CIS BenchMark for Monterey

[srajubd]

I have some confusion regarding this CIS script.

Question #1: can I use one than other like whether REMEDIATED USING CONFIGURATION PROFILES or Script remediation with policy? Or do I have to use both?

Question #2: Getting syntax error for Python command not found for following command

currentUser="$(python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "\n");')"

Question #3: Confused about Script 2_Security_Audit_Compliance.sh script and then that will impact on other as well. So please let me know how can I perform that. Another thing those remediation which I will remediate via Profile do i need to make those organizational value true or false. like

2.1.1 Turn off Bluetooth, if no paired devices exist this one I applied with Custom profile so do I need to set this value True or false.

OrgScore2_1_1="false".

Question #3: When I deployed Custom setting profile then .plist is not updating but that showing it aplied.
Example: 2.10 Enable Secure Keyboard Entry in terminal.app and iTerm 2

Configuration Profile - Custom payload > com.apple.Terminal > SecureKeyboardEntry=true

I used the configuration profile and that is showing secure Keyboard Entry checked when I look from apple menu but that didnot changed on /Users/pcmwksadm/Library/Preferences/com.apple.Terminal.plist key value SecureKeyboardEntry True.