Security Configuration Benchmarks Center for Internet Security (CIS) Security Benchmarks
The Center for Internet Security provides standard for deploying secure network and computing resources to measure information security status and help system administrators make informed decisions about security investments. CIS develops and distributes consensus best practice standards for security configurations, each benchmark includes:
description – short explanation of the problem
rationale – the effect that the remedy will provide
remediation – instructions what to do to fix the problem
audit – procedure allowing you to check whether the issue is relevant for your environment
While these benchmarks recommendations are very thorough, system administrators should rigorously test them before applying them on production systems.