From 6c9ed5c6396d1176a85cbe158ca306216b40c35e Mon Sep 17 00:00:00 2001 From: misterpantz Date: Tue, 10 Sep 2024 07:03:00 -0700 Subject: [PATCH 1/3] expand info on average scoring system, fix typo --- .../cnspec-policies/write/policy-scoring.mdx | 22 ++++++++++++------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/docs/cnspec/cnspec-policies/write/policy-scoring.mdx b/docs/cnspec/cnspec-policies/write/policy-scoring.mdx index ed524b231..3da97ed0d 100644 --- a/docs/cnspec/cnspec-policies/write/policy-scoring.mdx +++ b/docs/cnspec/cnspec-policies/write/policy-scoring.mdx @@ -74,14 +74,20 @@ The average scoring system considers impact before averaging check scores. Faile - If a check fails (returns `false`), the asset receives (100-impact) for that check. For example, if an asset fails a check with an impact of 90, it receives a 10 for that check. -Here are possible results of our simple example query, which has a port check and a cipher check: +Our simple example query above contains: -| Port (impact 90) | Cipher (impact 80) | Overall score | -| :------------------- | :------------------- | :---------------------------------- | -| Pass (100) | Pass (100) | (100 + 100) / 2 = **100** or **A+** | -| Pass (100) | Fail (100 - 80 = 20) | (100 + 20) / 2 = **60** or **B** | -| Fail (100 - 90 = 10) | Pass (100) | (10 + 100) / 2 = **55** or **C** | -| Fail (100 - 90 = 10) | Fail (100 - 80 = 20) | (10 + 20) / 2 = **15** or **D** | +- A port check (sshd-01) with an impact of 90 + +- A cipher check (sshd-02) with an impact of 80 + +These are the possible asset scores on this policy: + +| Port check (impact 90) | Cipher check (impact 80) | Overall score | +| :--------------------- | :----------------------- | :---------------------------------- | +| Pass (100) | Pass (100) | (100 + 100) / 2 = **100** or **A+** | +| Pass (100) | Fail (100 - 80 = 20) | (100 + 20) / 2 = **60** or **B** | +| Fail (100 - 90 = 10) | Pass (100) | (10 + 100) / 2 = **55** or **C** | +| Fail (100 - 90 = 10) | Fail (100 - 80 = 20) | (10 + 20) / 2 = **15** or **D** | :::note @@ -329,7 +335,7 @@ For example, suppose Mondoo assesses an asset based on two policies: If an asset scores 72 on policy X and scores 50 on policy Y: -**72 x 100 = 7000** +**72 x 100 = 7200** **50 x 20 = 1000** From 9e36c3367ca31b8bf53b671b2b228c709f297ec5 Mon Sep 17 00:00:00 2001 From: misterpantz Date: Tue, 10 Sep 2024 07:11:58 -0700 Subject: [PATCH 2/3] expand on scoring multiple policies --- docs/cnspec/cnspec-policies/write/policy-scoring.mdx | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/docs/cnspec/cnspec-policies/write/policy-scoring.mdx b/docs/cnspec/cnspec-policies/write/policy-scoring.mdx index 3da97ed0d..296d9a53a 100644 --- a/docs/cnspec/cnspec-policies/write/policy-scoring.mdx +++ b/docs/cnspec/cnspec-policies/write/policy-scoring.mdx @@ -335,11 +335,17 @@ For example, suppose Mondoo assesses an asset based on two policies: If an asset scores 72 on policy X and scores 50 on policy Y: -**72 x 100 = 7200** +1. Multiply policy x score by 100 because the policy contains 100 checks. -**50 x 20 = 1000** + **72 x 100 = 7200** -**(7200 + 1000) / 120 = 68 (B)** +2. Multiply policy y score by 20 because the policy contains 20 checks. + + **50 x 20 = 1000** + +3. Divide the sum of the two policies by the total number of checks in both policies. + + **(7200 + 1000) / 120 = 68 (B)** ## Next steps From 32b90a904ceabdcf08376d583fa2da8249ce2eae Mon Sep 17 00:00:00 2001 From: misterpantz Date: Tue, 10 Sep 2024 07:24:14 -0700 Subject: [PATCH 3/3] fix indents --- docs/cnspec/cnspec-policies/write/policy-scoring.mdx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/cnspec/cnspec-policies/write/policy-scoring.mdx b/docs/cnspec/cnspec-policies/write/policy-scoring.mdx index 296d9a53a..f1b6c9cc6 100644 --- a/docs/cnspec/cnspec-policies/write/policy-scoring.mdx +++ b/docs/cnspec/cnspec-policies/write/policy-scoring.mdx @@ -337,15 +337,15 @@ If an asset scores 72 on policy X and scores 50 on policy Y: 1. Multiply policy x score by 100 because the policy contains 100 checks. - **72 x 100 = 7200** + **72 x 100 = 7200** 2. Multiply policy y score by 20 because the policy contains 20 checks. - **50 x 20 = 1000** + **50 x 20 = 1000** 3. Divide the sum of the two policies by the total number of checks in both policies. - **(7200 + 1000) / 120 = 68 (B)** + **(7200 + 1000) / 120 = 68 (B)** ## Next steps