Detections
Analytics

CIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 NG

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 NG

Updated: 8/3/2022

Authority: Operating Systems and Applications

Plugin: Windows

Revision: 1.7

Estimated Item Count: 14

Audit Items

DescriptionCategories
18.8.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'
18.8.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection'
18.8.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'
18.8.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'
18.8.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'
18.8.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'
18.9.78.1 Ensure 'Allow auditing events in Windows Defender Application Guard' is set to 'Enabled'
18.9.78.2 Ensure 'Allow camera and microphone access in Windows Defender Application Guard' is set to 'Disabled'
18.9.78.3 Ensure 'Allow data persistence for Windows Defender Application Guard' is set to 'Disabled'
18.9.78.4 Ensure 'Allow files to download and save to the host operating system from Windows Defender Application Guard' is set to 'Disabled'
18.9.78.5 Ensure 'Allow users to trust files that open in Windows Defender Application Guard' is set to 'Enabled: 0 (Do not allow users to manually trust files)' OR '2 (Allow users to manually trust after an antivirus check)'
18.9.78.6 Ensure 'Configure Windows Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host'
18.9.78.7 Ensure 'Turn on Windows Defender Application Guard in Enterprise Mode' is set to 'Enabled: 1'
CIS_MS_Windows_10_Enterprise_Next_Generation_Windows_Security_v1.6.1.audit from CIS Microsoft Windows 10 Enterprise Release 1809 Benchmark