This topic describes how to view the results of cloud configuration assessment and manage configuration risks in the Security Center console. Check results include check items, details of check items, potential impacts, and suggestions on how to manage configuration risks. You can manage configuration risks on the Cloud Platform Configuration Assessment page.

Prerequisites

Cloud service configuration assessment is performed. For more information, see Perform configuration assessment on cloud services.

View check results

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Config Assessment.
  3. On the Cloud Platform Configuration Assessment page, you can view the details of the check results.Cloud Platform Configuration Assessment
    • View the statistics of the check result

      Above the check item list, you can view the number of At-Risk Items (including the total number and the number of items at each risk level), the number of assets with risks (Risks), the number of enabled check items, the number of disabled check items, and the last check time.

      You can click the number below Check item not enabled or Checked items enabled to view the number of enabled check items or disabled check items.

    • View check items
      In the check item list, you can view information about the check items, including the risk severity, type of the affected asset, number of affected assets, type of the check item, and last check time. Detected risks can be classified into the following types:
      • High: displayed in red and indicates a high-level risk. We recommend that you fix the risk at the earliest opportunity.
      • Medium: displayed in orange and indicates a medium-level risk. You can fix the risk as needed.
      • Low: displayed in gray and indicates a low-level risk. You can fix the risk as needed.
      • Secure: displayed in green and indicates that no risk is detected.
    • View details of the check result
      You can click the name of the checked item in the Checked Item column to go to the details page. You can view the check description, potential risks, and suggestions on how to manage the risks on the details page.View check details

Manage configuration risks

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Config Assessment.
  3. On the Cloud Platform Configuration Assessment page, you can manage the configuration risks.Manage configuration risks
    • Repair

      You can click Repair in the Actions column to go to the details page of a specific checked item. Alternatively, you can click the name of the item in the Checked Item column.

      If affected assets are listed in the Affected Assets column, you can click Repair in the Actions column and follow the solution to manage the risk.

      Repair
      Note On the Cloud Platform Configuration Assessment page, Security Center provides the Repair feature to some check items. You can click Repair in the Actions column to manage risks.
      • If affected assets are detected based on an item, you can click Repair to go to the details page of the item and follow the preceding steps to manage the risks.
      • If no affected asset is detected, you can click Repair to go to the Repair page. You can follow the solution and modify the item.
    • Verify
      If you have modified an item, you can find the item in the check item list and click Verify in the Actions column to check whether the item is at risk.Verify

      To verify multiple items at a time, select the items that you want to verify, click Verify below the item list, and then click OK in the Confirm dialog box.

    • Whitelist

      If you want to ignore the detected risk of an item, you can find the item in the check item list and click Whitelist to add the item to the whitelist. Then, the status of the item changes to Ignored. Ignored items will not be counted as part of the At-Risk Items.

      In the check item list, you can RemoveIgnored items from the whitelist.Remove items from the whitelist
      Note After you click Whitelist, the risk is ignored for this time only. If the risk is detected in the future, Security Center will continue to report it.

Export check results

Above the check item list, you can click The Export icon to export the results to an Excel file.

Note Only users of the Enterprise edition can export check results. To export check results, users of the Basic, Basic Anti-Virus, or Advanced edition must upgrade Security Center to the Enterprise edition.