sd/SecurityBaseline_AzureStackHCI/2408.2.psd1
|
# Copyright (c) Microsoft Corporation. All rights reserved. # Autogenerated. Do not edit. @{ Metadata = @' {"name":"SecurityBaseline/AzureStackHCI","description":"Azure Stack HCI Appliance Security Baseline Configuration and Inventory","version":"2408.2","include":{"installationType":"Server*","editionId":"ServerAzureStackHCICor"},"settings":[{"id":"131ecdaf-4a45-44ef-8d8e-eb7f4acf2fa6","name":"AccessCredentialManagerAsTrustedCaller","description":"Access Credential Manager as a trusted caller","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/AccessCredentialManagerAsTrustedCaller","get":"Result/UserRights/AccessCredentialManagerAsTrustedCaller"}},"schema":{"type":"string"},"default":"","compliance":{"const":""}},{"id":"3f2d92c2-5850-4f2d-b245-f5089aa975dd","name":"AccessFromNetwork","description":"Access this computer from the network","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/AccessFromNetwork","get":"Result/UserRights/AccessFromNetwork"}},"schema":{"type":"string"},"default":"*S-1-5-11,*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-11"]}}},{"name":"AccountLockoutPolicy","description":"Account lockout policy","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/DeviceLock/AccountLockoutPolicy","get":"Result/DeviceLock/AccountLockoutPolicy"}},"schema":{"type":"string"},"default":"ResetAccountLockoutCounterAfter:15, AccountLockoutDuration:15, AccountLockoutThreshold:3","compliance":{"allOf":[{"pattern":"ResetAccountLockoutCounterAfter:[1][5-9]|[2-9]\\d|[1-9]\\d{2,}"},{"pattern":"AccountLockoutDuration:[1][5-9]|[2-9]\\d|[1-9]\\d{2,}"},{"pattern":"AccountLockoutThreshold:[1-3]"}]}},{"id":"4f8fd732-facf-4184-a29c-61fdd40db89d","name":"AccountLogon_AuditCredentialValidation","description":"Audit Credential Validation","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountLogon_AuditCredentialValidation","get":"Result/Audit/AccountLogon_AuditCredentialValidation"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"103de8e8-643e-4b0e-b4a4-a85830239a53","name":"AccountLogonLogoff_AuditAccountLockout","description":"Audit Account Lockout","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountLogonLogoff_AuditAccountLockout","get":"Result/Audit/AccountLogonLogoff_AuditAccountLockout"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":2}},{"id":"babda20b-1bc0-4204-9745-0cd584dcbb2b","name":"AccountLogonLogoff_AuditGroupMembership","description":"Audit Group Membership","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountLogonLogoff_AuditGroupMembership","get":"Result/Audit/AccountLogonLogoff_AuditGroupMembership"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"e1174067-f117-4d7f-9584-fd93eedd566f","name":"AccountLogonLogoff_AuditLogoff","description":"Audit Logoff","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountLogonLogoff_AuditLogoff","get":"Result/Audit/AccountLogonLogoff_AuditLogoff"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"fa518c7b-96bc-45e6-8fee-2c99186a010d","name":"AccountLogonLogoff_AuditOtherLogonLogoffEvents","description":"Audit Other Logon/Logoff Events","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountLogonLogoff_AuditOtherLogonLogoffEvents","get":"Result/Audit/AccountLogonLogoff_AuditOtherLogonLogoffEvents"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"8ee0776b-3b84-47bf-9594-e14e29fcc8ff","name":"AccountLogonLogoff_AuditSpecialLogon","description":"Audit Special Logon","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountLogonLogoff_AuditSpecialLogon","get":"Result/Audit/AccountLogonLogoff_AuditSpecialLogon"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"164bcf05-b0fe-456f-8a25-04d7d920f88a","name":"AccountManagement_AuditComputerAccountManagement","description":"Audit Computer Account Management","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountManagement_AuditComputerAccountManagement","get":"Result/Audit/AccountManagement_AuditComputerAccountManagement"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"acc56724-35e6-4ead-a87f-e12b98b396d5","name":"AccountManagement_AuditOtherAccountManagementEvents","description":"Audit Other Account Management Events","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountManagement_AuditOtherAccountManagementEvents","get":"Result/Audit/AccountManagement_AuditOtherAccountManagementEvents"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"515db7da-c244-445b-b093-cf3c09ad8970","name":"AccountManagement_AuditSecurityGroupManagement","description":"Audit Security Group Management","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountManagement_AuditSecurityGroupManagement","get":"Result/Audit/AccountManagement_AuditSecurityGroupManagement"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"7e4d9fe1-eb3f-49ac-bb5b-d417df7e6d6c","name":"AccountManagement_AuditUserAccountManagement","description":"Audit User Account Management","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/AccountManagement_AuditUserAccountManagement","get":"Result/Audit/AccountManagement_AuditUserAccountManagement"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"d3d9ac7b-8bcc-42e8-8752-29902eda04dd","name":"Accounts_EnableGuestAccountStatus","description":"Accounts: Guest account status","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/LocalPoliciesSecurityOptions/Accounts_EnableGuestAccountStatus","get":"Result/LocalPoliciesSecurityOptions/Accounts_EnableGuestAccountStatus"}},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"3715ec67-6cd4-49c0-8c82-27001a0e332b","name":"Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly","description":"Accounts: Limit local account use of blank passwords to console logon only","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"LimitBlankPasswordUse"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"a1272685-6a0d-4008-9d40-fc5c83a8fd8f","name":"Accounts_RenameGuestAccount","description":"Accounts: Rename guest account","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount","get":"Result/LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount"}},"schema":{"type":"string"},"default":"ASBuiltInGuest","compliance":{"not":{"const":"Guest"}}},{"id":"c7f8ee96-6b8e-47e8-80b1-2e0985edeafd","name":"ActAsPartOfTheOperatingSystem","description":"Act as part of the operating system","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ActAsPartOfTheOperatingSystem","get":"Result/UserRights/ActAsPartOfTheOperatingSystem"}},"schema":{"type":"string"},"default":"","compliance":{"const":""}},{"id":"403670e7-8c1b-4c09-81f8-9c2f3c3ebe30","name":"AllowICMPRedirectsToOverrideOSPFGeneratedRoutes","description":"prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF)-generated routes","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Tcpip\\Parameters","value":"EnableICMPRedirect"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"051545a4-179e-4c04-9e9b-8f33821ef36f","name":"AllowLocalLogOn","description":"Allow log on locally","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/AllowLocalLogOn","get":"Result/UserRights/AllowLocalLogOn"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]}}},{"id":"8ad78d25-6140-4899-9565-e053ce7d9a66","name":"AllowPKU2UAuthenticationAllowOnlineID","description":"Network