Textual improvements

default.prf

@@ -5,7 +5,7 @@
 # This is the default profile and is used as a baseline when testing systems and
 # applications. Since there are generally no "best" options, Lynis will assume
 # some default values.
-# 
+#
 # All empty lines or with the # prefix will be skipped
 #
 # This is the default profile and contains default values. You are encouraged to
@@ -31,9 +31,12 @@ config:show_tool_tips:1:
 #
 #################################################################################
 
-# ** Scan type (how deep test has to be, light, normal or full) **
+# ** Scan type **
 #
-# config:test_scan_mode:light|normal|full:
+# Description: How deep the audit should be
+# Values: light, normal or full (default)
+#
+# config:test_scan_mode:full:
 
 
 # ** Skip one or more specific tests **
@@ -42,8 +45,10 @@ config:show_tool_tips:1:
 # config:test_skip_always:AAAA-1234 BBBB-5678 CCCC-9012:
 
 
-# ** Define the role(s) of a machine **
-# Values: desktop|server (default: server)
+# ** Define machine role **
+#
+# Description: defines the role of the system
+# Values: desktop, server (default)
 #
 #config:machine_role:server:
 
@@ -69,9 +74,12 @@ plugin=dns
 plugin=docker
 plugin=file-integrity
 plugin=file-systems
-plugin=files
 plugin=firewalls
+plugin=forensics
+plugin=intrusion-detection
+plugin=intrusion-prevention
 plugin=kernel
+plugin=malware
 plugin=memory
 plugin=nginx
 plugin=processes
@@ -84,9 +92,9 @@ plugin=users
 
 #################################################################################
 #
-# Sysctl options
+# Kernel options
 # ---------------
-# sysctl:<Sysctl Key>:<Expected Value>:<Hardening Points>:<Description>:
+# sysctl:<sysctl Key>:<Expected Value>:<Hardening Points>:<Description>:
 #
 # Sysctl key       = name
 # Expected value   = value of sysctl key