Detections
Analytics

CIS Microsoft Windows 10 Stand-alone v2.0.0 NG

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows 10 Stand-alone v2.0.0 NG

Updated: 6/17/2024

Authority: CIS

Plugin: Windows

Revision: 1.4

Estimated Item Count: 14

File Details

Filename: CIS_Microsoft_Windows_10_Stand-alone_v2.0.0_Next_Generation_Windows_Security.audit

Size: 42 kB

MD5: 51c5f4ae803317d2c880001cd5759221
SHA256: cd2553b0361256a117b094e68c19a651291055ea3240f11f11c1bbafc4010a92

Audit Items

DescriptionCategories
18.9.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled' - Enabled
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher - Secure Boot and DMA Protection
18.9.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock' - Enabled with UEFI lock
18.9.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' - True (checked)
18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' - Enabled with UEFI lock
18.9.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled' - Enabled
18.9.25.1 Ensure 'Configures LSASS to run as a protected process' is set to 'Enabled: Enabled with UEFI Lock'
18.10.44.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled' - Enabled
18.10.44.2 Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' - Disabled
18.10.44.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled' - Disabled
18.10.44.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled' - Disabled
18.10.44.5 Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host' - Enabled: Enable clipboard operation from an isolated session to the host
18.10.44.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1' - Enabled: 1
CIS_Microsoft_Windows_10_Stand-alone_v2.0.0_Next_Generation_Windows_Security.audit from CIS Microsoft Windows 10 Stand-alone Benchmark