Security: Allow PKU2U authentication requests to this computer to use online identities","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\pku2u","value":"AllowOnlineID"},"schema":{"type":"integer"},"compliance":{"const":1}},{"id":"14afe28a-6199-49ff-9789-dabb89ed714e","name":"AllowTelemetry","description":"Allow Telemetry","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection","value":"AllowTelemetry"},"schema":{"type":"integer","enum":[0,1,3]},"default":0,"compliance":{"minimum":0,"maximum":1}},{"id":"8f624a01-c694-4d61-9d85-bf6d9a4be86d","name":"AllowTheComputerToIgnoreNetBIOSNameReleaseRequestsExceptFromWINSServers","description":"ignore NetBIOS name release requests except from WINS servers","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\NetBT\\Parameters","value":"NoNameReleaseOnDemand"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"c1557cd3-5d47-42af-b4e0-993ec42cd697","name":"AppCompatTurnOffProgramInventory","description":"Turn off Inventory Collector","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat","value":"DisableInventory"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"Audit_AuditTheUseOfBackupAndRestoreprivilege","description":"Audit: Audit the use of Backup and Restore privilege","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"FullPrivilegeAuditing"},"schema":{"type":"string","metaType":"b64"},"default":"AA==","compliance":{"const":"AA=="}},{"id":"0179cc92-ef40-40b9-9aaa-41aaf3f9f355","name":"Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings","description":"Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"SCENoApplyLegacyAuditPolicy"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"6907b165-e70a-4b88-b624-3e32a15c93b1","name":"Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits","description":"Audit: Shut down system immediately if unable to log security audits","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"CrashOnAuditFail"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"d0f025af-b24b-49ab-9b75-60f485ed5407","name":"Autorun","description":"Turn off Autoplay","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer","value":"NoDriveTypeAutoRun"},"schema":{"type":"integer","enum":[181,255]},"default":255,"compliance":{"const":255}},{"id":"877cfb8a-1504-4641-9caf-405768ff91f4","name":"BackupFilesAndDirectories","description":"Backup files and directories","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/BackupFilesAndDirectories","get":"Result/UserRights/BackupFilesAndDirectories"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-32-551","*S-1-5-32-549"]}}},{"id":"a30f6d7d-f3dc-442c-8a1f-921123c6250c","name":"BypassTraverseChecking","description":"Bypass traverse checking","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/BypassTraverseChecking","get":"Result/UserRights/BypassTraverseChecking"}},"schema":{"type":"string"},"default":"*S-1-5-32-544,*S-1-5-11,*S-1-5-32-551,*S-1-5-19,*S-1-5-20","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-11","*S-1-5-32-551","*S-1-5-19","*S-1-5-20"]}}},{"id":"8b6f479f-13a9-40d1-a2d6-bd9c27d2b7dc","name":"ChangeSystemTime","description":"Change the system time","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ChangeSystemTime","get":"Result/UserRights/ChangeSystemTime"}},"schema":{"type":"string"},"default":"*S-1-5-19,*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-32-549","*S-1-5-19"]}}},{"id":"8ed0c2c5-af57-4434-9ae8-fe93bc39bfd0","name":"ChangeTimeZone","description":"Change the time zone","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ChangeTimeZone","get":"Result/UserRights/ChangeTimeZone"}},"schema":{"type":"string"},"default":"*S-1-5-19,*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-19"]}}},{"name":"Ciphers_RC4_128_128_Enabled","description":"Disable schannel ciphers RC4 128/128","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Ciphers\\RC4 128/128","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"Ciphers_RC4_40_128_Enabled","description":"Disable schannel ciphers RC4 40/128","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Ciphers\\RC4 40/128","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"Ciphers_RC4_56_128_Enabled","description":"Disable schannel ciphers RC4 56/128","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Ciphers\\RC4 56/128","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"Ciphers_Triple_DES_168_Enabled","description":"Disable schannel ciphers Triple DES 168","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Ciphers\\Triple DES 168","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"adb052b7-c17e-4b8c-86b8-d81b6a89af20","name":"ClearTextPassword","description":"Store passwords using reversible encryption","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/DeviceLock/ClearTextPassword","get":"Result/DeviceLock/ClearTextPassword"}},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"c0a4a0ed-1585-4857-8e2b-30b1bb48c6ea","name":"CreateGlobalObjects","description":"Create global objects","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/CreateGlobalObjects","get":"Result/UserRights/CreateGlobalObjects"}},"schema":{"type":"string"},"default":"*S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-6","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-6","*S-1-5-19","*S-1-5-20"]}}},{"id":"04251e82-4442-4923-ac77-992891a5042b","name":"CreatePageFile","description":"Create a pagefile","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/CreatePageFile","get":"Result/UserRights/CreatePageFile"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"03766d3c-81c2-438e-8192-91787f2ae69a","name":"CreatePermanentSharedObjects","description":"Create permanent shared objects","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/CreatePermanentSharedObjects","get":"Result/UserRights/CreatePermanentSharedObjects"}},"schema":{"type":"string"},"default":"","compliance":{"const":""}},{"id":"e97bdde4-ccec-42e6-a17f-7993cb03a0d6","name":"CreateSymbolicLinks","description":"Create symbolic links","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/CreateSymbolicLinks","get":"Result/UserRights/CreateSymbolicLinks"}},"schema":{"type":"string"},"default":"*S-1-5-32-544,*S-1-5-83-0","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-83-0"]}}},{"id":"d3f866fb-8adf-4ec6-adc7-93bb9ebcccdd","name":"CreateToken","description":"Create a token object","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/CreateToken","get":"Result/UserRights/CreateToken"}},"schema":{"type":"string"},"default":"","compliance":{"const":""}},{"id":"20670f2c-01b1-4f5b-9dff-023c697babdb","name":"CredSSP_AllowEncryptionOracle","description":"CredSSP AllowEncryptionOracle","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\CredSSP\\Parameters","value":"AllowEncryptionOracle"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"be3a95af-edc4-4252-a1c0-6c74f3b5b8a7","name":"CredUI_DisablePasswordReveal","description":"Do not display the password reveal