11:58.80,Default,,0000,0000,0000,,We're also able to do the remote system
Dialogue: 0,0:11:58.80,0:12:01.36,Default,,0000,0000,0000,,scanning.
Dialogue: 0,0:12:08.08,0:12:11.76,Default,,0000,0000,0000,,As mentioned before, I have Windows 10
Dialogue: 0,0:12:11.76,0:12:13.84,Default,,0000,0000,0000,,set up as my target,
Dialogue: 0,0:12:13.84,0:12:18.80,Default,,0000,0000,0000,,which is also joined to the local domain.
Dialogue: 0,0:12:18.80,0:12:22.16,Default,,0000,0000,0000,,I'm going to use the CIS-CAT Lite
Dialogue: 0,0:12:22.16,0:12:25.20,Default,,0000,0000,0000,,Windows 2016 server to scan this Windows
Dialogue: 0,0:12:25.20,0:12:27.44,Default,,0000,0000,0000,,10, and we also can do
Dialogue: 0,0:12:27.44,0:12:29.84,Default,,0000,0000,0000,,the domain controller scan as well. So,
Dialogue: 0,0:12:29.84,0:12:31.04,Default,,0000,0000,0000,,we can do
Dialogue: 0,0:12:31.04,0:12:34.04,Default,,0000,0000,0000,,both.
Dialogue: 0,0:12:38.72,0:12:41.76,Default,,0000,0000,0000,,So, you need to choose "Advanced" for
Dialogue: 0,0:12:41.76,0:12:44.43,Default,,0000,0000,0000,,remote or target system.
Dialogue: 0,0:12:48.08,0:12:51.68,Default,,0000,0000,0000,,I'm going to use Windows 10 here.
Dialogue: 0,0:12:51.68,0:12:53.44,Default,,0000,0000,0000,,And one thing you may want to make sure
Dialogue: 0,0:12:53.44,0:12:54.48,Default,,0000,0000,0000,,is that
Dialogue: 0,0:12:54.48,0:12:57.44,Default,,0000,0000,0000,,you can ping
Dialogue: 0,0:12:57.52,0:12:59.84,Default,,0000,0000,0000,,your remote server.
Dialogue: 0,0:13:04.96,0:13:07.12,Default,,0000,0000,0000,,That's our
Dialogue: 0,0:13:10.96,0:13:13.44,Default,,0000,0000,0000,,destination, Windows 10 server. We can
Dialogue: 0,0:13:13.44,0:13:15.50,Default,,0000,0000,0000,,check the name:
Dialogue: 0,0:13:18.16,0:13:20.63,Default,,0000,0000,0000,,Windows 10-4.
Dialogue: 0,0:13:21.21,0:13:23.44,Default,,0000,0000,0000,,So, once you confirm that,
Dialogue: 0,0:13:23.44,0:13:26.56,Default,,0000,0000,0000,,you can type your system name there,
Dialogue: 0,0:13:26.56,0:13:28.56,Default,,0000,0000,0000,,choose your system type,
Dialogue: 0,0:13:28.56,0:13:30.00,Default,,0000,0000,0000,,(Windows).
Dialogue: 0,0:13:30.00,0:13:32.08,Default,,0000,0000,0000,,In the future, we also can do Ubuntu
Dialogue: 0,0:13:32.08,0:13:37.36,Default,,0000,0000,0000,,scanning, but that will be in a different video.
Dialogue: 0,0:13:37.36,0:13:40.55,Default,,0000,0000,0000,,One thing you need to remember: the WinRM
Dialogue: 0,0:13:40.55,0:13:42.56,Default,,0000,0000,0000,,(Windows Remote Management) Service has
Dialogue: 0,0:13:42.56,0:13:44.32,Default,,0000,0000,0000,,to be up and running by default. It
Dialogue: 0,0:13:44.32,0:13:46.80,Default,,0000,0000,0000,,should be up and running already.
