Sep 21, 2021 Miscellaneous- Audit deprecated.
- Metadata updated.
- References updated.
|
Sep 10, 2021 Functional Update- 18.9.84.1 Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Disabled'
|
Jun 17, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Jun 9, 2021 Informational Update- 18.5.20.2 Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'
- 18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - Enabled
- 18.8.22.1.10 Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' - Enabled
- 18.8.22.1.11 Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'
- 18.8.22.1.12 Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'
- 18.8.22.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'
- 18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'
- 18.8.22.1.4 Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'
- 18.8.22.1.6 Ensure 'Turn off printing over HTTP' is set to 'Enabled'
- 18.8.22.1.7 Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'
- 18.8.22.1.8 Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'
- 18.8.22.1.9 Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled' - Enabled
- 18.8.34.6.2 Ensure 'Allow network connectivity during connected-standby (plugged in)' is set to 'Disabled'
- 18.8.52.1.2 Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only)
- 18.9.12.1 Ensure 'Allow Use of Camera' is set to 'Disabled'
- 18.9.59.3.3.3 Ensure 'Do not allow LPT port redirection' is set to 'Enabled'
- 18.9.59.3.3.4 Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'
- 18.9.77.3.2 Ensure 'Join Microsoft MAPS' is set to 'Disabled'
- 18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'
- 18.9.97.2.2 Ensure 'Allow remote server management through WinRM' is set to 'Disabled'
- 19.7.7.3 Ensure 'Do not use diagnostic data for tailored experiences' is set to 'Enabled'
- 19.7.7.4 Ensure 'Turn off all Windows spotlight features' is set to 'Enabled'
- 2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'
Miscellaneous- Metadata updated.
- Platform check updated.
- References updated.
Added- 18.4.5 Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'
- 18.4.7 Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'
- 18.9.16.2 Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage'
- 18.9.39.1 Ensure 'Turn off location' is set to 'Enabled'
- 2.3.7.6 Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only)
- CIS_MS_SERVER_2016_Level_2_v1.2.0.audit from CIS Microsoft Windows Server 2016 MS L2 v1.2.0
Removed- 18.4.5 Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'
- 18.4.7 Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses' is set to 'Disabled'
- 18.9.16.2 Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set
- 18.9.39.2 Ensure 'Turn off location' is set to 'Enabled'
- 2.3.7.6 Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer'
- CIS Microsoft Windows Server 2016 MS L2 v1.2.0
|
Sep 29, 2020 |
