A systems administrator needs to audit a Rocky Linux 8 server to ensure it complies with the Center for Internet Security (CIS) Benchmark. The administrator has the necessary SCAP Security Guide (SSG) file on the server and must run the scan using the cis profile, generating an HTML report for review. Which of the following commands will accomplish this task?
The correct command is oscap xccdf eval --profile cis --report report.html /usr/share/xml/scap/ssg/content/ssg-rl8-ds.xml. oscap is the command-line interface for OpenSCAP. The sub-command xccdf eval evaluates the host against the XCCDF benchmark that is embedded in the SCAP Security Guide data-stream file specified as the final argument. The --profile cis option selects the Center for Internet Security profile contained in that data-stream, and --report report.html generates a human-readable HTML report.
Why the other choices are wrong:
oscap oval scan … is not a valid oscap verb; the correct syntax for OVAL content is oscap oval eval, and OVAL assessments do not use XCCDF profiles.
aide --check … invokes the Advanced Intrusion Detection Environment file-integrity checker and cannot consume SCAP content.
nmap --script scap-audit … calls a network scanner; even if the script is available it audits a remote target and does not use the local SSG data-stream or produce the requested HTML compliance report.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is OpenSCAP and why is it used in system security audits?
Open an interactive chat with Bash
What is the difference between XCCDF and OVAL in OpenSCAP?
Open an interactive chat with Bash
What are some uses of the SCAP Security Guide (SSG) in Linux systems?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .