diff --git a/components/pam.yml b/components/pam.yml
index a6cd4669cf9..577d57e6682 100644
--- a/components/pam.yml
+++ b/components/pam.yml
@@ -107,8 +107,11 @@ rules:
 - authconfig_config_files_symlinks
 - banner_etc_gdm_banner
 - banner_etc_issue
+- banner_etc_issue_cis
 - banner_etc_issue_net
+- banner_etc_issue_net_cis
 - banner_etc_motd
+- banner_etc_motd_cis
 - configure_bashrc_exec_tmux
 - configure_bashrc_tmux
 - configure_opensc_card_drivers
diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml
index b70d0094dca..7bf09eae699 100644
--- a/controls/cis_rhel10.yml
+++ b/controls/cis_rhel10.yml
@@ -620,8 +620,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_motd
-      - motd_banner_text=cis_banners
+      - banner_etc_motd_cis
+      - cis_banner_text=cis
 
   - id: 1.7.2
     title: Ensure local login warning banner is configured properly (Automated)
@@ -630,8 +630,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_issue
-      - login_banner_text=cis_banners
+      - banner_etc_issue_cis
+      - cis_banner_text=cis
 
   - id: 1.7.3
     title: Ensure remote login warning banner is configured properly (Automated)
@@ -640,8 +640,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_issue_net
-      - remote_login_banner_text=cis_banners
+      - banner_etc_issue_net_cis
+      - cis_banner_text=cis
 
   - id: 1.7.4
     title: Ensure access to /etc/motd is configured (Automated)
diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml
index 102793f78ca..95b94d22faf 100644
--- a/controls/cis_rhel8.yml
+++ b/controls/cis_rhel8.yml
@@ -579,8 +579,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_motd
-      - motd_banner_text=cis_banners
+      - banner_etc_motd_cis
+      - cis_banner_text=cis
 
   - id: 1.7.2
     title: Ensure local login warning banner is configured properly (Automated)
@@ -589,8 +589,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_issue
-      - login_banner_text=cis_banners
+      - banner_etc_issue_cis
+      - cis_banner_text=cis
 
   - id: 1.7.3
     title: Ensure remote login warning banner is configured properly (Automated)
@@ -599,8 +599,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_issue_net
-      - remote_login_banner_text=cis_banners
+      - banner_etc_issue_net_cis
+      - cis_banner_text=cis
 
   - id: 1.7.4
     title: Ensure access to /etc/motd is configured (Automated)
diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml
index ffa633298da..487f6a018bb 100644
--- a/controls/cis_rhel9.yml
+++ b/controls/cis_rhel9.yml
@@ -617,8 +617,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_motd
-      - motd_banner_text=cis_banners
+      - banner_etc_motd_cis
+      - cis_banner_text=cis
 
   - id: 1.7.2
     title: Ensure local login warning banner is configured properly (Automated)
@@ -627,8 +627,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_issue
-      - login_banner_text=cis_banners
+      - banner_etc_issue_cis
+      - cis_banner_text=cis
 
   - id: 1.7.3
     title: Ensure remote login warning banner is configured properly (Automated)
@@ -637,8 +637,8 @@ controls:
       - l1_workstation
     status: automated
     rules:
-      - banner_etc_issue_net
-      - remote_login_banner_text=cis_banners
+      - banner_etc_issue_net_cis
+      - cis_banner_text=cis
 
   - id: 1.7.4
     title: Ensure access to /etc/motd is configured (Automated)
diff --git a/docs/templates/template_reference.md b/docs/templates/template_reference.md
index 6ab0dcfaa8b..0315da41e64 100644
--- a/docs/templates/template_reference.md
+++ b/docs/templates/template_reference.md
@@ -205,6 +205,20 @@
 