Dialogue: 0,0:13:46.80,0:13:49.20,Default,,0000,0000,0000,,If not, then you need to go back to
Dialogue: 0,0:13:49.20,0:13:52.88,Default,,0000,0000,0000,,CIS-CAT Pro documentation to see how
Dialogue: 0,0:13:52.88,0:13:55.12,Default,,0000,0000,0000,,to enable Windows ARM and how to use Group
Dialogue: 0,0:13:55.12,0:13:56.56,Default,,0000,0000,0000,,Policy
Dialogue: 0,0:13:56.56,0:13:57.60,Default,,0000,0000,0000,,to
Dialogue: 0,0:13:57.60,0:14:00.84,Default,,0000,0000,0000,,enable Windows 10 for your
Dialogue: 0,0:14:00.84,0:14:04.56,Default,,0000,0000,0000,,destination. Username:
Dialogue: 0,0:14:05.84,0:14:10.48,Default,,0000,0000,0000,,I'm going to use a domain admin account.
Dialogue: 0,0:14:11.76,0:14:15.16,Default,,0000,0000,0000,,IP address.
Dialogue: 0,0:14:17.68,0:14:19.68,Default,,0000,0000,0000,,Username, actually,
Dialogue: 0,0:14:19.68,0:14:22.32,Default,,0000,0000,0000,,you need to specify the domain here as
Dialogue: 0,0:14:22.32,0:14:25.84,Default,,0000,0000,0000,,well using the format that's required:
Dialogue: 0,0:14:25.84,0:14:30.39,Default,,0000,0000,0000,,which is username plus 51.sec.local.
Dialogue: 0,0:14:30.39,0:14:32.24,Default,,0000,0000,0000,,Just make sure your domain name is
Dialogue: 0,0:14:32.24,0:14:33.20,Default,,0000,0000,0000,,correct.
Dialogue: 0,0:14:33.20,0:14:36.56,Default,,0000,0000,0000,,Username is correct. Password is correct.
Dialogue: 0,0:14:36.56,0:14:39.68,Default,,0000,0000,0000,,No temporary password is needed. Now,
Dialogue: 0,0:14:39.68,0:14:42.08,Default,,0000,0000,0000,,after you enter the destination
Dialogue: 0,0:14:42.08,0:14:45.36,Default,,0000,0000,0000,,information, you need to pick
Dialogue: 0,0:14:45.36,0:14:48.16,Default,,0000,0000,0000,,the benchmark.
Dialogue: 0,0:14:49.04,0:14:50.56,Default,,0000,0000,0000,,So, we are going to use the Windows 10
Dialogue: 0,0:14:50.56,0:14:52.64,Default,,0000,0000,0000,,Enterprise benchmark.
Dialogue: 0,0:14:52.64,0:14:53.76,Default,,0000,0000,0000,,We can
Dialogue: 0,0:14:53.76,0:14:57.20,Default,,0000,0000,0000,,choose Next Generation Windows Security.
Dialogue: 0,0:14:57.20,0:14:58.72,Default,,0000,0000,0000,,There's a couple of other options you can
Dialogue: 0,0:14:58.72,0:15:00.96,Default,,0000,0000,0000,,choose, but we choose level 2.
Dialogue: 0,0:15:00.96,0:15:02.64,Default,,0000,0000,0000,,After all those
Dialogue: 0,0:15:02.64,0:15:06.24,Default,,0000,0000,0000,,options you selected it, you can save it,
Dialogue: 0,0:15:06.24,0:15:08.96,Default,,0000,0000,0000,,and it will add it into your target system
Dialogue: 0,0:15:08.96,0:15:11.28,Default,,0000,0000,0000,,here.
Dialogue: 0,0:15:11.36,0:15:14.16,Default,,0000,0000,0000,,Before you scan to next step, you want to
Dialogue: 0,0:15:14.16,0:15:16.56,Default,,0000,0000,0000,,make sure you have a connection to the
Dialogue: 0,0:15:16.56,0:15:19.04,Default,,0000,0000,0000,,target.
Dialogue: 0,0:15:21.28,0:15:24.64,Default,,0000,0000,0000,,If you see any errors happens here, you
Dialogue: 0,0:15:24.64,0:15:27.12,Default,,0000,0000,0000,,may want to go back to check your
Dialogue: 0,0:15:27.12,0:15:28.24,Default,,0000,0000,0000,,settings.
