Ensure ‘Impersonate a client after authentication’ is set to ‘Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE’
Details The policy setting allows programs that run on behalf of a user to impersonate that user (or another specified...
- Home
- Security Hardening
- CIS Microsoft Windows 10 Enterprise Release 1903 V1.7.1 L1 Bl Ng
CIS Microsoft Windows 10 Enterprise Release 1903 V1.7.1 L1 Bl Ng
Ensure ‘Increase scheduling priority’ is set to ‘Administrators, Window ManagerWindow Manager Group’
Details This policy setting determines whether users can increase the base priority class of a process. (It is not a...Ensure ‘Load and unload device drivers’ is set to ‘Administrators’
Details This policy setting allows users to dynamically load a new device driver on a system. An attacker could potentially...Ensure ‘Lock pages in memory’ is set to ‘No One’
Details This policy setting allows a process to keep data in physical memory, which prevents the system from paging the...Ensure ‘Manage auditing and security log’ is set to ‘Administrators’
Details This policy setting determines which users can change the auditing options for files and directories and clear the Security...Ensure ‘Maximum password age’ is set to ’60 or fewer days, but not 0′
Details This policy setting defines how long a user can use their password before it expires. Values for this policy...Ensure ‘Minimum password age’ is set to ‘1 or more day(s)’
Details This policy setting determines the number of days that you must use a password before you can change it....Ensure ‘Minimum password length’ is set to ’14 or more character(s)’
Details This policy setting determines the least number of characters that make up a password for a user account. There...Ensure ‘Modify an object label’ is set to ‘No One’
Details This privilege determines which user accounts can modify the integrity label of objects, such as files, registry keys, or...Ensure ‘Modify firmware environment values’ is set to ‘Administrators’
Details This policy setting allows users to configure the system-wide environment variables that affect hardware configuration. This information is typically...