WEBVTT

00:00:00.000 --> 00:00:06.470
[Keyboard typing].

00:00:10.400 --> 00:00:13.519
Hello, YouTubers. Welcome back to my

00:00:13.519 --> 00:00:15.280
NetSec YouTube channel.

00:00:15.280 --> 00:00:18.560
This is Johnny, a network and security

00:00:18.560 --> 00:00:19.767
guy.

00:00:20.560 --> 00:00:23.600
When I'm wearing my security hat,

00:00:23.600 --> 00:00:26.720
one of popular questions I got asked

00:00:26.720 --> 00:00:27.920
is about the

00:00:27.920 --> 00:00:32.079
security of the system: How do I ensure this

00:00:32.079 --> 00:00:35.440
system has been configured securely?

00:00:35.440 --> 00:00:38.320
Usually, my answer is quite simple.

00:00:38.320 --> 00:00:41.920
Let's run CIS-CAT scanning.

00:00:41.920 --> 00:00:44.460
What is CIS-CAT?

00:00:45.680 --> 00:00:48.960
This is just a tool created center for

00:00:48.960 --> 00:00:50.960
Internet Security Configuration

00:00:50.960 --> 00:00:53.199
Assessment Tool.

00:00:53.199 --> 00:00:55.120
We are going to compare the target

00:00:55.120 --> 00:00:58.079
configuration settings with core

00:00:58.079 --> 00:01:00.800
configuration settings recommended. They

00:01:00.800 --> 00:01:03.840
have hundreds of CS benchmarks for different

00:01:03.840 --> 00:01:05.119
systems.

00:01:05.119 --> 00:01:07.040
After the comparison, they're going to give

00:01:07.040 --> 00:01:09.760
you a report that shows the score of how to

00:01:09.760 --> 00:01:12.119
secure your system, and also give you

00:01:12.119 --> 00:01:15.200
recommendations for how to remediate

00:01:15.200 --> 00:01:18.320
those security holes you might have.

00:01:18.320 --> 00:01:20.960
This whole tool makes the scanning,

00:01:20.960 --> 00:01:23.840
validation, and reporting much easier and

00:01:23.840 --> 00:01:27.040
simpler for users who need to find out

00:01:27.040 --> 00:01:29.680
the best security configuration for

00:01:29.680 --> 00:01:30.960
their system.

00:01:30.960 --> 00:01:32.400
This is a

00:01:32.400 --> 00:01:35.360
very helpful and useful tool. There are

00:01:35.360 --> 00:01:37.040
two versions,

00:01:37.040 --> 00:01:40.720
such as CIS-CAT Pro and CIS-CAT Lite.

00:01:40.720 --> 00:01:43.920
In this video, I'm going to present how

00:01:43.920 --> 00:01:47.360
you can download CIS-CAT Lite, how you can

00:01:47.360 --> 00:01:50.479
run it, and how you can scan

00:01:50.479 --> 00:01:52.479
for your target.

00:01:52.479 --> 00:01:53.360
Now

00:01:53.360 --> 00:01:56.000
let's jump into my lab, and we can start.

00:01:56.000 --> 00:01:59.829
Let's start it!

00:02:01.128 --> 00:02:04.159
1. Lab Topology

00:02:04.159 --> 00:02:08.560
Now, let's take a look my lab topology.

00:02:08.560 --> 00:02:12.319
For this lab, I have three machines.

00:02:12.319 --> 00:02:14.800
One is Windows 2016,

00:02:14.800 --> 00:02:16.319
which we are going to

00:02:16.319 --> 00:02:19.520
launch CIS-CAT Lite from this machine to

00:02:19.520 --> 00:02:23.360
do the scanning for Windows 10 and

00:02:23.360 --> 00:02:27.200
51sec.local DC.

00:02:27.200 --> 00:02:30.000
All those machines are in the domain.

00:02:30.000 --> 00:02:33.200
If you are using workgroups, similar

00:02:33.200 --> 00:02:35.840
operations.

00:02:35.840 --> 00:02:38.720
Again, this is a very simple network. They're all

00:02:38.720 --> 00:02:40.720
running in the same

00:02:40.720 --> 00:02:44.319
network, 192.168.2.

