1. Why are CIS Benchmarks relevant to securing Linux servers?
2. If you secure Ubuntu Server with the appropriate benchmark and then install nginx on that server, does that also need hardening?
3. What is the difference between a level 1 and a level 2 benchmark?
4. Why are some benchmarks scored and others not?
5. How can you check using a shell script that a given audit requirement has been met?

6. State three possible issues relating to automated modification of configuration files using a shell script.
7. Why do shell scripts not scale well for the automated rollout of CIS Benchmarks?
8. How can you run a CIS Benchmark shell script on a remote server using SSH?
9. Why would you want to make use of a variable to specify the path to a binary used to implement a CIS recommendation?
10. Why might you use sudo for individual commands within a script rather than needing the whole script to run as root?