 -   Languages: OVAL
 
+#### cis_banner
+-   Verify that the contents of a login banner in the given `filepath` complies
+    with CIS requirements.
+
+-   Parameters:
+
+    -   **filepath** - Path to the login banner file, eg. `/etc/motd`.
+
+    -   **banner_must_be_set** - If set to `"true"`, the rule will fail if no
+        banner is configured in that file. Otherwise, the rule will pass if
+        the banner isn't configured.
+
+- Languages: Ansible, Bash, OVAL
+
 #### coreos_kernel_option
 -   Checks that `argument=value` pair is present in the kernel arguments.
     Note that this applies to Red Hat CoreOS.
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_cis/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_cis/rule.yml
new file mode 100644
index 00000000000..d95f63cfec6
--- /dev/null
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_cis/rule.yml
@@ -0,0 +1,41 @@
+documentation_complete: true
+
+title: Ensure Local Login Warning Banner Is Configured Properly
+
+description: |-
+    To configure the system local login warning banner edit the <tt>/etc/issue</tt> file.
+    The contents of this file is displayed to users prior to login to local terminals.
+    Replace the default text with a message compliant with the local site policy.
+    The message should not contain information about operating system version,
+    release, kernel version or patch level.
+
+    The recommended banner text can be tailored in the XCCDF Value <tt>xccdf_org.ssgproject.content_value_cis_banner_text</tt>:
+    <pre>
+    {{{ xccdf_value("cis_banner_text") }}}
+    </pre>
+
+rationale: |-
+    Warning messages inform users who are attempting to login to the system of their legal
+    status regarding the system and must include the name of the organization that owns
+    the system and any monitoring policies that are in place. Displaying OS and patch level
+    information in login banners also has the side effect of providing detailed system
+    information to attackers attempting to target specific exploits of a system. Authorized
+    users can easily get this information by running the <tt>uname -a</tt> command once they
+    have logged in.
+
+severity: medium
+
+identifiers:
+    cce@rhel8: CCE-86160-9
+    cce@rhel9: CCE-86142-7
+    cce@rhel10: CCE-86165-8
+
+{{{ ocil_cis_banner("/etc/issue") }}}
+
+platform: machine
+
+template:
+    name: cis_banner
+    vars:
+        filepath: /etc/issue
+        banner_must_be_set: "true"
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net_cis/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net_cis/rule.yml
new file mode 100644
index 00000000000..45b9d4a082f
--- /dev/null
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net_cis/rule.yml
@@ -0,0 +1,41 @@
+documentation_complete: true
+
+title: Ensure Remote Login Warning Banner Is Configured Properly
+
+description: |-
+    To configure the system remote login warning banner edit the <tt>/etc/issue.net</tt> file.
+    The contents of this file is displayed to users prior to login from remote connections.
+    Replace the default text with a message compliant with the local site policy.
+    The message should not contain information about operating system version,
+    release, kernel version or patch level.
+
+    The recommended banner text can be tailored in the XCCDF Value <tt>xccdf_org.ssgproject.content_value_cis_banner_text</tt>:
+    <pre>
+    {{{ xccdf_value("cis_banner_text") }}}
+    </pre>
+
+rationale: |-
+    Warning messages inform users who are attempting to login to the system of their legal
+    status regarding the system and must include the name of the organization that owns
+    the system and any monitoring policies that are in place. Displaying OS and patch level