button","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CredUI","value":"DisablePasswordReveal"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"Cryptography_Configuration_EccCurves","description":"Set EccCurves in Cryptography Configuration to NistP384,NistP256","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\Configuration\\SSL\\00010002","value":"EccCurves"},"schema":{"type":"array","metaType":"multistring","delimiter":",","items":{"type":"string","enum":["curve25519","NistP256","NistP384"]}},"default":"NistP384,NistP256","compliance":{"delimiter":",","items":{"enum":["NistP256","NistP384"]}}},{"id":"596d3922-71a7-49ce-b34b-1f5e63ff03da","name":"DataCollection_DoNotShowFeedbackNotifications","description":"Do not show feedback notifications","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection","value":"DoNotShowFeedbackNotifications"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"f7d5fa8e-54ed-4e3e-a531-8ed38114bdab","name":"DebugPrograms","description":"Debug programs","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/DebugPrograms","get":"Result/UserRights/DebugPrograms"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"fbe348fd-0402-4e31-8482-66ae9ae82ea2","name":"DenyAccessFromNetwork","description":"Deny access to this computer from the network","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/DenyAccessFromNetwork","get":"Result/UserRights/DenyAccessFromNetwork"}},"schema":{"type":"string"},"default":"*S-1-5-32-546","compliance":{"delimiter":",","allOf":[{"contains":{"const":"*S-1-5-32-546"}}]}},{"id":"b7432fc2-51ba-4ddf-83dd-ca7f92e670c1","name":"DenyLocalLogOn","description":"Deny log on locally","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/DenyLocalLogOn","get":"Result/UserRights/DenyLocalLogOn"}},"schema":{"type":"string"},"default":"*S-1-5-32-546","compliance":{"delimiter":",","allOf":[{"contains":{"const":"*S-1-5-32-546"}}]}},{"id":"49258884-b2f0-4a4e-b66a-6954bb8473bf","name":"DenyLogOnAsBatchJob","description":"Deny log on as a batch job","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/DenyLogOnAsBatchJob","get":"Result/UserRights/DenyLogOnAsBatchJob"}},"schema":{"type":"string"},"default":"*S-1-5-32-546","compliance":{"delimiter":",","allOf":[{"contains":{"const":"*S-1-5-32-546"}}]}},{"id":"3b993f8f-245d-4f4e-9e8b-f94cbc71c3f6","name":"DenyLogOnAsService","description":"Deny log on as a service","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/DenyLogOnAsService","get":"Result/UserRights/DenyLogOnAsService"}},"schema":{"type":"string"},"default":"*S-1-5-32-546","compliance":{"delimiter":",","allOf":[{"contains":{"const":"*S-1-5-32-546"}}]}},{"id":"60e0c2c9-0b14-44fe-83d6-2b7095e06674","name":"DenyRemoteDesktopServicesLogOn","description":"Deny remote desktop access to this computer","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/DenyRemoteDesktopServicesLogOn","get":"Result/UserRights/DenyRemoteDesktopServicesLogOn"}},"schema":{"type":"string"},"default":"*S-1-5-32-546","compliance":{"delimiter":",","allOf":[{"contains":{"const":"*S-1-5-32-546"}}]}},{"id":"5046d960-670d-4fef-973a-cf242a97147e","name":"DetailedTracking_AuditPNPActivity","description":"Audit when plug and play detects an external device","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/DetailedTracking_AuditPNPActivity","get":"Result/Audit/DetailedTracking_AuditPNPActivity"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"6b3dc518-61f4-4a47-920c-0411674596a0","name":"DetailedTracking_AuditProcessCreation","description":"Audit events generated when a process is created or starts","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/DetailedTracking_AuditProcessCreation","get":"Result/Audit/DetailedTracking_AuditProcessCreation"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"name":"DeviceGuard_Locked","description":"DeviceGuard Locked","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\DeviceGuard","value":"Locked"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"DeviceGuard_RequireMicrosoftSignedBootChain","description":"DeviceGuard RequireMicrosoftSignedBootChain","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\DeviceGuard","value":"RequireMicrosoftSignedBootChain"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"DeviceGuard_RequirePlatformSecurityFeatures","description":"DeviceGuard RequirePlatformSecurityFeatures","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\DeviceGuard","value":"RequirePlatformSecurityFeatures"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"enum":[1,3]}},{"name":"Devices_AllowUndockWithoutHavingToLogon","description":"Devices: Allow undock without having to log on","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"UndockWithoutLogon"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"5502808d-7049-4378-b9f7-038b70777483","name":"Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters","description":"Devices: Prevent users from installing printer drivers","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Print\\Providers\\LanMan Print Services\\Servers","value":"AddPrinterDrivers"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"name":"Disable_Windows_Error_Reporting","description":"Disable Windows Error Reporting","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting","value":"Disabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"7b2c4a66-7e3a-421e-9e2b-ccb11762b20e","name":"DisableDownloadingOfPrintDriversOverHTTP","description":"Turn off downloading of print drivers over HTTP","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Printers","value":"DisableWebPnPDownload"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"21c5bcb7-432e-4eaa-a01a-0cda8db73e62","name":"DisableEnclosureDownloading","description":"Prevent downloading of enclosures","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds","value":"DisableEnclosureDownload"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"DisablePrintingOverHTTP","description":"Turn off printing over HTTP","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Printers","value":"DisableHTTPPrinting"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"5fc2dc21-a630-45ee-a62d-5e3d87a45a84","name":"Disallow_WinRM_Storing_RunAs_Creds","description":"Disallow WinRM from storing RunAs credentials","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WinRM\\Service","value":"DisableRunAs"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"420cf8af-038e-4d06-89a4-aa8bfaec0191","name":"DisallowAutoplayForNonVolumeDevices","description":"Disallow Autoplay for non-volume devices","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Explorer","value":"NoAutoplayfornonVolume"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"34edb7eb-697c-4be9-8830-5aa5b031372e","name":"DisallowDigestAuthentication","description":"Disallow Digest authentication","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WinRM\\Client","value":"AllowDigest"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"Dnscache_Disable_LLMNR","description":"Disabling Name Resolution using