9.1.1.18. Flaw Remediation

9.1.1.18.1. Continuous Remediation

Additionally, puppet runs on a regular basis to pull the system back into a known good state against a controlled configuration baseline.

9.1.1.18.2. System Updates

The YUM client is configured to point to all SIMP repositories. Each night, a cron job runs yum update to install updated packages on each SIMP client. Therefore any packages in a repository are delivered within a 24 hour time period.

References: SI-2 : FLAW REMEDIATION