CIS Microsoft Windows 10 Enterprise v1.12.0 NG

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows 10 Enterprise v1.12.0 NG

Updated: 5/2/2023

Authority: CIS

Plugin: Windows

Revision: 1.6

Estimated Item Count: 13

Audit Items

DescriptionCategories
18.8.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'
18.8.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection'
18.8.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'
18.8.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'
18.8.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'
18.8.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'
18.9.48.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'
18.9.48.2 Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled'
18.9.48.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'
18.9.48.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'
18.9.48.5 Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host'
18.9.48.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'
CIS_MS_Windows_10_Enterprise_Next_Generation_Windows_Security_v1.12.0.audit from CIS Microsoft Windows 10 Enterprise Benchmark