LLMNR","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Dnscache\\Parameters","value":"EnableMulticast"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"Dnscache_Disable_Netbios","description":"Disabling Name Resolution using NETBIOS","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Dnscache\\Parameters","value":"EnableNetbios"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"94276972-d64d-43bc-ae92-8b609f2d114b","name":"DNSClient_EnableMulticast","description":"Turn off multicast name resolution","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\DNSClient","value":"EnableMulticast"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"3b8a1eba-64e5-4117-b7bc-2cf5042de658","name":"DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways","description":"Domain member: Digitally encrypt or sign secure channel data (always)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Netlogon\\Parameters","value":"RequireSignOrSeal"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"915714e9-c2ae-42af-a391-c289db580e08","name":"DomainMember_DigitallyEncryptSecureChannelDataWhenPossible","description":"Domain member: Digitally encrypt secure channel data (when possible)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Netlogon\\Parameters","value":"SealSecureChannel"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"b399c529-eeec-48dd-92e5-f1b2e14f12c9","name":"DomainMember_DigitallySignSecureChannelDataWhenPossible","description":"Domain member: Digitally sign secure channel data (when possible)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Netlogon\\Parameters","value":"SignSecureChannel"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"cb4110e4-23c8-46ab-9202-497a70efd077","name":"DomainMember_DisableMachineAccountPasswordChanges","description":"Domain member: Disable machine account password changes","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Netlogon\\Parameters","value":"DisablePasswordChange"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"name":"DomainMember_MaximumMachineAccountPasswordAge","description":"Domain member: Maximum machine account password age","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Netlogon\\Parameters","value":"MaximumPasswordAge"},"schema":{"type":"integer","minimum":0,"maximum":999},"default":30,"compliance":{"const":30}},{"id":"ed9a6795-2803-4b77-9fc8-04f74aef49ed","name":"DomainMember_RequireStrongSessionKey","description":"Domain member: Require strong (Windows 2000 or later) session key","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Netlogon\\Parameters","value":"RequireStrongKey"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"3085af32-217a-4e4b-ba6c-a81c342f8d2c","name":"DoNotAllowDriveRedirection","description":"Do not allow drive redirection","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services","value":"fDisableCdm"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"1ce9d867-2a1f-4e0d-8ee9-bc3606f9302c","name":"DontDisplayNetworkSelectionUI","description":"Do not display network selection UI","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System","value":"DontDisplayNetworkSelectionUI"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"29395413-af1d-4052-86c4-2b059fd4a778","name":"DSAccess_AuditDirectoryServiceAccess","description":"Audit directory service access","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/DSAccess_AuditDirectoryServiceAccess","get":"Result/Audit/DSAccess_AuditDirectoryServiceAccess"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":2}},{"id":"6e6cd31c-e045-4b04-9fad-475aef45dd15","name":"DSAccess_AuditDirectoryServiceChanges","description":"Audit Directory Service Changes","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/DSAccess_AuditDirectoryServiceChanges","get":"Result/Audit/DSAccess_AuditDirectoryServiceChanges"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"name":"DTLS10_Client_Enabled","description":"DTLS1.0 is not enabled - client","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\DTLS 1.0\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"DTLS10_Server_Enabled","description":"DTLS1.0 is not enabled - server","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\DTLS 1.0\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"DTLS12_Client_Enabled","description":"DTLS1.2 is enabled - client","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\DTLS 1.2\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"DTLS12_Server_Enabled","description":"DTLS1.2 is enabled - Server","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\DTLS 1.2\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"3c336cee-a852-4673-82e9-c7e130af7bc7","name":"EarlyLaunch_DriverLoadPolicy","description":"Boot-Start Driver Initialization Policy","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Policies\\EarlyLaunch","value":"DriverLoadPolicy"},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"oneOf":[{"const":3},{"const":null}]}},{"name":"Enable_CredGuard_No_UEFI_Lock","description":"Turn On Credential Guard without UEFI lock","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"LsaCfgFlags"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"name":"Enable_LSA_PPL_Protection","description":"Enable LSA PPL Protection","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"RunAsPPL"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"id":"045634b9-61c9-414f-ad91-74dcfee9c076","name":"EnableDelegation","description":"Enable computer and user accounts to be trusted for delegation","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/EnableDelegation","get":"Result/UserRights/EnableDelegation"}},"schema":{"type":"string"},"default":"","compliance":{"const":""}},{"id":"09ed81b2-8dba-4009-84f9-dcfd6009ed0d","name":"EnableInsecureGuestLogons","description":"Enable insecure guest logons","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\LanmanWorkstation","value":"AllowInsecureGuestAuth"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"1e3ae441-8bd6-4736-94aa-ac56a430131c","name":"EnableSmartScreen","description":"Configure Windows Defender SmartScreen","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System","value":"EnableSmartScreen"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"e6eab28a-1dc8-4fb5-b88b-4e10f239e67c","name":"EnumerateAdministrators","description":"Enumerate administrator accounts on elevation","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\CredUI","value":"EnumerateAdministrators"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"5bfb71c2-897f-4ccb-b7d5-7181b1f2527a","name":"EventLog_Setup_MaxSize","description":"Setup: Specify the maximum log file size (KB)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\EventLog\\Setup","value":"MaxSize"},"schema":{"type":"integer","minimum":0,"maximum":32768},"default":32768,"compliance":{"minimum":32768}},{"name":"FVE_EncryptionMethodWithXtsFdv","description":"FVE EncryptionMethodWithXtsFdv","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"EncryptionMethodWithXtsFdv"},"schema":{"type":"integer","maximum":7},"default":7,"compliance":{"const":7}},{"name":"FVE_EncryptionMethodWithXtsOs","description":"FVE