Home
Security Hardening
CIS Windows 7 Workstation L2 BitLocker V3 2.0

CIS Windows 7 Workstation L2 BitLocker V3 2.0

Ensure ‘Remote Desktop Services UserMode Port Redirector (UmRdpService)’ is set to ‘Disabled’
Details Allows the redirection of Printers/Drives/Ports for RDP connections. The recommended state for this setting is: Disabled. Rationale: In a...
Ensure ‘Remote Registry (RemoteRegistry)’ is set to ‘Disabled’
Details Enables remote users to modify registry settings on this computer. The recommended state for this setting is: Disabled. Rationale:...
Ensure ‘Server (LanmanServer)’ is set to ‘Disabled’
Details Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions...
Ensure ‘SNMP Service (SNMP)’ is set to ‘Disabled’ or ‘Not Installed’
Details Enables Simple Network Management Protocol (SNMP) requests to be processed by this computer. The recommended state for this setting...
Ensure ‘System cryptography: Force strong key protection for user keys stored on the computer’ is set to ‘User is prompted when the key is first used’ or higher
Details This policy setting determines whether users’ private keys (such as their S-MIME keys) require a password to be used....
Ensure ‘Turn off handwriting personalization data sharing’ is set to ‘Enabled’
Details This setting turns off data sharing from the handwriting recognition personalization tool. The handwriting recognition personalization tool enables Tablet...
Ensure ‘Turn off handwriting recognition error reporting’ is set to ‘Enabled’
Details Turns off the handwriting recognition error reporting tool. The handwriting recognition error reporting tool enables users to report errors...
Ensure ‘Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com’ is set to ‘Enabled’
Details This policy setting specifies whether the Internet Connection Wizard can connect to Microsoft to download a list of Internet...
Ensure ‘Turn off Microsoft Peer-to-Peer Networking Services’ is set to ‘Enabled’
Details The Peer Name Resolution Protocol (PNRP) allows for distributed resolution of a name to an IPv6 address and port...
Ensure ‘Turn on Mapper I/O (LLTDIO) driver’ is set to ‘Disabled’ – AllowLLTDIOOndomain
Details This policy setting changes the operational behavior of the Mapper I/O network protocol driver. LLTDIO allows a computer to...

Prev Next

CIS Windows 7 Workstation L2 BitLocker V3 2.0

Ensure ‘Remote Desktop Services UserMode Port Redirector (UmRdpService)’ is set to ‘Disabled’

Ensure ‘Remote Registry (RemoteRegistry)’ is set to ‘Disabled’

Ensure ‘Server (LanmanServer)’ is set to ‘Disabled’

Ensure ‘SNMP Service (SNMP)’ is set to ‘Disabled’ or ‘Not Installed’

Ensure ‘System cryptography: Force strong key protection for user keys stored on the computer’ is set to ‘User is prompted when the key is first used’ or higher

Ensure ‘Turn off handwriting personalization data sharing’ is set to ‘Enabled’

Ensure ‘Turn off handwriting recognition error reporting’ is set to ‘Enabled’

Ensure ‘Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com’ is set to ‘Enabled’

Ensure ‘Turn off Microsoft Peer-to-Peer Networking Services’ is set to ‘Enabled’

Ensure ‘Turn on Mapper I/O (LLTDIO) driver’ is set to ‘Disabled’ – AllowLLTDIOOndomain