+    information in login banners also has the side effect of providing detailed system
+    information to attackers attempting to target specific exploits of a system. Authorized
+    users can easily get this information by running the <tt>uname -a</tt> command once they
+    have logged in.
+
+severity: medium
+
+identifiers:
+    cce@rhel8: CCE-86167-4
+    cce@rhel9: CCE-86143-5
+    cce@rhel10: CCE-86169-0
+
+{{{ ocil_cis_banner("/etc/issue.net") }}}
+
+platform: machine
+
+template:
+    name: cis_banner
+    vars:
+        filepath: /etc/issue.net
+        banner_must_be_set: "true"
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd_cis/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd_cis/rule.yml
new file mode 100644
index 00000000000..748193ce880
--- /dev/null
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd_cis/rule.yml
@@ -0,0 +1,40 @@
+documentation_complete: true
+
+title: Ensure Message Of The Day Is Configured Properly
+
+description: |-
+    To configure the system message of the day banner edit the <tt>/etc/motd</tt> file.
+    Replace the default text with a message compliant with the local site policy.
+    The message should not contain information about operating system version,
+    release, kernel version or patch level.
+
+    The recommended banner text can be tailored in the XCCDF Value <tt>xccdf_org.ssgproject.content_value_cis_banner_text</tt>:
+    <pre>
+    {{{ xccdf_value("cis_banner_text") }}}
+    </pre>
+
+rationale: |-
+    Warning messages inform users who are attempting to login to the system of their legal
+    status regarding the system and must include the name of the organization that owns
+    the system and any monitoring policies that are in place. Displaying OS and patch level
+    information in login banners also has the side effect of providing detailed system
+    information to attackers attempting to target specific exploits of a system. Authorized
+    users can easily get this information by running the <tt>uname -a</tt> command once they
+    have logged in.
+
+severity: medium
+
+identifiers:
+    cce@rhel8: CCE-86145-0
+    cce@rhel9: CCE-86141-9
+    cce@rhel10: CCE-86150-0
+
+{{{ ocil_cis_banner("/etc/motd") }}}
+
+platform: machine
+
+template:
+    name: cis_banner
+    vars:
+        filepath: /etc/motd
+        banner_must_be_set: "false"
diff --git a/linux_os/guide/system/accounts/accounts-banners/cis_banner_text.var b/linux_os/guide/system/accounts/accounts-banners/cis_banner_text.var
new file mode 100644
index 00000000000..0039caeb1dd
--- /dev/null
+++ b/linux_os/guide/system/accounts/accounts-banners/cis_banner_text.var
@@ -0,0 +1,16 @@
+documentation_complete: true
+
+title: 'CIS Login Banner Verbiage'
+
+description: |-
+    Enter an appropriate login banner for your organization according to the local policy.
+
+type: string
+
+operator: equals
+
+interactive: true
+
+options:
+    default: "Authorized users only. All activity may be monitored and reported."
+    cis: "Authorized users only. All activity may be monitored and reported."
diff --git a/products/rhel8/profiles/default.profile b/products/rhel8/profiles/default.profile
index 7c49ef106be..2a09c7909fa 100644
--- a/products/rhel8/profiles/default.profile
+++ b/products/rhel8/profiles/default.profile
@@ -710,3 +710,5 @@ selections:
     - sebool_cluster_manage_all_files
     - iptables_rules_for_open_ports
     - dovecot_configure_ssl_key
+    - banner_etc_motd
+    - banner_etc_issue_net
diff --git a/shared/macros/10-ocil.jinja b/shared/macros/10-ocil.jinja
index c0507a34edc..926ea786348 100644
--- a/shared/macros/10-ocil.jinja
+++ b/shared/macros/10-ocil.jinja
@@ -1282,3 +1282,19 @@ oc describe rolebinding.rbac
 If these results show users with privileged access that do not require that access, this is a finding.
 {{%- endmacro %}}
 
