18.10.10.1 (L2) Ensure 'Allow Use of Camera' is set to 'Disabled'
18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'
18.10.42.12.1 (L2) Ensure 'Configure Watson events' is set to 'Disabled'
18.10.42.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'
18.10.56.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'
18.10.56.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'
18.10.58.4 (L2) Ensure 'Allow search highlights' is set to 'Disabled'
18.10.62.1 (L2) Ensure 'Turn off KMS Client Online AVS Validation' is set to 'Enabled'
18.10.79.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Disabled'
18.10.80.3 (L2) Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'
18.10.86.1 (L2) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled'
18.10.86.2 (L2) Ensure 'Turn on PowerShell Transcription' is set to 'Enabled'
18.10.88.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'
18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'
18.5.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'
18.5.7 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses' is set to 'Disabled'
18.6.10.2 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'
18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')
18.6.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'
18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled'
18.8.1.1 (L2) Ensure 'Turn off notifications network usage' is set to 'Enabled'
18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'
18.9.20.1.4 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'
18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled'
18.9.33.6.1 (L2) Ensure 'Allow network connectivity during connected-standby (on battery)' is set to 'Disabled'
18.9.33.6.2 (L2) Ensure 'Allow network connectivity during connected-standby (plugged in)' is set to 'Disabled'
18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'
18.9.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'
18.9.49.1 (L2) Ensure 'Turn off the advertising ID' is set to 'Enabled'
19.7.44.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'
19.7.8.3 (L2) Ensure 'Do not use diagnostic data for tailored experiences' is set to 'Enabled'
19.7.8.4 (L2) Ensure 'Turn off all Windows spotlight features' is set to 'Enabled'
2.2.37 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)
Miscellaneous
References updated.
Added
'18.9.20.1.10 (L2) Ensure \'Turn off the \'Publish to Web\' task for files and folders\' is set to \'Enabled\''
'18.9.20.1.9 (L2) Ensure \'Turn off the \'Order Prints\' picture task\' is set to \'Enabled\''
Removed
18.9.20.1.10 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'
18.9.20.1.9 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'
