JP Earnest:
is this actually checking that the cis vulnerabilities were addressed?
Vijin Palazhi:
It will check only if the specific vulnerabilities asked to be fixed in the report were addressed (i.e authorization-mode not set to AlwaysAllow)
JP Earnest:
ok thanks. I was verifying other questions were answered correctly, and had not touched this question. so I was surprised that it showed as passing.