Dialogue: 0,0:15:28.24,0:15:31.04,Default,,0000,0000,0000,,As you can see here, I do see an error
Dialogue: 0,0:15:31.04,0:15:34.48,Default,,0000,0000,0000,,occurred while creating a session.
Dialogue: 0,0:15:35.36,0:15:37.36,Default,,0000,0000,0000,,So, we need to fix that
Dialogue: 0,0:15:37.36,0:15:41.04,Default,,0000,0000,0000,,information before we can continue.
Dialogue: 0,0:15:41.04,0:15:44.08,Default,,0000,0000,0000,,So, you choose your target system,
Dialogue: 0,0:15:44.08,0:15:46.24,Default,,0000,0000,0000,,and choose "Edit" to
Dialogue: 0,0:15:46.24,0:15:49.92,Default,,0000,0000,0000,,verify those configurations one by
Dialogue: 0,0:15:49.92,0:15:51.92,Default,,0000,0000,0000,,one. So, we noticed
Dialogue: 0,0:15:51.92,0:15:55.44,Default,,0000,0000,0000,,I put that wrong IP here.
Dialogue: 0,0:15:55.44,0:15:58.32,Default,,0000,0000,0000,,Save.
Dialogue: 0,0:15:58.40,0:16:00.32,Default,,0000,0000,0000,,Let me test the connection
Dialogue: 0,0:16:00.32,0:16:02.10,Default,,0000,0000,0000,,again.
Dialogue: 0,0:16:11.12,0:16:12.08,Default,,0000,0000,0000,,Now,
Dialogue: 0,0:16:12.08,0:16:14.48,Default,,0000,0000,0000,,the error is gone, and the
Dialogue: 0,0:16:14.48,0:16:16.88,Default,,0000,0000,0000,,connection is established.
Dialogue: 0,0:16:16.88,0:16:20.76,Default,,0000,0000,0000,,Let's go to the next step.
Dialogue: 0,0:16:22.96,0:16:24.96,Default,,0000,0000,0000,,Choose our target system. As I mentioned
Dialogue: 0,0:16:24.96,0:16:27.84,Default,,0000,0000,0000,,before, we can add more target
Dialogue: 0,0:16:27.84,0:16:29.60,Default,,0000,0000,0000,,system here, like, we can add the domain
Dialogue: 0,0:16:29.60,0:16:32.64,Default,,0000,0000,0000,,controller (DC),
Dialogue: 0,0:16:34.40,0:16:37.12,Default,,0000,0000,0000,,Windows,
Dialogue: 0,0:16:37.12,0:16:39.36,Default,,0000,0000,0000,,HTTP,
Dialogue: 0,0:16:39.36,0:16:42.68,Default,,0000,0000,0000,,etc.
Dialogue: 0,0:16:54.64,0:16:57.12,Default,,0000,0000,0000,,Since it's a Windows Server, we
Dialogue: 0,0:16:57.12,0:16:59.60,Default,,0000,0000,0000,,probably
Dialogue: 0,0:16:59.68,0:17:01.20,Default,,0000,0000,0000,,need to change
Dialogue: 0,0:17:01.20,0:17:03.28,Default,,0000,0000,0000,,the benchmarks, so I just choose the
Dialogue: 0,0:17:03.28,0:17:04.56,Default,,0000,0000,0000,,automated
Dialogue: 0,0:17:04.56,0:17:07.68,Default,,0000,0000,0000,,sub-controls only
Dialogue: 0,0:17:15.60,0:17:17.68,Default,,0000,0000,0000,,and save it.
Dialogue: 0,0:17:17.68,0:17:21.04,Default,,0000,0000,0000,,Now, we have two systems.
Dialogue: 0,0:17:22.40,0:17:24.40,Default,,0000,0000,0000,,So, you need to choose, or you can choose
Dialogue: 0,0:17:24.40,0:17:26.96,Default,,0000,0000,0000,,multiple of them using the controls. You
Dialogue: 0,0:17:26.96,0:17:30.24,Default,,0000,0000,0000,,can choose two of them together to scan.