EncryptionMethodWithXtsOs","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"EncryptionMethodWithXtsOs"},"schema":{"type":"integer","maximum":7},"default":7,"compliance":{"const":7}},{"name":"FVE_EncryptionMethodWithXtsRdv","description":"FVE EncryptionMethodWithXtsRdv","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"EncryptionMethodWithXtsRdv"},"schema":{"type":"integer","maximum":7},"default":7,"compliance":{"const":7}},{"name":"FVE_FDVActiveDirectoryBackup","description":"FVE FDVActiveDirectoryBackup","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVActiveDirectoryBackup"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_FDVActiveDirectoryInfoToStore","description":"FVE FDVActiveDirectoryInfoToStore","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVActiveDirectoryInfoToStore"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_FDVHideRecoveryPage","description":"FVE FDVHideRecoveryPage","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVHideRecoveryPage"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"FVE_FDVManageDRA","description":"FVE FDVManageDRA","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVManageDRA"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_FDVRecovery","description":"FVE FDVRecovery","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVRecovery"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_FDVRecoveryKey","description":"FVE FDVRecoveryKey","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVRecoveryKey"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"name":"FVE_FDVRecoveryPassword","description":"FVE FDVRecoveryPassword","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVRecoveryPassword"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"name":"FVE_FDVRequireActiveDirectoryBackup","description":"FVE FDVRequireActiveDirectoryBackup","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"FDVRequireActiveDirectoryBackup"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"FVE_OSActiveDirectoryBackup","description":"FVE OSActiveDirectoryBackup","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSActiveDirectoryBackup"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_OSActiveDirectoryInfoToStore","description":"FVE OSActiveDirectoryInfoToStore","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSActiveDirectoryInfoToStore"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_OSHideRecoveryPage","description":"FVE OSHideRecoveryPage","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSHideRecoveryPage"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"FVE_OSManageDRA","description":"FVE OSManageDRA","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSManageDRA"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_OSRecovery","description":"FVE OSRecovery","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSRecovery"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"FVE_OSRecoveryKey","description":"FVE OSRecoveryKey","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSRecoveryKey"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"name":"FVE_OSRecoveryPassword","description":"FVE OSRecoveryPassword","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSRecoveryPassword"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"name":"FVE_OSRequireActiveDirectoryBackup","description":"FVE OSRequireActiveDirectoryBackup","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE","value":"OSRequireActiveDirectoryBackup"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"46e66c68-266e-4bdc-9ebe-4c5164c0acfe","name":"GenerateSecurityAudits","description":"Generate security audits","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/GenerateSecurityAudits","get":"Result/UserRights/GenerateSecurityAudits"}},"schema":{"type":"string"},"default":"*S-1-5-20,*S-1-5-19","compliance":{"delimiter":",","items":{"enum":["*S-1-5-19","*S-1-5-20","*S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415"]}}},{"name":"IE_Feature_Enable_Print_Info_Disclosure_Fix","description":"IE Feature Enable Print Info Disclosure Fix","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\WOW6432Node\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX","value":"iexplore.exe"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"8718a173-58d6-42ab-a37d-0819c398b5f5","name":"ImpersonateClient","description":"Impersonate a client after authentication","severity":"important","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ImpersonateClient","get":"Result/UserRights/ImpersonateClient"}},"schema":{"type":"string"},"default":"*S-1-5-20,*S-1-5-19,*S-1-5-6,*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-6","*S-1-5-19","*S-1-5-20"]}}},{"id":"23d0f843-e7bf-40e9-82cb-6299b35e52ab","name":"IncreaseProcessWorkingSet","description":"Increase a process working set","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/IncreaseProcessWorkingSet","get":"Result/UserRights/IncreaseProcessWorkingSet"}},"schema":{"type":"string"},"default":"*S-1-5-32-544,*S-1-5-19","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-19"]}}},{"id":"69a86f33-b475-407e-a09f-55e78ca4e473","name":"IncreaseSchedulingPriority","description":"Increase scheduling priority","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/IncreaseSchedulingPriority","get":"Result/UserRights/IncreaseSchedulingPriority"}},"schema":{"type":"string"},"default":"*S-1-5-32-544,*S-1-5-90-0","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-90-0"]}}},{"id":"11ca2201-2673-4f04-bad3-3265e1a53a5b","name":"InputPersonalization_AllowInputPersonalization","description":"Allow Input Personalization","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization","value":"AllowInputPersonalization"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"9e11215f-9b0b-4ca6-ad5b-d1a0c989af36","name":"InteractiveLogon_DoNotDisplayLastSignedIn","description":"Interactive logon: Don't display last signed-in","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"DontDisplayLastUserName"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"c2e85522-5e4f-4295-8111-5b2ab815af32","name":"InteractiveLogon_DoNotRequireCTRLALTDEL","description":"Interactive logon: Do not require CTRL+ALT+DEL","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"DisableCAD"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"691b418f-e20e-4d4a-b084-3b7563f38879","name":"InteractiveLogon_MachineInactivityLimit","description":"Interactive logon: Machine inactivity limit","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"InactivityTimeoutSecs"},"schema":{"type":"integer","minimum":0,"maximum":599940},"default":900,"compliance":{"minimum":1,"maximum":900}},{"id":"032b9c30-0082-4199-b1ae-2f1fcafd59c6","name":"InteractiveLogon_PromptUserToChangePasswordBeforeExpiration","description":"Interactive logon: Prompt user to change password before expiration","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon","value":"PasswordExpiryWarning"},"schema":{"type":"integer","minimum":0,"maximum":999},"default":5,"compliance":{"minimum":5,"maximum":14}},{"name":"InteractiveLogon_RequireDomainControllerAuthenticationToUnlock","description":"Interactive