00:02:44.319 --> 00:02:46.879
If you have firewall between

00:02:46.879 --> 00:02:50.800
your CIS-CAT Lite server and your

00:02:50.800 --> 00:02:54.000
destinations, you may need to open your

00:02:54.000 --> 00:02:55.440
firewalls,

00:02:55.440 --> 00:02:58.779
but that will be in a different topic.

00:02:59.016 --> 00:03:02.387
2. Download

00:03:03.040 --> 00:03:06.400
Now, let's download the CIS-CAT Lite

00:03:06.400 --> 00:03:08.319
version. It's a free

00:03:08.319 --> 00:03:09.440
CAT tool

00:03:09.440 --> 00:03:12.469
to scan your destination.

00:03:13.760 --> 00:03:16.640
You can directly, using Google,

00:03:16.640 --> 00:03:19.920
search for "CIS-CAT Lite." The first link will jump

00:03:19.920 --> 00:03:20.800
out,

00:03:20.800 --> 00:03:23.440
and it will be

00:03:23.680 --> 00:03:25.519
this page.

00:03:25.519 --> 00:03:28.080
For this form, what you need to do is--you

00:03:28.080 --> 00:03:30.000
don't need to provide your credit card.

00:03:30.000 --> 00:03:32.080
You provide your minimum personal

00:03:32.080 --> 00:03:34.239
information: name,

00:03:34.239 --> 00:03:36.480
organization, role,

00:03:36.480 --> 00:03:40.159
email, sector, country,

00:03:40.159 --> 00:03:42.239
how many employees, and how did you hear

00:03:42.239 --> 00:03:43.599
about us.

00:03:43.599 --> 00:03:45.040
Then,

00:03:45.040 --> 00:03:48.879
click the "Get CIS-CAT" button.

00:03:48.879 --> 00:03:50.640
In a couple of minutes,

00:03:50.640 --> 00:03:52.400
you should be able to get the email like

00:03:52.400 --> 00:03:53.920
this:

00:03:53.920 --> 00:03:56.720
CIS Center for Internet Security,

00:03:56.720 --> 00:03:59.680
CIS-CAT version 4,

00:03:59.680 --> 00:04:03.360
and the download link here.

00:04:04.799 --> 00:04:06.000
Click the link,

00:04:06.000 --> 00:04:07.920
and the download should happen

00:04:07.920 --> 00:04:10.400
immediately.

00:04:10.400 --> 00:04:14.159
At about 148 megabytes.

00:04:14.159 --> 00:04:16.320
Depending on your internet speed, one

00:04:16.320 --> 00:04:18.238
minute, two minutes, you should be able to

00:04:18.238 --> 00:04:19.409
get it.

00:04:20.569 --> 00:04:23.600
So that how you can get it.

00:04:23.600 --> 00:04:25.680
You may also get this

00:04:25.680 --> 00:04:27.919
email as well to show you how to get

00:04:27.919 --> 00:04:30.960
started with CIS-CAT Lite.

00:04:30.960 --> 00:04:32.639
That will help you

00:04:32.639 --> 00:04:34.800
to start to use

00:04:34.800 --> 00:04:36.239
this tool.

00:04:37.840 --> 00:04:40.240
You also can register for webmail

00:04:40.240 --> 00:04:42.564
to get more information.

00:04:42.952 --> 00:04:45.934
3. Run CIS-CAT Lite

00:04:46.400 --> 00:04:49.199
After you download the software,

00:04:49.199 --> 00:04:50.560
you will see

00:04:50.560 --> 00:04:52.160
this zip file:

00:04:52.160 --> 00:04:56.919
CIS-CAT Lite version 4.21.0.

00:04:57.280 --> 00:04:58.800
To run it,

00:04:58.800 --> 00:05:00.639
you don't need to install it.

00:05:00.639 --> 00:05:04.472
The only thing you need to do is extract all.

00:05:07.759 --> 00:05:09.280
I'm running

00:05:09.280 --> 00:05:12.560
CIS-CAT Lite in my virtual machine.

00:05:12.560 --> 00:05:16.080
I'm giving it 8 gigabytes of RAM

00:05:16.080 --> 00:05:18.842
and 4 virtual CPUs.

00:05:19.919 --> 00:05:21.360
It depends on

00:05:21.360 --> 00:05:24.800
how many system you need to scan.