Dialogue: 0,0:17:30.24,0:17:32.72,Default,,0000,0000,0000,,i want to make sure we can go to the DC
Dialogue: 0,0:17:32.72,0:17:36.68,Default,,0000,0000,0000,,as well. Let's test the connection.
Dialogue: 0,0:17:47.20,0:17:48.96,Default,,0000,0000,0000,,So, connection has been
Dialogue: 0,0:17:48.96,0:17:51.44,Default,,0000,0000,0000,,tested successfully.
Dialogue: 0,0:17:51.44,0:17:54.80,Default,,0000,0000,0000,,It's established.
Dialogue: 0,0:17:54.80,0:17:56.64,Default,,0000,0000,0000,,So, let's
Dialogue: 0,0:17:56.64,0:17:58.00,Default,,0000,0000,0000,,choose both
Dialogue: 0,0:17:58.00,0:18:01.72,Default,,0000,0000,0000,,and go to the next step.
Dialogue: 0,0:18:16.56,0:18:21.76,Default,,0000,0000,0000,,We need a benchmark for our Windows 10.
Dialogue: 0,0:18:21.76,0:18:24.24,Default,,0000,0000,0000,,I believe we can choose this one. Choose,
Dialogue: 0,0:18:24.24,0:18:26.32,Default,,0000,0000,0000,,add,
Dialogue: 0,0:18:26.32,0:18:28.56,Default,,0000,0000,0000,,and save.
Dialogue: 0,0:18:28.56,0:18:32.16,Default,,0000,0000,0000,,So, now it shows one. So, we need
Dialogue: 0,0:18:32.16,0:18:34.96,Default,,0000,0000,0000,,at least one benchmark for
Dialogue: 0,0:18:34.96,0:18:37.04,Default,,0000,0000,0000,,each system.
Dialogue: 0,0:18:37.04,0:18:39.04,Default,,0000,0000,0000,,Click "Next."
Dialogue: 0,0:18:39.04,0:18:42.48,Default,,0000,0000,0000,,Again, HTML has been selected for us.
Dialogue: 0,0:18:42.48,0:18:44.32,Default,,0000,0000,0000,,The report
Dialogue: 0,0:18:44.32,0:18:46.80,Default,,0000,0000,0000,,folder, we keep default.
Dialogue: 0,0:18:46.80,0:18:49.60,Default,,0000,0000,0000,,Then, we do start
Dialogue: 0,0:18:49.60,0:18:51.42,Default,,0000,0000,0000,,assessment.
Dialogue: 0,0:18:53.44,0:18:55.68,Default,,0000,0000,0000,,This may take
Dialogue: 0,0:18:55.68,0:18:58.24,Default,,0000,0000,0000,,two or three minutes to get the post.
Dialogue: 0,0:18:58.24,0:19:00.72,Default,,0000,0000,0000,,Since it's remote, it's slower
Dialogue: 0,0:19:00.72,0:19:02.96,Default,,0000,0000,0000,,than doing a local.
Dialogue: 0,0:19:02.96,0:19:04.88,Default,,0000,0000,0000,,The process is the same.
Dialogue: 0,0:19:04.88,0:19:07.12,Default,,0000,0000,0000,,It created a connection
Dialogue: 0,0:19:07.12,0:19:09.20,Default,,0000,0000,0000,,and then goes through
Dialogue: 0,0:19:09.20,0:19:12.40,Default,,0000,0000,0000,,all the controls they need to
Dialogue: 0,0:19:12.40,0:19:15.52,Default,,0000,0000,0000,,validate using script.
Dialogue: 0,0:19:15.52,0:19:18.16,Default,,0000,0000,0000,,And then validate all settings,
Dialogue: 0,0:19:18.16,0:19:20.98,Default,,0000,0000,0000,,and then come back with the report.
Dialogue: 0,0:20:50.32,0:20:53.20,Default,,0000,0000,0000,,Well, after probably five minutes or
Dialogue: 0,0:20:53.20,0:20:55.20,Default,,0000,0000,0000,,six minutes,
Dialogue: 0,0:20:55.20,0:20:56.80,Default,,0000,0000,0000,,the report
Dialogue: 0,0:20:56.80,0:20:59.20,Default,,0000,0000,0000,,has been generated.
