Charles N Wyble
|
0cbd03fa0f
|
test: add comprehensive test suite for compliance verification
- Add compliance-test.sh for full security control testing
- Add verify-compliance.sh for automated compliance checks
- Add build-and-test.sh for VM-based testing
Test Suite Features:
1. Compliance Tests (compliance-test.sh):
- CIS Debian 13 Benchmark verification (180 controls)
- Network isolation tests (SSH, Telnet, Bluetooth)
- Security configuration validation
- Logging and auditing verification
- File integrity monitoring checks
- Comprehensive test reporting
2. Automated Verification (verify-compliance.sh):
- Real-time compliance checking
- CIS Benchmark implementation verification
- CMMC Level 3 compliance validation
- FedRAMP Moderate control verification
- Kernel parameter validation
- Service state checking
- File permission verification
- Compliance percentage calculation
3. Build and Test (build-and-test.sh):
- Automated image building
- KVM/QEMU VM creation
- VM boot and monitoring
- Console logging
- Test script injection
- Test report generation
- Cleanup procedures
Testing Capabilities:
- Pre-build prerequisite checks
- Post-build compliance validation
- VM-based integration testing
- Manual testing support
- Automated test execution
- Detailed test reports
- Compliance percentage scoring
Supported Standards:
- CIS Debian 13 Benchmark
- CMMC Level 3
- FedRAMP Moderate
- NIST SP 800-53 Moderate
- NIST SP 800-171
Usage:
./tests/compliance-test.sh - Run full compliance tests
./tests/verify-compliance.sh - Automated compliance verification
./tests/build-and-test.sh - Build and test in VM
Note: Requires Debian 13 (trixie) build system.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
|
2026-01-13 13:20:00 -05:00 |
|