Detections
Analytics

CIS Microsoft Windows 10 Enterprise v2.0.0 NG

Audit Details

Name: CIS Microsoft Windows 10 Enterprise v2.0.0 NG

Updated: 11/17/2023

Authority: CIS

Plugin: Windows

Revision: 1.2

Estimated Item Count: 14

File Details

Filename: CIS_MS_Windows_10_Enterprise_Next_Generation_Windows_Security_v2.0.0.audit

Size: 43.2 kB

MD5: 99076968ebabd8668937eada81b72f8d
SHA256: ffeb16b8eecd35f938b0f34e0ecbbbf8a10358c3c667edd77e015f555eaabcae

Audit Items

DescriptionCategories
18.9.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher - Secure Boot and DMA Protection

SYSTEM AND INFORMATION INTEGRITY

18.9.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'

SYSTEM AND INFORMATION INTEGRITY

18.9.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'

SYSTEM AND INFORMATION INTEGRITY

18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'

SYSTEM AND INFORMATION INTEGRITY

18.9.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

18.9.25.2 Ensure 'Configures LSASS to run as a protected process' is set to 'Enabled: Enabled with UEFI Lock'

CONFIGURATION MANAGEMENT

18.10.44.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'

AUDIT AND ACCOUNTABILITY

18.10.44.2 Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled'

SYSTEM AND INFORMATION INTEGRITY

18.10.44.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'

CONFIGURATION MANAGEMENT

18.10.44.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'

CONFIGURATION MANAGEMENT

18.10.44.5 Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host'

CONFIGURATION MANAGEMENT

18.10.44.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'

SYSTEM AND INFORMATION INTEGRITY

CIS_MS_Windows_10_Enterprise_Next_Generation_Windows_Security_v2.0.0.audit from CIS Microsoft Windows 10 Enterprise Benchmark