WN11-00-000020 - Secure Boot must be enabled on Windows 11 systems.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Secure Boot is a standard that ensures systems boot only to a trusted operating system. Secure Boot is required to support additional security features in Windows 11, including virtualization-based Security and Credential Guard. If Secure Boot is turned off, these security features will not function.

Solution

Enable Secure Boot in the system firmware.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_11_V1R4_STIG.zip

Item Details

References: CAT|II, CCI|CCI-002421, Rule-ID|SV-253257r877465_rule, STIG-ID|WN11-00-000020, Vuln-ID|V-253257

Plugin: Windows

Control ID: cc6306869c1c891a08b95283e79f39d01ec9e904d6d004e39727b17ecc5bb422