Dialogue: 0,0:20:59.20,0:21:01.60,Default,,0000,0000,0000,,We finished our scanning.
Dialogue: 0,0:21:01.60,0:21:06.00,Default,,0000,0000,0000,,So, you will be able to see both reports.
Dialogue: 0,0:21:06.00,0:21:09.73,Default,,0000,0000,0000,,Let's take a quick look here.
Dialogue: 0,0:21:20.16,0:21:24.12,Default,,0000,0000,0000,,It's for Windows 10.
Dialogue: 0,0:21:32.32,0:21:34.72,Default,,0000,0000,0000,,You also can check along
Dialogue: 0,0:21:34.72,0:21:37.44,Default,,0000,0000,0000,,domain controllers,
Dialogue: 0,0:21:37.44,0:21:40.21,Default,,0000,0000,0000,,51secdc1.
Dialogue: 0,0:21:46.00,0:21:50.16,Default,,0000,0000,0000,,So, now we finished our remote scanning.
Dialogue: 0,0:21:50.16,0:21:53.44,Default,,0000,0000,0000,,Basically, that's how you can use
Dialogue: 0,0:21:53.44,0:21:55.52,Default,,0000,0000,0000,,this free tool
Dialogue: 0,0:21:55.52,0:21:58.16,Default,,0000,0000,0000,,to validate your security configuration
Dialogue: 0,0:21:58.16,0:22:00.16,Default,,0000,0000,0000,,on your target system.
Dialogue: 0,0:22:00.16,0:22:02.24,Default,,0000,0000,0000,,You don't have to pay
Dialogue: 0,0:22:02.24,0:22:06.32,Default,,0000,0000,0000,,anything if you are only using those basic
Dialogue: 0,0:22:06.32,0:22:07.60,Default,,0000,0000,0000,,profiles.
Dialogue: 0,0:22:07.60,0:22:10.00,Default,,0000,0000,0000,,For your system, for Windows 10, and the
Dialogue: 0,0:22:10.00,0:22:14.48,Default,,0000,0000,0000,,server Ubuntu, Google Chrome,
Dialogue: 0,0:22:14.48,0:22:17.04,Default,,0000,0000,0000,,if you have more, other systems need to be
Dialogue: 0,0:22:17.04,0:22:19.28,Default,,0000,0000,0000,,validated. Then, you have to
Dialogue: 0,0:22:19.28,0:22:22.88,Default,,0000,0000,0000,,get the license for your Pro version.
Dialogue: 0,0:22:22.88,0:22:27.36,Default,,0000,0000,0000,,That will be in different videos.
Dialogue: 0,0:22:27.36,0:22:30.96,Default,,0000,0000,0000,,That's all for this video. This is how you can
Dialogue: 0,0:22:30.96,0:22:33.52,Default,,0000,0000,0000,,use the free tool,
Dialogue: 0,0:22:33.52,0:22:36.24,Default,,0000,0000,0000,,CIS-CAT Lite,
Dialogue: 0,0:22:36.24,0:22:39.20,Default,,0000,0000,0000,,to check your security settings on your
Dialogue: 0,0:22:39.20,0:22:40.80,Default,,0000,0000,0000,,target.
Dialogue: 0,0:22:40.80,0:22:42.72,Default,,0000,0000,0000,,I hope you enjoyed it.
Dialogue: 0,0:22:42.72,0:22:45.12,Default,,0000,0000,0000,,If you find anything useful in this
Dialogue: 0,0:22:45.12,0:22:46.96,Default,,0000,0000,0000,,video, give me a thumb up.
Dialogue: 0,0:22:46.96,0:22:50.08,Default,,0000,0000,0000,,Also, please subscribe to my channel if you
Dialogue: 0,0:22:50.08,0:22:51.44,Default,,0000,0000,0000,,haven't.
Dialogue: 0,0:22:51.44,0:22:53.99,Default,,0000,0000,0000,,Thank you for watching.
Dialogue: 0,0:22:53.99,0:23:13.62,Default,,0000,0000,0000,,[Music].