18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled'

Information

This policy setting allows you to allow or deny remote access to the Plug and Play interface.

The recommended state for this setting is: Disabled.

Rationale:

Allowing remote access to the Plug and Play interface could give hackers another attack vector to a system.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled:

Computer Configuration\Policies\Administrative Templates\System\Device Installation\Allow remote access to the Plug and Play interface

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template DeviceInstallation.admx/adml that is included with the Microsoft Windows 7 & Server 2008 R2 Administrative Templates (or newer).

Impact:

None - this is the default behavior.

Default Value:

Disabled. (Remote connections to the Plug and Play interface are not allowed.)

See Also

https://workbench.cisecurity.org/files/2700

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(3), CSCv6|9.1

Plugin: Windows

Control ID: 09b51add3862581e6bc146babf8f75d324b31022776052d8a42ab9790c78ed4a