+{{#
+OCIL macro to check CIS requirements on command line warning banners.
+The macro provides both check and clause.
+
+:param filepath: filepath to be checked
+:type filepath: str
+#}}
+
+{{%- macro ocil_cis_banner(filepath) -%}}
+ocil_clause: any results are returned
+
+ocil: |-
+    Run the following command and verify no results are returned:
+
+    $ grep -E -i "(\\\v|\\\r|\\\m|\\\s|$(grep '^ID=' /etc/os-release | cut -d= -f2 | sed -e 's/"//g'))" {{{ filepath }}}
+{{%- endmacro %}}
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index 33debb230d4..0ff564b4ebd 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -1,12 +1,3 @@
-CCE-86141-9
-CCE-86142-7
-CCE-86143-5
-CCE-86145-0
-CCE-86150-0
-CCE-86160-9
-CCE-86165-8
-CCE-86167-4
-CCE-86169-0
 CCE-86170-8
 CCE-86178-1
 CCE-86179-9
diff --git a/shared/templates/cis_banner/ansible.template b/shared/templates/cis_banner/ansible.template
new file mode 100644
index 00000000000..f0bae88df26
--- /dev/null
+++ b/shared/templates/cis_banner/ansible.template
@@ -0,0 +1,12 @@
+# platform = multi_platform_all
+# reboot = false
+# strategy = restrict
+# complexity = low
+# disruption = low
+
+{{{ ansible_instantiate_variables("cis_banner_text") }}}
+
+- name: {{{ rule_title }}} - Copy using inline content
+  ansible.builtin.copy:
+    content: "{{ cis_banner_text }}"
+    dest: {{{ FILEPATH }}}
diff --git a/shared/templates/cis_banner/bash.template b/shared/templates/cis_banner/bash.template
new file mode 100644
index 00000000000..24b4d49cc9f
--- /dev/null
+++ b/shared/templates/cis_banner/bash.template
@@ -0,0 +1,7 @@
+# platform = multi_platform_all
+# reboot = false
+# strategy = restrict
+# complexity = low
+# disruption = low
+{{{ bash_instantiate_variables("cis_banner_text") }}}
+echo "$cis_banner_text" > "{{{ FILEPATH }}}"
diff --git a/shared/templates/cis_banner/oval.template b/shared/templates/cis_banner/oval.template
new file mode 100644
index 00000000000..d5e1d3f43d9
--- /dev/null
+++ b/shared/templates/cis_banner/oval.template
@@ -0,0 +1,37 @@
+<def-group>
+  <definition class="compliance" id="{{{ rule_id }}}" version="1">
+    {{{ oval_metadata("Check that " + FILEPATH + " does not contain OS and version information") }}}
+    <criteria operator="AND" comment="check">
+      {{% if BANNER_MUST_BE_SET == "true" %}}
+      <criterion comment="Check {{{ FILEPATH }}} contains a banner" test_ref="test_{{{ rule_id }}}_file_nonempty" />
+      {{% endif %}}
+      <criterion comment="Check {{{ FILEPATH }}} does not contain OS and version information" test_ref="test_{{{ rule_id }}}" />
+    </criteria>
+  </definition>
+
+{{% if BANNER_MUST_BE_SET == "true" %}}
+  <ind:textfilecontent54_test check="all" check_existence="at_least_one_exists"
+  comment="Check that the given object does not exist"
+  id="test_{{{ rule_id }}}_file_nonempty" version="1">
+    <ind:object object_ref="obj_{{{ rule_id }}}_file_nonempty" />
+  </ind:textfilecontent54_test>
+
+  <ind:textfilecontent54_object id="obj_{{{ rule_id }}}_file_nonempty" version="1">
+    <ind:filepath>{{{ FILEPATH }}}</ind:filepath>
+    <ind:pattern operation="pattern match">^.+$</ind:pattern>
+    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+{{% endif %}}
+
+  <ind:textfilecontent54_test check="all" check_existence="none_exist"
+  comment="Check that the given object does not exist"
+  id="test_{{{ rule_id }}}" version="1">
+    <ind:object object_ref="obj_{{{ rule_id }}}" />
+  </ind:textfilecontent54_test>
+
+  <ind:textfilecontent54_object id="obj_{{{ rule_id }}}" version="1">
+    <ind:filepath>{{{ FILEPATH }}}</ind:filepath>
+    <ind:pattern operation="pattern match">(\\v|\\r|\\m|\\s|{{{ product }}})</ind:pattern>
+    <ind:instance operation="greater than or equal" datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+</def-group>
diff --git a/shared/templates/cis_banner/template.py b/shared/templates/cis_banner/template.py
new file mode 100644
index 00000000000..e93ea5d5254
--- /dev/null
+++ b/shared/templates/cis_banner/template.py
@@ -0,0 +1,3 @@
+
