Home
Security Hardening
CIS Microsoft Windows 10 Enterprise Release 21H1 V1.11.0 L2 Bl

CIS Microsoft Windows 10 Enterprise Release 21H1 V1.11.0 L2 Bl

Ensure ‘Remote Desktop Configuration (SessionEnv)’ is set to ‘Disabled’
Details Remote Desktop Configuration service (RDCS) is responsible for all Remote Desktop related configuration and session maintenance activities that require...
Ensure ‘Remote Desktop Services (TermService)’ is set to ‘Disabled’
Details Allows users to connect interactively to a remote computer. Remote Desktop and Remote Desktop Session Host Server depend on...
Ensure ‘Remote Desktop Services UserMode Port Redirector (UmRdpService)’ is set to ‘Disabled’
Details Allows the redirection of Printers/Drives/Ports for RDP connections. The recommended state for this setting is: Disabled. Rationale: In a...
Ensure ‘Remote Registry (RemoteRegistry)’ is set to ‘Disabled’
Details Enables remote users to modify registry settings on this computer. The recommended state for this setting is: Disabled. Rationale:...
Ensure ‘Server (LanmanServer)’ is set to ‘Disabled’
Details Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions...
Ensure ‘SNMP Service (SNMP)’ is set to ‘Disabled’ or ‘Not Installed’
Details Enables Simple Network Management Protocol (SNMP) requests to be processed by this computer. The recommended state for this setting...
Ensure ‘System cryptography: Force strong key protection for user keys stored on the computer’ is set to ‘User is prompted when the key is first used’ or higher
Details This policy setting determines whether users’ private keys (such as their S-MIME keys) require a password to be used....
Ensure ‘Turn off Microsoft Peer-to-Peer Networking Services’ is set to ‘Enabled’
Details The Peer Name Resolution Protocol (PNRP) allows for distributed resolution of a name to an IPv6 address and port...
Ensure ‘Turn on Mapper I/O (LLTDIO) driver’ is set to ‘Disabled’ – AllowLLTDIOOnDomain
Details This policy setting changes the operational behavior of the Mapper I/O network protocol driver. LLTDIO allows a computer to...
Ensure ‘Turn on Mapper I/O (LLTDIO) driver’ is set to ‘Disabled’ – AllowLLTDIOOnPublicNet
Details This policy setting changes the operational behavior of the Mapper I/O network protocol driver. LLTDIO allows a computer to...

Prev Next

CIS Microsoft Windows 10 Enterprise Release 21H1 V1.11.0 L2 Bl

Ensure ‘Remote Desktop Configuration (SessionEnv)’ is set to ‘Disabled’

Ensure ‘Remote Desktop Services (TermService)’ is set to ‘Disabled’

Ensure ‘Remote Desktop Services UserMode Port Redirector (UmRdpService)’ is set to ‘Disabled’

Ensure ‘Remote Registry (RemoteRegistry)’ is set to ‘Disabled’

Ensure ‘Server (LanmanServer)’ is set to ‘Disabled’

Ensure ‘SNMP Service (SNMP)’ is set to ‘Disabled’ or ‘Not Installed’

Ensure ‘System cryptography: Force strong key protection for user keys stored on the computer’ is set to ‘User is prompted when the key is first used’ or higher

Ensure ‘Turn off Microsoft Peer-to-Peer Networking Services’ is set to ‘Enabled’

Ensure ‘Turn on Mapper I/O (LLTDIO) driver’ is set to ‘Disabled’ – AllowLLTDIOOnDomain

Ensure ‘Turn on Mapper I/O (LLTDIO) driver’ is set to ‘Disabled’ – AllowLLTDIOOnPublicNet