logon: Require Domain Controller authentication to unlock workstation","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon","value":"ForceUnlockLogon"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"InteractiveLogon_RequireWindowsHelloForBusinessOrSmartCard","description":"Interactive logon: Require Windows Hello for Business or smart card","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"ScForceOption"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"InteractiveLogon_SmartCardRemovalBehavior","description":"Interactive logon: Smart card removal behavior","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon","value":"ScRemoveOption"},"schema":{"type":"string","enum":["0","1","2","3"]},"default":"1","compliance":{"const":"1"}},{"id":"0571e435-5c84-48bb-b1c9-6e7eae13715a","name":"InternetConnectionWizard_ExitOnMSICW","description":"Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Internet Connection Wizard","value":"ExitOnMSICW"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"276603c5-bd48-407a-949f-6dbbb5b3f61d","name":"IPSourceRoutingProtectionLevel","description":"The system must be configured to prevent IP source routing","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Tcpip\\Parameters","value":"DisableIPSourceRouting"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"id":"d0b4769e-bbfa-4fe0-b6e8-1fd4977d76dd","name":"IPv6SourceRoutingProtectionLevel","description":"IPv6 source routing must be configured to highest protection","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Tcpip6\\Parameters","value":"DisableIPSourceRouting"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"name":"KeyExchangeAlgorithms_Diffie_Hellman_Enabled","description":"Disable schannel KeyExchangeAlgorithms Diffie-Hellman","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\KeyExchangeAlgorithms\\Diffie-Hellman","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"514725e3-fa3e-4f3a-9d58-a31449937003","name":"Limit_PrintDriver_Installation_Administrators","description":"Limits print driver installation to Administrators","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint","value":"RestrictDriverInstallationToAdministrators"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"50f4447d-0bdd-4e8c-ba06-2e0b22ec5d04","name":"LoadUnloadDeviceDrivers","description":"Load and unload device drivers","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/LoadUnloadDeviceDrivers","get":"Result/UserRights/LoadUnloadDeviceDrivers"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-32-550"]}}},{"id":"6e635d8c-3496-4c66-b734-c46ebccc5d38","name":"LockMemory","description":"Lock pages in memory","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/LockMemory","get":"Result/UserRights/LockMemory"}},"schema":{"type":"string"},"default":"","compliance":{"const":""}},{"name":"LogOnAsBatchJob","description":"Log on as a batch job","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/LogOnAsBatchJob","get":"Result/UserRights/LogOnAsBatchJob"}},"schema":{"type":"string"},"default":"*S-1-5-32-544,*S-1-5-32-551,*S-1-5-32-559","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-32-551","*S-1-5-32-559"]},"unevaluatedItems":false}},{"name":"LogOnAsService","description":"Log on as a service","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/LogOnAsService","get":"Result/UserRights/LogOnAsService"}},"schema":{"type":"string"},"default":"*S-1-5-80-0,*S-1-5-83-0,*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-80-0","*S-1-5-83-0","*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"5d72b92f-e6b0-4898-b24a-49241c3a70a4","name":"ManageAuditingAndSecurityLog","description":"Manage auditing and security log","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ManageAuditingAndSecurityLog","get":"Result/UserRights/ManageAuditingAndSecurityLog"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"506fa45a-f043-46b0-bca9-da87e2f2618b","name":"ManageVolume","description":"Perform volume maintenance tasks","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ManageVolume","get":"Result/UserRights/ManageVolume"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"d43b43ec-abd0-4420-ba8c-d4e53b057205","name":"MaximumPasswordAge","description":"Maximum password age","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/DeviceLock/MaximumPasswordAge","get":"Result/DeviceLock/MaximumPasswordAge"}},"schema":{"type":"integer","maximum":999},"default":42,"compliance":{"minimum":1,"maximum":70}},{"id":"36f1578b-8702-488a-b213-6e30963e8958","name":"MessageTextUserLogon","description":"Interactive logon: Message text for users attempting to log on","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"LegalNoticeText"},"schema":{"type":"string"},"compliance":{"not":{"oneOf":[{"const":""},{"const":null}]}}},{"id":"80cb1237-8de9-4124-b6bc-b077e67f2557","name":"MessageTextUserLogonTitle","description":"Interactive logon: Message title for users attempting to log on","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"LegalNoticeCaption"},"schema":{"type":"string"},"compliance":{"not":{"oneOf":[{"const":""},{"const":null}]}}},{"id":"41a8be7d-69bd-48f4-ae77-9568cf7b15d1","name":"MicrosoftNetworkClient_DigitallySignCommunicationsAlways","description":"Microsoft network client: Digitally sign communications (always)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LanmanWorkstation\\Parameters","value":"RequireSecuritySignature"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"a14a2808-588b-4233-b342-9dc1cecf2b0a","name":"MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers","description":"Microsoft network client: Send unencrypted password to third-party SMB servers","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LanmanWorkstation\\Parameters","value":"EnablePlainTextPassword"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"4383c5e5-ea15-4e94-a170-fd61b3fda9f1","name":"MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession","description":"Microsoft network server: Amount of idle time required before suspending session","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LanManServer\\Parameters","value":"AutoDisconnect"},"schema":{"type":"integer","minimum":0,"maximum":15},"default":15,"compliance":{"minimum":1,"maximum":15}},{"id":"032b5976-1c4b-4c68-bc5d-0c65e35306b2","name":"MicrosoftNetworkServer_DigitallySignCommunicationsAlways","description":"Microsoft network server: Digitally sign communications (always)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LanManServer\\Parameters","value":"RequireSecuritySignature"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"45bdfbf8-155f-41f8-b9cf-72f1ba26c5be","name":"MinimumPasswordAge","description":"Minimum password age","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/DeviceLock/MinimumPasswordAge","get":"Result/DeviceLock/MinimumPasswordAge"}},"schema":{"type":"integer","minimum":0,"maximum":998},"default":1,"compliance":{"minimum":1}},{"id":"910405d5-3ee9-427c-baf1-77c69c7c209d","name":"ModifyFirmwareEnvironment","description":"Modify firmware environment