00:05:24.800 --> 00:05:26.560
Usually,

00:05:26.560 --> 00:05:28.320
even 4 gigabytes of RAM

00:05:28.320 --> 00:05:30.320
and 2 virtual CPUs are

00:05:30.320 --> 00:05:33.680
more than enough.

00:05:37.440 --> 00:05:40.000
Once you unzip it, you will get

00:05:40.000 --> 00:05:41.199
access to

00:05:41.199 --> 00:05:43.840
this folder,

00:05:43.840 --> 00:05:49.468
and you will find the "accessor-ui.exe" file.

00:05:50.479 --> 00:05:58.634
To run it, it is very simple. Just right-click this "accessor-ui.exe" file and choose

00:05:58.634 --> 00:06:00.479
"Run as administrator."

00:06:00.479 --> 00:06:05.199
You will see it shows CIS-CAT Pro access

00:06:05.199 --> 00:06:08.560
in the Windows title.

00:06:08.880 --> 00:06:11.680
If we are syncing this, "Oh, maybe I

00:06:11.680 --> 00:06:13.360
download the wrong one,"

00:06:13.360 --> 00:06:16.639
but actually, the Windows title shows

00:06:16.639 --> 00:06:19.520
"CIS-CAT Pro Accessor."

00:06:19.520 --> 00:06:22.639
Eventually, you will get the CIS-CAT Lite

00:06:22.639 --> 00:06:23.759
version

00:06:23.759 --> 00:06:24.639
since

00:06:24.639 --> 00:06:26.319
it's

00:06:26.319 --> 00:06:29.280
a restricted version of this Pro.

00:06:29.280 --> 00:06:34.199
You will see here "CIS-CAT Lite."

00:06:34.880 --> 00:06:38.479
It uses the same Web GUI as the Pro version.

00:06:38.479 --> 00:06:39.520
The only

00:06:39.520 --> 00:06:42.639
thing is this is a restricted version.

00:06:42.639 --> 00:06:45.280
It's a Lite version, and also you will

00:06:45.280 --> 00:06:47.600
see they want you to

00:06:47.600 --> 00:06:49.600
see the documentation, which is Pro

00:06:49.600 --> 00:06:52.479
documentation. You won't find too much

00:06:52.479 --> 00:06:55.039
information about the Lite, but you will see

00:06:55.039 --> 00:06:57.713
everything for the Pro.

00:06:58.428 --> 00:07:01.418
4. Assess Local System

00:07:02.560 --> 00:07:05.360
Once you launch the Web GUI, scanning

00:07:05.360 --> 00:07:07.360
the system gonna be very simple, either

00:07:07.360 --> 00:07:09.599
local or remote.

00:07:09.599 --> 00:07:11.440
The Lite version

00:07:11.440 --> 00:07:15.039
has no limitation on how many targets you

00:07:15.039 --> 00:07:16.880
can scan,

00:07:16.880 --> 00:07:18.479
so you can scan local and the remote

00:07:18.479 --> 00:07:21.199
system. Let's start from this local system

00:07:21.199 --> 00:07:22.400
first.

00:07:22.400 --> 00:07:25.599
The local system is Windows 2016, as I

00:07:25.599 --> 00:07:28.639
mentioned before. So we are going to

00:07:28.639 --> 00:07:31.363
use

00:07:33.199 --> 00:07:37.440
Windows Server CIS controls

00:07:37.440 --> 00:07:40.960
Assessment Module: Implementation Group 1,

00:07:40.960 --> 00:07:43.440
which is the minimum requirement for the

00:07:43.440 --> 00:07:45.081
server.

00:07:46.319 --> 00:07:47.919
And we're going to choose this one,

00:07:47.919 --> 00:07:50.240
automated checks, and the survey

00:07:50.240 --> 00:07:51.440
questions.

00:07:51.440 --> 00:07:52.960
So, you will get a lot of survey

00:07:52.960 --> 00:07:58.160
questions for the interactive answers.

00:07:58.160 --> 00:07:59.599
One thing:

00:07:59.599 --> 00:08:01.280
The Lite version,

00:08:01.280 --> 00:08:04.000
this is different from the Pro version:

00:08:04.000 --> 00:08:07.039
you only have limited benchmarks.