+def preprocess(data, lang):
+    return data
diff --git a/shared/templates/cis_banner/template.yml b/shared/templates/cis_banner/template.yml
new file mode 100644
index 00000000000..b57de6fbb63
--- /dev/null
+++ b/shared/templates/cis_banner/template.yml
@@ -0,0 +1,4 @@
+supported_languages:
+  - ansible
+  - bash
+  - oval
diff --git a/shared/templates/cis_banner/tests/cis_banner.pass.sh b/shared/templates/cis_banner/tests/cis_banner.pass.sh
new file mode 100644
index 00000000000..edcd5e35307
--- /dev/null
+++ b/shared/templates/cis_banner/tests/cis_banner.pass.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+echo "Authorized users only. All activity may be monitored and reported." > {{{ FILEPATH }}}
diff --git a/shared/templates/cis_banner/tests/custom_banner.pass.sh b/shared/templates/cis_banner/tests/custom_banner.pass.sh
new file mode 100644
index 00000000000..f13750c1c37
--- /dev/null
+++ b/shared/templates/cis_banner/tests/custom_banner.pass.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+cat > "{{{ FILEPATH }}}" <<ENDOFILE
+Important message: You are watched!
+All your actions are recorded and reported to your boss immediately.
+ENDOFILE
diff --git a/shared/templates/cis_banner/tests/dne.fail.sh b/shared/templates/cis_banner/tests/dne.fail.sh
new file mode 100644
index 00000000000..8107b9f4573
--- /dev/null
+++ b/shared/templates/cis_banner/tests/dne.fail.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+{{% if BANNER_MUST_BE_SET != "true" %}}
+# platform = Not Applicable
+{{% else %}}
+rm -rf "{{{ FILEPATH }}}"
+{{% endif %}}
diff --git a/shared/templates/cis_banner/tests/dne.pass.sh b/shared/templates/cis_banner/tests/dne.pass.sh
new file mode 100644
index 00000000000..ebce179df65
--- /dev/null
+++ b/shared/templates/cis_banner/tests/dne.pass.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+{{% if BANNER_MUST_BE_SET == "true" %}}
+# platform = Not Applicable
+{{% else %}}
+rm -rf "{{{ FILEPATH }}}"
+{{% endif %}}
diff --git a/shared/templates/cis_banner/tests/empty.fail.sh b/shared/templates/cis_banner/tests/empty.fail.sh
new file mode 100644
index 00000000000..2803b652c59
--- /dev/null
+++ b/shared/templates/cis_banner/tests/empty.fail.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+{{% if BANNER_MUST_BE_SET != "true" %}}
+# platform = Not Applicable
+{{% else %}}
+echo > "{{{ FILEPATH }}}"
+{{% endif %}}
diff --git a/shared/templates/cis_banner/tests/empty.pass.sh b/shared/templates/cis_banner/tests/empty.pass.sh
new file mode 100644
index 00000000000..fe031bab9bf
--- /dev/null
+++ b/shared/templates/cis_banner/tests/empty.pass.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+{{% if BANNER_MUST_BE_SET == "true" %}}
+# platform = Not Applicable
+{{% else %}}
+echo > "{{{ FILEPATH }}}"
+{{% endif %}}
diff --git a/shared/templates/cis_banner/tests/wrong.fail.sh b/shared/templates/cis_banner/tests/wrong.fail.sh
new file mode 100644
index 00000000000..e9ecb802490
--- /dev/null
+++ b/shared/templates/cis_banner/tests/wrong.fail.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+cat > "{{{ FILEPATH }}}" <<ENDOFILE
+\S
+Kernel \r on an \m (\l)
+ENDOFILE
diff --git a/tests/data/profile_stability/rhel8/cis.profile b/tests/data/profile_stability/rhel8/cis.profile
index 234334de7db..16aade73922 100644
--- a/tests/data/profile_stability/rhel8/cis.profile
+++ b/tests/data/profile_stability/rhel8/cis.profile
@@ -111,9 +111,9 @@ selections:
 - auditd_data_retention_max_log_file
 - auditd_data_retention_max_log_file_action
 - auditd_data_retention_space_left_action
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -458,9 +458,8 @@ selections:
 - var_multiple_time_servers=rhel
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel8/cis_server_l1.profile b/tests/data/profile_stability/rhel8/cis_server_l1.profile
index ec3a9ef876e..48ebe2797eb 100644
--- a/tests/data/profile_stability/rhel8/cis_server_l1.profile
+++ b/tests/data/profile_stability/rhel8/cis_server_l1.profile
@@ -48,9 +48,9 @@ selections:
 - aide_build_database
 - aide_check_audit_tools
 - aide_periodic_cron_checking