values","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ModifyFirmwareEnvironment","get":"Result/UserRights/ModifyFirmwareEnvironment"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"16f2e42a-e89d-43a3-b904-cb4d312a8e4a","name":"NetworkAccess_AllowAnonymousSIDOrNameTranslation","description":"Network access: Allow anonymous SID/name translation","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/LocalPoliciesSecurityOptions/NetworkAccess_AllowAnonymousSIDOrNameTranslation","get":"Result/LocalPoliciesSecurityOptions/NetworkAccess_AllowAnonymousSIDOrNameTranslation"}},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"9503a7be-372f-4591-9dcd-f7de48b7f7e8","name":"NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts","description":"Network access: Do not allow anonymous enumeration of SAM accounts","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"RestrictAnonymousSAM"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"87822480-3af9-4cf1-b0d2-93ceb957b129","name":"NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares","description":"Network access: Do not allow anonymous enumeration of SAM accounts and shares","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"RestrictAnonymous"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication","description":"Network access: Do not allow storage of passwords and credentials for network authentication","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"DisableDomainCreds"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"f97fe90f-c009-4139-8562-9893e9c49b44","name":"NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers","description":"Network access: Let Everyone permissions apply to anonymous users","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"EveryoneIncludesAnonymous"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"f55109a7-2248-4c55-a7b0-bebdcb9530d5","name":"NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares","description":"Network access: Restrict anonymous access to Named Pipes and Shares","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LanManServer\\Parameters","value":"RestrictNullSessAccess"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"3e42b5fc-08b2-4a9a-ad80-dafe9033cbc3","name":"NetworkAccess_SharingAndSecurityModelForLocalAccounts","description":"Network access: Sharing and security model for local accounts","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"ForceGuest"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"357272d2-2018-455e-935c-8777473661dd","name":"NetworkConnections_NC_AllowNetBridge_NLA","description":"Prohibit installation and configuration of Network Bridge on your DNS domain network","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Network Connections","value":"NC_AllowNetBridge_NLA"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"4b2ea54f-7c16-4490-8687-cc52c3135b7e","name":"NetworkConnections_NC_ShowSharedAccessUI","description":"Prohibit use of Internet Connection Sharing on your DNS domain network","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Network Connections","value":"NC_ShowSharedAccessUI"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"0b2803c7-33ac-4407-80f0-f09940bbe940","name":"NetworkSecurity_AllowLocalSystemNULLSessionFallback","description":"Network security: Allow LocalSystem NULL session fallback","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\MSV1_0","value":"Allownullsessionfallback"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"e7d5034f-5652-4180-90c8-c49130acb3c6","name":"NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM","description":"Network security: Allow Local System to use computer identity for NTLM","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"UseMachineId"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"979ae5a3-dba6-47b1-9644-7e74ed6d7eae","name":"NetworkSecurity_ConfigureEncryptionTypesAllowedForKerberos","description":"Network security: Configure encryption types allowed for Kerberos","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\Parameters","value":"SupportedEncryptionTypes"},"schema":{"type":"integer","minimum":0,"maximum":2147483644},"default":2147483640,"compliance":{"oneOf":[{"const":2147483640},{"const":null}]}},{"id":"9170cd13-5ab9-4c68-8904-a88756b36c6e","name":"NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange","description":"Network security: Do not store LAN Manager hash value on next password change","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"NoLMHash"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"name":"NetworkSecurity_ForceLogoffWhenLogonHoursExpire","description":"Network security: Force logoff when logon hours expire","severity":"important","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/LocalPoliciesSecurityOptions/NetworkSecurity_ForceLogoffWhenLogonHoursExpire","get":"Result/LocalPoliciesSecurityOptions/NetworkSecurity_ForceLogoffWhenLogonHoursExpire"}},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"315cc7e3-7252-47ce-af2f-9abf243fac16","name":"NetworkSecurity_LANManagerAuthenticationLevel","description":"Network security: LAN Manager authentication level","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa","value":"LmCompatibilityLevel"},"schema":{"type":"integer","minimum":0,"maximum":5},"default":5,"compliance":{"const":5}},{"id":"4ff2ed85-48d7-4e38-bdb8-6c7df3286882","name":"NetworkSecurity_LDAPClientSigningRequirements","description":"Network security: LDAP client signing requirements","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LDAP","value":"LDAPClientIntegrity"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":1,"compliance":{"minimum":1,"maximum":2}},{"id":"2a074d39-eee4-4bfe-b1e7-4132c033a762","name":"NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients","description":"Network security: Minimum session security for NTLM SSP based (including secure RPC) clients","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\MSV1_0","value":"NTLMMinClientSec"},"schema":{"type":"integer","enum":[0,524288,536870912,537395200]},"default":537395200,"compliance":{"const":537395200}},{"id":"6ed9ad58-c9de-4a8b-9512-8fe5421ac8a7","name":"NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers","description":"Network security: Minimum session security for NTLM SSP based (including secure RPC) servers - Require 128-bit encryption","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\MSV1_0","value":"NTLMMinServerSec"},"schema":{"type":"integer","enum":[0,524288,536870912,537395200]},"default":537395200,"compliance":{"const":537395200}},{"id":"b2e8d5f9-3d4e-4b8b-b6a1-ddcd60f437b9","name":"NoGPOListChanges","description":"Process even if the Group Policy objects have not changed","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Group Policy\\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}","value":"NoGPOListChanges"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"NonSecurity_MaxEnvelopeSizeInKb","description":"Max Envelope Size in