Currently using Openscap on some RHEL8.6 servers.
I have a need to use / check older policies.
Currently the package comes with CIS Linux 8 Benchmarkâ˘, v2.0.0, released 2022-02-23
Is it possible to use the older V1.x.x CIS policy ? If so where can I find it ?
Only the last (v2.0.0) CIS RHEL8 version is delivered with the scap-security-guide package. Comparing the v1.0.1, which was previously delivered, with the v2.0.0, some rules were included, others removed and some reordered. It is possible to track the changes in the CIS community (https://workbench.cisecurity.org/).
So, something that you could do is to create a tailored file based on the current CIS profile. In this tailored file you can include or remove the desired rules.
