1.2.4.2.3.16 Set 'Require use of smart cards on removable data drives' to 'True'

Information

This policy setting specifies whether a password is required to unlock BitLocker-protected removable data drives.

NOTE: Some queries in this .audit require BitLocker to be enabled in order to function properly.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Make sure 'Require use of smart cards on removable data drives' is set to 'True'

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|IA-5(11), 800-53|SC-28(1), CSCv6|13.2, CSCv6|16.11

Plugin: Windows

Control ID: fc164153f9490fc2b495a4e133d1906458059c77ebd2c1d1ee182274f2c52b84