Detections
Analytics

CIS Microsoft Windows 10 Enterprise v2.0.0 NG

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows 10 Enterprise v2.0.0 NG

Updated: 6/17/2024

Authority: CIS

Plugin: Windows

Revision: 1.4

Estimated Item Count: 14

File Details

Filename: CIS_MS_Windows_10_Enterprise_Next_Generation_Windows_Security_v2.0.0.audit

Size: 41.2 kB

MD5: 542913e14efb13d2f18004b0e783d006
SHA256: 99d4ded9e4d56b52af586ba0a181146c5926e50dbe385a8188c4d94cbfde1c8d

Audit Items

DescriptionCategories
18.9.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher - Secure Boot and DMA Protection
18.9.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'
18.9.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'
18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'
18.9.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'
18.9.25.2 Ensure 'Configures LSASS to run as a protected process' is set to 'Enabled: Enabled with UEFI Lock'
18.10.44.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'
18.10.44.2 Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled'
18.10.44.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'
18.10.44.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'
18.10.44.5 Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host'
18.10.44.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'
CIS_MS_Windows_10_Enterprise_Next_Generation_Windows_Security_v2.0.0.audit from CIS Microsoft Windows 10 Enterprise Benchmark