How to enable CIS#
On Focal (and later releases), CIS was
replaced by USG,
therefore, just change
usg when running the enable command on those
To access the CIS tooling, first enable the software repository as follows:
$ sudo pro enable cis
You should see output like the following, indicating that the CIS package has been installed:
Installing CIS Audit packages CIS Audit enabled Visit https://security-certs.docs.ubuntu.com/en/cis to learn how to use CIS
Once the feature is enabled please follow the documentation for the CIS tooling, to run the provided hardening audit scripts.
Disable the service#
If you wish to disable cis/usg, you can use the following command:
sudo pro disable cis
Note that this command will only remove the APT sources, but not uninstall the packages installed with the service.
To purge the service, removing the APT packages installed with it, see how to disable and purge services. This will not remove any configuration, only remove the packages.