During an external audit, you are asked to prove that a Red Hat Enterprise Linux 9 web server complies with the latest CIS Level 1 benchmark. The auditor specifically requests a machine-readable SCAP Asset Reporting Format (ARF) file and a human-readable HTML summary that lists each failed rule and its associated CVSS score. Which built-in Linux utility should you run on the server to generate both of these reports?
The oscap command-line scanner that ships with the OpenSCAP suite can evaluate the system against an XCCDF benchmark, save the full results in an ARF file, and then convert those results into an HTML report. auditctl only loads kernel audit rules and cannot generate compliance reports. aide --check performs file-integrity verification but does not understand SCAP content. fail2ban-client manages jails that block offending IP addresses and likewise has no capability to create ARF or HTML compliance documents.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SCAP and why is it used?
Open an interactive chat with Bash
What is an ARF file, and how is it different from the HTML report?
Open an interactive chat with Bash
How do XCCDF benchmarks work with the oscap tool?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access