Jun 23, 2025 Functional Update- DISA_Microsoft_Windows_11_STIG_v2r3.audit from DISA Microsoft Windows 11 STIG v2r3
- WN11-00-000025 - Windows 11 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: Continuously, where ESS is used; 30 days, for any additional internal network scans not covered by ESS; and annually, for external scans by Computer Network Defense Service Provider (CNDSP).
- WN11-00-000055 - Alternate operating systems must not be permitted on the same system.
- WN11-00-000060 - Non-system-created file shares on a system must limit access to groups that require it.
- WN11-00-000130 - Software certificate installation files must be removed from Windows 11.
- WN11-00-000190 - Orphaned security identifiers (SIDs) must be removed from user rights on Windows 11.
- WN11-00-000240 - Administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email.
- WN11-00-000250 - Windows 11 nonpersistent VM sessions must not exceed 24 hours.
|
