20.33 Ensure 'Local volumes must use a format that supports NTFS attributes'

Information

This policy setting ensures that volumes are formatted to use NT file system (NTFS) or Resilient File System (ReFS).

Note: The (ReFS) file system is a Microsoft proprietary file system introduced with Windows Server 2012 with the intent of becoming the 'next generation' file system after NTFS.

The ability to set access permissions and auditing is critical to maintaining the security and proper access controls of a system. To support this, volumes must be formatted using a file system that supports NTFS attributes.

Solution

Format volumes to use NTFS or ReFS.

Impact:

Only NTFS or ReFS file systems are authorized for a volume.

See Also

https://workbench.cisecurity.org/benchmarks/15105

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Windows

Control ID: 2f002c62b4421b5235fd6929c586b9eeb1a7b69ce8e6f230a636691b3d9db1d9