00:08:07.039 --> 00:08:10.400
The Pro version provides

00:08:10.400 --> 00:08:13.440
hundreds of benchmarks for you to use, but

00:08:13.440 --> 00:08:15.520
here the benchmarks only limited to a

00:08:15.520 --> 00:08:17.919
couple, from Windows 10,

00:08:17.919 --> 00:08:19.520
Ubuntu,

00:08:19.520 --> 00:08:21.039
Google Chrome,

00:08:21.039 --> 00:08:21.919
and the

00:08:21.919 --> 00:08:25.360
minimum requirement for Windows Server.

00:08:25.360 --> 00:08:27.680
After you choose the benchmarks and the

00:08:27.680 --> 00:08:29.440
profile--

00:08:29.440 --> 00:08:31.120
basically, the profile I would think of as

00:08:31.120 --> 00:08:34.240
always being a baseline--

00:08:35.599 --> 00:08:38.080
and you can add it.

00:08:38.080 --> 00:08:40.719
So, once you choose "Add," it will

00:08:40.719 --> 00:08:42.080
give you

00:08:42.080 --> 00:08:44.240
a text box to ask you

00:08:44.240 --> 00:08:46.880
questions.

00:08:46.880 --> 00:08:48.000
You can just

00:08:48.000 --> 00:08:50.080
click "OK." That's

00:08:50.080 --> 00:08:51.720
about

00:08:51.720 --> 00:08:57.200
29 questions for this survey.

00:08:57.200 --> 00:08:58.320
So,

00:08:58.320 --> 00:09:00.560
for me, I'm just quickly

00:09:00.560 --> 00:09:04.000
demonstrating the process. I will click

00:09:04.000 --> 00:09:08.279
"Yes" for all questions.

00:09:23.440 --> 00:09:26.160
So, once all questions have been answered,

00:09:26.160 --> 00:09:28.320
the selected profile and

00:09:28.320 --> 00:09:31.519
benchmark will be in this selected

00:09:31.519 --> 00:09:33.519
section.

00:09:33.519 --> 00:09:35.360
After that,

00:09:35.360 --> 00:09:38.320
we can choose "Next."

00:09:38.320 --> 00:09:41.440
Here are the report output options.

00:09:41.440 --> 00:09:43.360
Since we are using the Lite version, we only

00:09:43.360 --> 00:09:47.760
have HTML. It's already selected for us.

00:09:47.760 --> 00:09:50.560
If you're using the Pro, you can use CSV, text,

00:09:50.560 --> 00:09:53.279
XML, and JSON.

00:09:53.279 --> 00:09:55.040
And we can pick

00:09:55.040 --> 00:09:58.560
the destination, and you leave it as default.

00:09:58.560 --> 00:10:01.200
You also can save the configuration file

00:10:01.200 --> 00:10:03.200
for the future use, and you don't

00:10:03.200 --> 00:10:08.000
have to do all the selection again.

00:10:08.160 --> 00:10:10.240
Click "Next."

00:10:10.240 --> 00:10:12.560
So it will ask you for

00:10:12.560 --> 00:10:16.959
confirmation to start the assessment.

00:10:17.120 --> 00:10:19.040
The assessment usually

00:10:19.040 --> 00:10:20.000
takes

00:10:20.000 --> 00:10:24.200
two minutes to get done.

00:10:45.200 --> 00:10:46.640
Alright,

00:10:46.640 --> 00:10:49.519
we got a report.

00:10:50.320 --> 00:10:54.720
Then, you can choose "View HTML," and

00:10:54.720 --> 00:10:58.079
that will show you a really nice report

00:10:58.079 --> 00:11:01.320
in your browser.

00:11:02.560 --> 00:11:05.760
For my machine, the automated checks

00:11:05.760 --> 00:11:07.839
failed 11

00:11:07.839 --> 00:11:09.200
items,

00:11:09.200 --> 00:11:12.399
we have 4 passed.

00:11:12.399 --> 00:11:14.640
For user survey questions, we got 29

00:11:14.640 --> 00:11:16.800
questions since we selected "Yes" for all

00:11:16.800 --> 00:11:19.519
of them, we passed 100%.