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -360,9 +360,8 @@ selections:
 - var_multiple_time_servers=rhel
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel8/cis_workstation_l1.profile b/tests/data/profile_stability/rhel8/cis_workstation_l1.profile
index 1ca7aa80d97..fc6deeddf07 100644
--- a/tests/data/profile_stability/rhel8/cis_workstation_l1.profile
+++ b/tests/data/profile_stability/rhel8/cis_workstation_l1.profile
@@ -48,9 +48,9 @@ selections:
 - aide_build_database
 - aide_check_audit_tools
 - aide_periodic_cron_checking
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -354,9 +354,8 @@ selections:
 - var_multiple_time_servers=rhel
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel8/cis_workstation_l2.profile b/tests/data/profile_stability/rhel8/cis_workstation_l2.profile
index c8d90f4cefd..aa38afeef77 100644
--- a/tests/data/profile_stability/rhel8/cis_workstation_l2.profile
+++ b/tests/data/profile_stability/rhel8/cis_workstation_l2.profile
@@ -111,9 +111,9 @@ selections:
 - auditd_data_retention_max_log_file
 - auditd_data_retention_max_log_file_action
 - auditd_data_retention_space_left_action
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -452,9 +452,8 @@ selections:
 - var_multiple_time_servers=rhel
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel9/cis.profile b/tests/data/profile_stability/rhel9/cis.profile
index 5b72d9e88a6..ae289ded08e 100644
--- a/tests/data/profile_stability/rhel9/cis.profile
+++ b/tests/data/profile_stability/rhel9/cis.profile
@@ -112,9 +112,9 @@ selections:
 - auditd_data_retention_max_log_file
 - auditd_data_retention_max_log_file_action
 - auditd_data_retention_space_left_action
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -445,9 +445,8 @@ selections:
 - var_postfix_inet_interfaces=loopback-only
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel9/cis_server_l1.profile b/tests/data/profile_stability/rhel9/cis_server_l1.profile
index 5b4f6a7c840..a87dcadf9aa 100644
--- a/tests/data/profile_stability/rhel9/cis_server_l1.profile
+++ b/tests/data/profile_stability/rhel9/cis_server_l1.profile
@@ -48,9 +48,9 @@ selections:
 - aide_build_database
 - aide_check_audit_tools
 - aide_periodic_cron_checking
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -348,9 +348,8 @@ selections:
 - var_postfix_inet_interfaces=loopback-only
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel9/cis_workstation_l1.profile b/tests/data/profile_stability/rhel9/cis_workstation_l1.profile
index 2b204aae32e..b6cc240e71a 100644
--- a/tests/data/profile_stability/rhel9/cis_workstation_l1.profile
+++ b/tests/data/profile_stability/rhel9/cis_workstation_l1.profile
@@ -48,9 +48,9 @@ selections:
 - aide_build_database
 - aide_check_audit_tools
 - aide_periodic_cron_checking
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -340,9 +340,8 @@ selections:
 - var_postfix_inet_interfaces=loopback-only
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd
diff --git a/tests/data/profile_stability/rhel9/cis_workstation_l2.profile b/tests/data/profile_stability/rhel9/cis_workstation_l2.profile
index 6175b5671b8..ab89faf8a78 100644
--- a/tests/data/profile_stability/rhel9/cis_workstation_l2.profile
+++ b/tests/data/profile_stability/rhel9/cis_workstation_l2.profile
@@ -112,9 +112,9 @@ selections:
 - auditd_data_retention_max_log_file
 - auditd_data_retention_max_log_file_action
 - auditd_data_retention_space_left_action
-- banner_etc_issue
-- banner_etc_issue_net
-- banner_etc_motd
+- banner_etc_issue_cis
+- banner_etc_issue_net_cis
+- banner_etc_motd_cis
 - chronyd_run_as_chrony_user
 - chronyd_specify_remote_server
 - configure_crypto_policy
@@ -439,9 +439,8 @@ selections:
 - var_postfix_inet_interfaces=loopback-only
 - inactivity_timeout_value=15_minutes
 - var_screensaver_lock_delay=5_seconds
-- remote_login_banner_text=cis_banners
 - login_banner_text=cis_banners
-- motd_banner_text=cis_banners
+- cis_banner_text=cis
 - var_system_crypto_policy=default_nosha1
 - var_selinux_policy_name=targeted
 - var_authselect_profile=sssd