WNDF-AV-000039 - Microsoft Defender AV must be configured to prevent user and apps from accessing dangerous websites.

Information

Enable Microsoft Defender Exploit Guard network protection to prevent employees from using any application to access dangerous domains that may host phishing scams, exploit-hosting sites, and other malicious content on the internet.

Solution

Set the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Defender Antivirus >> Windows Defender Exploit Guard >> Network Protection >> 'Prevent users and apps from accessing dangerous websites' to 'Enabled' and select 'Block' in the drop-down box.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Defender_Antivirus_V2R4_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4), CAT|II, CCI|CCI-001170, Rule-ID|SV-213463r823095_rule, STIG-ID|WNDF-AV-000039, STIG-Legacy|SV-92675, STIG-Legacy|V-77979, Vuln-ID|V-213463

Plugin: Windows

Control ID: b74c64bc45cf915e455863db08827d3fba641b301685a62893a2fba539c9806d