00:11:19.519 --> 00:11:21.360
Total

00:11:21.360 --> 00:11:22.959
77%

00:11:22.959 --> 00:11:24.336
pass.

00:11:26.480 --> 00:11:29.200
You should be able to see all the check

00:11:29.200 --> 00:11:30.899
details.

00:11:34.800 --> 00:11:38.000
For each failed item,

00:11:38.000 --> 00:11:41.040
you will see remediation recommendations

00:11:41.040 --> 00:11:43.120
here.

00:11:43.120 --> 00:11:45.040
That should help you

00:11:45.040 --> 00:11:46.320
to remedy

00:11:46.320 --> 00:11:49.600
the failed items.

00:11:49.600 --> 00:11:54.760
So, this is the local scanning.

00:11:56.320 --> 00:11:58.800
We're also able to do the remote system

00:11:58.800 --> 00:12:01.360
scanning.

00:12:08.079 --> 00:12:11.760
As mentioned before, I have Windows 10

00:12:11.760 --> 00:12:13.839
set up as my target,

00:12:13.839 --> 00:12:18.800
which is also joined to the local domain.

00:12:18.800 --> 00:12:22.160
I'm going to use the CIS-CAT Lite

00:12:22.160 --> 00:12:25.200
Windows 2016 server to scan this Windows

00:12:25.200 --> 00:12:27.440
10, and we also can do

00:12:27.440 --> 00:12:29.839
the domain controller scan as well. So,

00:12:29.839 --> 00:12:31.040
we can do

00:12:31.040 --> 00:12:34.040
both.

00:12:38.720 --> 00:12:41.760
So, you need to choose "Advanced" for

00:12:41.760 --> 00:12:44.429
remote or target system.

00:12:48.079 --> 00:12:51.680
I'm going to use Windows 10 here.

00:12:51.680 --> 00:12:53.440
And one thing you may want to make sure

00:12:53.440 --> 00:12:54.480
is that

00:12:54.480 --> 00:12:57.440
you can ping

00:12:57.519 --> 00:12:59.844
your remote server.

00:13:04.959 --> 00:13:07.118
That's our

00:13:10.959 --> 00:13:13.440
destination, Windows 10 server. We can

00:13:13.440 --> 00:13:15.496
check the name:

00:13:18.160 --> 00:13:20.630
Windows 10-4.

00:13:21.210 --> 00:13:23.440
So, once you confirm that,

00:13:23.440 --> 00:13:26.560
you can type your system name there,

00:13:26.560 --> 00:13:28.560
choose your system type,

00:13:28.560 --> 00:13:30.000
(Windows).

00:13:30.000 --> 00:13:32.079
In the future, we also can do Ubuntu

00:13:32.079 --> 00:13:37.360
scanning, but that will be in a different video.

00:13:37.360 --> 00:13:40.550
One thing you need to remember: the WinRM

00:13:40.550 --> 00:13:42.560
(Windows Remote Management) Service has

00:13:42.560 --> 00:13:44.320
to be up and running by default. It

00:13:44.320 --> 00:13:46.800
should be up and running already.

00:13:46.800 --> 00:13:49.200
If not, then you need to go back to

00:13:49.200 --> 00:13:52.880
CIS-CAT Pro documentation to see how

00:13:52.880 --> 00:13:55.120
to enable Windows ARM and how to use Group

00:13:55.120 --> 00:13:56.560
Policy

00:13:56.560 --> 00:13:57.600
to

00:13:57.600 --> 00:14:00.839
enable Windows 10 for your

00:14:00.839 --> 00:14:04.560
destination. Username:

00:14:05.839 --> 00:14:10.480
I'm going to use a domain admin account.

00:14:11.760 --> 00:14:15.160
IP address.

00:14:17.680 --> 00:14:19.680
Username, actually,

00:14:19.680 --> 00:14:22.320
you need to specify the domain here as

00:14:22.320 --> 00:14:25.839
well using the format that's required:

00:14:25.839 --> 00:14:30.390
which is username plus 51.sec.local.

00:14:30.390 --> 00:14:32.240
Just make sure your domain name is

00:14:32.240 --> 00:14:33.199
correct.

00:14:33.199 --> 00:14:36.560
Username is correct. Password is correct.

