Detections
Analytics

CIS Microsoft Windows 10 Enterprise v3.0.0 NG

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows 10 Enterprise v3.0.0 NG

Updated: 6/11/2025

Authority: CIS

Plugin: Windows

Revision: 1.3

Estimated Item Count: 13

File Details

Filename: CIS_Microsoft_Windows_10_Enterprise_v3.0.0_Next_Generation_Windows_Security.audit

Size: 39 kB

MD5: 2f79379e88e36de049b935606adee20b
SHA256: 92d9bdb92f68c81dcc9b5df7e295278ba889b59e2ae9797e57cb146dacb894d3

Audit Items

DescriptionCategories
18.9.5.1 (NG) Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'
18.9.5.2 (NG) Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher
18.9.5.3 (NG) Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'
18.9.5.5 (NG) Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'
18.9.5.6 (NG) Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'
18.10.43.1 (NG) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'
18.10.43.2 (NG) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled'
18.10.43.3 (NG) Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'
18.10.43.4 (NG) Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'
18.10.43.5 (NG) Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host'
18.10.43.6 (NG) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'
CIS_Microsoft_Windows_10_Enterprise_v3.0.0_L2_Next_Generation_Windows_Security.audit from CIS Microsoft Windows 10 Enterprise Benchmark v3.0.0