Detections
Analytics

1.178 WN10-CC-000385

Information

Windows Ink Workspace must be configured to disallow access above the lock.

GROUP ID: V-220871RULE ID: SV-220871r958478

This action secures Windows Ink, which contains applications and features oriented toward pen computing.

Solution

Disable the convenience PIN sign-in.

If this needs to be corrected, configure the policy value for

Computer Configuration >> Administrative Templates >> Windows Components >> Windows Ink Workspace >> Set 'Allow Windows Ink Workspace'

to 'Enabled' and set Options 'On, but disallow access above lock'.

See Also

https://workbench.cisecurity.org/benchmarks/23869

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, 800-53|CM-7a., CCI|CCI-000381, Rule-ID|SV-220871r958478_rule, STIG-ID|WN10-CC-000385, Vuln-ID|V-220871

Plugin: Windows

Control ID: 49b62adc441cb51e70f3ef6dd7cbd0dfc7a170009be8932870b161e82578ef87