00:14:36.560 --> 00:14:39.680
No temporary password is needed. Now,

00:14:39.680 --> 00:14:42.079
after you enter the destination

00:14:42.079 --> 00:14:45.360
information, you need to pick

00:14:45.360 --> 00:14:48.160
the benchmark.

00:14:49.040 --> 00:14:50.560
So, we are going to use the Windows 10

00:14:50.560 --> 00:14:52.639
Enterprise benchmark.

00:14:52.639 --> 00:14:53.760
We can

00:14:53.760 --> 00:14:57.199
choose Next Generation Windows Security.

00:14:57.199 --> 00:14:58.720
There's a couple of other options you can

00:14:58.720 --> 00:15:00.959
choose, but we choose level 2.

00:15:00.959 --> 00:15:02.639
After all those

00:15:02.639 --> 00:15:06.240
options you selected it, you can save it,

00:15:06.240 --> 00:15:08.959
and it will add it into your target system

00:15:08.959 --> 00:15:11.279
here.

00:15:11.360 --> 00:15:14.160
Before you scan to next step, you want to

00:15:14.160 --> 00:15:16.560
make sure you have a connection to the

00:15:16.560 --> 00:15:19.040
target.

00:15:21.279 --> 00:15:24.639
If you see any errors happens here, you

00:15:24.639 --> 00:15:27.120
may want to go back to check your

00:15:27.120 --> 00:15:28.240
settings.

00:15:28.240 --> 00:15:31.040
As you can see here, I do see an error

00:15:31.040 --> 00:15:34.480
occurred while creating a session.

00:15:35.360 --> 00:15:37.360
So, we need to fix that

00:15:37.360 --> 00:15:41.040
information before we can continue.

00:15:41.040 --> 00:15:44.079
So, you choose your target system,

00:15:44.079 --> 00:15:46.240
and choose "Edit" to

00:15:46.240 --> 00:15:49.920
verify those configurations one by

00:15:49.920 --> 00:15:51.920
one. So, we noticed

00:15:51.920 --> 00:15:55.440
I put that wrong IP here.

00:15:55.440 --> 00:15:58.320
Save.

00:15:58.399 --> 00:16:00.320
Let me test the connection

00:16:00.320 --> 00:16:02.096
again.

00:16:11.120 --> 00:16:12.079
Now,

00:16:12.079 --> 00:16:14.480
the error is gone, and the

00:16:14.480 --> 00:16:16.880
connection is established.

00:16:16.880 --> 00:16:20.759
Let's go to the next step.

00:16:22.959 --> 00:16:24.959
Choose our target system. As I mentioned

00:16:24.959 --> 00:16:27.839
before, we can add more target

00:16:27.839 --> 00:16:29.600
system here, like, we can add the domain

00:16:29.600 --> 00:16:32.639
controller (DC),

00:16:34.399 --> 00:16:37.120
Windows,

00:16:37.120 --> 00:16:39.360
HTTP,

00:16:39.360 --> 00:16:42.680
etc.

00:16:54.639 --> 00:16:57.120
Since it's a Windows Server, we

00:16:57.120 --> 00:16:59.600
probably

00:16:59.680 --> 00:17:01.199
need to change

00:17:01.199 --> 00:17:03.279
the benchmarks, so I just choose the

00:17:03.279 --> 00:17:04.559
automated

00:17:04.559 --> 00:17:07.679
sub-controls only

00:17:15.599 --> 00:17:17.679
and save it.

00:17:17.679 --> 00:17:21.039
Now, we have two systems.

00:17:22.400 --> 00:17:24.400
So, you need to choose, or you can choose

00:17:24.400 --> 00:17:26.959
multiple of them using the controls. You

00:17:26.959 --> 00:17:30.240
can choose two of them together to scan.

00:17:30.240 --> 00:17:32.720
i want to make sure we can go to the DC

00:17:32.720 --> 00:17:36.679
as well. Let's test the connection.

00:17:47.200 --> 00:17:48.960
So, connection has been

00:17:48.960 --> 00:17:51.440
tested successfully.

00:17:51.440 --> 00:17:54.799
It's established.

00:17:54.799 --> 00:17:56.640
So, let's

00:17:56.640 --> 00:17:58.000
choose both

00:17:58.000 --> 00:18:01.720
and go to the next step.

