MSCT Windows 10 v21H2 v1.0.0

Audit Details

Name: MSCT Windows 10 v21H2 v1.0.0

Updated: 7/21/2022

Authority: MSCT

Plugin: Windows

Revision: 1.2

Estimated Item Count: 357

File Details

Filename: MSCT_Windows_10_21H2_v1.0.0.audit

Size: 615 kB

MD5: 8c41d76fa3163896e5eb086a18ccc222
SHA256: 9be657448ded411d5260e42044f3a86c00430043dc79b6ce2cdcb31aa4a90306

Audit Items

DescriptionCategories
Access Credential Manager as a trusted caller

ACCESS CONTROL

Access data sources across domains - Internet Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Access data sources across domains - Restricted Sites Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Access this computer from the network

ACCESS CONTROL

Account lockout duration

ACCESS CONTROL

Accounts: Limit local account use of blank passwords to console logon only

IDENTIFICATION AND AUTHENTICATION

Act as part of the operating system

ACCESS CONTROL

Allow active scripting

SYSTEM AND COMMUNICATIONS PROTECTION

Allow Basic authentication - Client - AllowBasic

ACCESS CONTROL

Allow Basic authentication - Service - AllowBasic

ACCESS CONTROL

Allow binary and script behaviors

CONFIGURATION MANAGEMENT

Allow cut, copy or paste operations from the clipboard via script - Internet Zone

CONFIGURATION MANAGEMENT

Allow cut, copy or paste operations from the clipboard via script - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow drag and drop or copy and paste files - Internet Zone

CONFIGURATION MANAGEMENT

Allow drag and drop or copy and paste files - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow enhanced PINs for startup

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Allow fallback to SSL 3.0 (Internet Explorer)

SYSTEM AND COMMUNICATIONS PROTECTION

Allow file downloads

CONFIGURATION MANAGEMENT

Allow indexing of encrypted files

CONFIGURATION MANAGEMENT

Allow loading of XAML files - Internet Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Allow loading of XAML files - Restricted Sites Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Allow log on locally

ACCESS CONTROL

Allow META REFRESH

CONFIGURATION MANAGEMENT

Allow Microsoft accounts to be optional

IDENTIFICATION AND AUTHENTICATION

Allow only approved domains to use ActiveX controls without prompt - Internet Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Allow only approved domains to use ActiveX controls without prompt - Restricted Sites Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Allow only approved domains to use the TDC ActiveX control - Internet Zone

CONFIGURATION MANAGEMENT

Allow only approved domains to use the TDC ActiveX control - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow script-initiated windows without size or position constraints - Internet Zone

CONFIGURATION MANAGEMENT

Allow script-initiated windows without size or position constraints - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow scripting of Internet Explorer WebBrowser controls - Internet Zone

CONFIGURATION MANAGEMENT

Allow scripting of Internet Explorer WebBrowser controls - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow scriptlets - Internet Zone

CONFIGURATION MANAGEMENT

Allow scriptlets - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow software to run or install even if the signature is invalid

SYSTEM AND COMMUNICATIONS PROTECTION

Allow standby states (S1-S3) when sleeping (on battery)

CONFIGURATION MANAGEMENT

Allow standby states (S1-S3) when sleeping (plugged in)

CONFIGURATION MANAGEMENT

Allow unencrypted traffic - Client - AllowUnencryptedTraffic

ACCESS CONTROL

Allow unencrypted traffic - Service - AllowUnencryptedTraffic

ACCESS CONTROL

Allow updates to status bar via script - Internet Zone

CONFIGURATION MANAGEMENT

Allow updates to status bar via script - Restricted Sites Zone

CONFIGURATION MANAGEMENT

Allow user control over installs

ACCESS CONTROL

Allow VBScript to run in Internet Explorer - Internet Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Allow VBScript to run in Internet Explorer - Restricted Sites Zone

SYSTEM AND COMMUNICATIONS PROTECTION

Allow Windows Ink Workspace

CONFIGURATION MANAGEMENT

Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services

ACCESS CONTROL

Always install with elevated privileges

ACCESS CONTROL

Always prompt for password upon connection

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Apply local connection security rules

SYSTEM AND COMMUNICATIONS PROTECTION

Apply local firewall rules

SYSTEM AND COMMUNICATIONS PROTECTION