Detections
Analytics

CIS Microsoft Windows 11 Stand-alone v1.0.0 NG

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows 11 Stand-alone v1.0.0 NG

Updated: 7/11/2023

Authority: CIS

Plugin: Windows

Revision: 1.3

Estimated Item Count: 13

File Details

Filename: CIS_Microsoft_Windows_11_Stand-alone_v1.0.0_Next_Generation_Windows_Security.audit

Size: 38.4 kB

MD5: 75d168ed56e191b8a19f2bc22503769e
SHA256: 3fe583ec841d4394e1e02a82cbef4f553f03654379364916a2dc32b38c18c629

Audit Items

DescriptionCategories
18.8.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'
18.8.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection'
18.8.5.3 Ensure 'Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity' is set to 'Enabled with UEFI lock'
18.8.5.4 Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'
18.8.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'
18.8.5.6 Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'
18.9.48.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'
18.9.48.2 Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled'
18.9.48.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'
18.9.48.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'
18.9.48.5 Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host'
18.9.48.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'
CIS_Microsoft_Windows_11_Stand-alone_v1.0.0_Next_Generation_Windows_Security.audit from CIS Microsoft Windows 11 Stand-alone Benchmark