00:18:16.559 --> 00:18:21.760
We need a benchmark for our Windows 10.

00:18:21.760 --> 00:18:24.240
I believe we can choose this one. Choose,

00:18:24.240 --> 00:18:26.320
add,

00:18:26.320 --> 00:18:28.559
and save.

00:18:28.559 --> 00:18:32.160
So, now it shows one. So, we need

00:18:32.160 --> 00:18:34.960
at least one benchmark for

00:18:34.960 --> 00:18:37.039
each system.

00:18:37.039 --> 00:18:39.039
Click "Next."

00:18:39.039 --> 00:18:42.480
Again, HTML has been selected for us.

00:18:42.480 --> 00:18:44.320
The report

00:18:44.320 --> 00:18:46.799
folder, we keep default.

00:18:46.799 --> 00:18:49.600
Then, we do start

00:18:49.600 --> 00:18:51.421
assessment.

00:18:53.440 --> 00:18:55.679
This may take

00:18:55.679 --> 00:18:58.240
two or three minutes to get the post.

00:18:58.240 --> 00:19:00.720
Since it's remote, it's slower

00:19:00.720 --> 00:19:02.960
than doing a local.

00:19:02.960 --> 00:19:04.880
The process is the same.

00:19:04.880 --> 00:19:07.120
It created a connection

00:19:07.120 --> 00:19:09.200
and then goes through

00:19:09.200 --> 00:19:12.400
all the controls they need to

00:19:12.400 --> 00:19:15.520
validate using script.

00:19:15.520 --> 00:19:18.160
And then validate all settings,

00:19:18.160 --> 00:19:20.980
and then come back with the report.

00:20:50.320 --> 00:20:53.200
Well, after probably five minutes or

00:20:53.200 --> 00:20:55.200
six minutes,

00:20:55.200 --> 00:20:56.799
the report

00:20:56.799 --> 00:20:59.200
has been generated.

00:20:59.200 --> 00:21:01.600
We finished our scanning.

00:21:01.600 --> 00:21:06.000
So, you will be able to see both reports.

00:21:06.000 --> 00:21:09.730
Let's take a quick look here.

00:21:20.159 --> 00:21:24.120
It's for Windows 10.

00:21:32.320 --> 00:21:34.720
You also can check along

00:21:34.720 --> 00:21:37.440
domain controllers,

00:21:37.440 --> 00:21:40.210
51secdc1.

00:21:46.000 --> 00:21:50.159
So, now we finished our remote scanning.

00:21:50.159 --> 00:21:53.440
Basically, that's how you can use

00:21:53.440 --> 00:21:55.520
this free tool

00:21:55.520 --> 00:21:58.159
to validate your security configuration

00:21:58.159 --> 00:22:00.159
on your target system.

00:22:00.159 --> 00:22:02.240
You don't have to pay

00:22:02.240 --> 00:22:06.320
anything if you are only using those basic

00:22:06.320 --> 00:22:07.600
profiles.

00:22:07.600 --> 00:22:10.000
For your system, for Windows 10, and the

00:22:10.000 --> 00:22:14.480
server Ubuntu, Google Chrome,

00:22:14.480 --> 00:22:17.039
if you have more, other systems need to be

00:22:17.039 --> 00:22:19.280
validated. Then, you have to

00:22:19.280 --> 00:22:22.880
get the license for your Pro version.

00:22:22.880 --> 00:22:27.360
That will be in different videos.

00:22:27.360 --> 00:22:30.960
That's all for this video. This is how you can

00:22:30.960 --> 00:22:33.520
use the free tool,

00:22:33.520 --> 00:22:36.240
CIS-CAT Lite,

00:22:36.240 --> 00:22:39.200
to check your security settings on your

00:22:39.200 --> 00:22:40.799
target.

00:22:40.799 --> 00:22:42.720
I hope you enjoyed it.

00:22:42.720 --> 00:22:45.120
If you find anything useful in this

00:22:45.120 --> 00:22:46.960
video, give me a thumb up.

00:22:46.960 --> 00:22:50.080
Also, please subscribe to my channel if you

00:22:50.080 --> 00:22:51.440
haven't.

00:22:51.440 --> 00:22:53.991
Thank you for watching.

00:22:53.991 --> 00:23:13.620
[Music].