KB","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WSMAN\\Client","value":"MaxEnvelopeSize"},"schema":{"type":"integer","maximum":8192},"default":8192,"compliance":{"const":8192}},{"id":"04212107-de72-4eb7-a427-1876b5604a98","name":"ObjectAccess_AuditDetailedFileShare","description":"Audit failed attempts to access files and folders on a shared folder","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/ObjectAccess_AuditDetailedFileShare","get":"Result/Audit/ObjectAccess_AuditDetailedFileShare"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":2,"compliance":{"minimum":2}},{"id":"1926dc04-79ea-4a6e-9e35-892c27876bf5","name":"ObjectAccess_AuditFileShare","description":"Audit attempts to access a shared folder","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/ObjectAccess_AuditFileShare","get":"Result/Audit/ObjectAccess_AuditFileShare"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"name":"ObjectAccess_AuditFilteringPlatformConnection","description":"Audit Filtering Platform Connection","severity":"informational","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/ObjectAccess_AuditFilteringPlatformConnection","get":"Result/Audit/ObjectAccess_AuditFilteringPlatformConnection"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":2,"compliance":{"const":2}},{"name":"ObjectAccess_AuditFilteringPlatformPacketDrop","description":"Audit Filtering Platform Packet Drop","severity":"informational","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/ObjectAccess_AuditFilteringPlatformPacketDrop","get":"Result/Audit/ObjectAccess_AuditFilteringPlatformPacketDrop"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":2,"compliance":{"const":2}},{"id":"acd96120-83a4-44a9-9e62-127012287e49","name":"ObjectAccess_AuditOtherObjectAccessEvents","description":"Audit events generated by the management of task scheduler jobs or COM+ objects","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/ObjectAccess_AuditOtherObjectAccessEvents","get":"Result/Audit/ObjectAccess_AuditOtherObjectAccessEvents"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"b88b1d85-5f3c-4235-91ab-6d8b5e767311","name":"ObjectAccess_AuditRemovableStorage","description":"Audit Removable Storage","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/ObjectAccess_AuditRemovableStorage","get":"Result/Audit/ObjectAccess_AuditRemovableStorage"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"name":"OSPlatformValidation_UEFI_Enabled","description":"Configure TPM platform validation profile for native UEFI firmware configurations","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\OSPlatformValidation_UEFI","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"299d1595-5ab2-4ef5-b287-6477c0df5178","name":"PasswordComplexity","description":"Password must meet complexity requirements - method implemented already - SamSetPolicyValue_AccountPolicies_PasswordMustMeetComplexityRequirement","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/DeviceLock/PasswordComplexity","get":"Result/DeviceLock/PasswordComplexity"}},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"dad8097d-db46-4df3-9839-a8504e60c878","name":"PasswordHistorySize","description":"Enforce password history","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/DeviceLock/PasswordHistorySize","get":"Result/DeviceLock/PasswordHistorySize"}},"schema":{"type":"integer","minimum":0,"maximum":24},"default":24,"compliance":{"minimum":24}},{"name":"Personalization_NoLockScreenCamera","description":"Prevent enabling lock screen camera","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization","value":"NoLockScreenCamera"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"de7af76f-e469-4a4e-94fd-99f0cccd54b6","name":"Policies_System_MSAOptional","description":"Allow Microsoft accounts to be optional","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"MSAOptional"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"42db0bec-e47f-49f6-a0af-59798f0feefe","name":"PolicyChange_AuditAuthenticationPolicyChange","description":"Audit Authentication Policy Change","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/PolicyChange_AuditAuthenticationPolicyChange","get":"Result/Audit/PolicyChange_AuditAuthenticationPolicyChange"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"ca5d1a59-f141-441d-a57e-6f8bdf078ff3","name":"PolicyChange_AuditAuthorizationPolicyChange","description":"Audit Authorization Policy Change","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/PolicyChange_AuditAuthorizationPolicyChange","get":"Result/Audit/PolicyChange_AuditAuthorizationPolicyChange"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"f6c7cdd1-b504-4e9e-a272-1aa2f441daa3","name":"PolicyChange_AuditMPSSVCRuleLevelPolicyChange","description":"Audit MPSSVC Rule-Level Policy Change","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/PolicyChange_AuditMPSSVCRuleLevelPolicyChange","get":"Result/Audit/PolicyChange_AuditMPSSVCRuleLevelPolicyChange"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"88b87546-b3c8-434f-9cc6-01e117033296","name":"PolicyChange_AuditOtherPolicyChangeEvents","description":"Audit events generated by other security policy changes that are not audited in the policy change category","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/PolicyChange_AuditOtherPolicyChangeEvents","get":"Result/Audit/PolicyChange_AuditOtherPolicyChangeEvents"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":2,"compliance":{"minimum":2}},{"id":"d5db6e13-eef5-45ac-a8f3-18a0b1fcd8f9","name":"PolicyChange_AuditPolicyChange","description":"Audit Audit Policy Change","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/PolicyChange_AuditPolicyChange","get":"Result/Audit/PolicyChange_AuditPolicyChange"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"name":"PreventLockScreenSlideShow","description":"Prevent enabling lock screen slide show","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization","value":"NoLockScreenSlideshow"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"aa426f30-e6ff-4c6a-9d59-2ef82a504157","name":"PrivilegeUse_AuditSensitivePrivilegeUse","description":"Audit Sensitive Privilege Use","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/PrivilegeUse_AuditSensitivePrivilegeUse","get":"Result/Audit/PrivilegeUse_AuditSensitivePrivilegeUse"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"aec3dc3b-3625-47ea-8e11-fef4b1be8adb","name":"ProfileSingleProcess","description":"Profile single process","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ProfileSingleProcess","get":"Result/UserRights/ProfileSingleProcess"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"e61c2d81-389a-4e59-bf19-2a6db7a0dc0b","name":"ProfileSystemPerformance","description":"Profile system performance","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ProfileSystemPerformance","get":"Result/UserRights/ProfileSystemPerformance"}},"schema":{"type":"string"},"default":"*S-1-5-32-544,*S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420"]}}},{"name":"RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders","description":"Recovery console: Allow floppy copy and access to all drives and all folders","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Setup\\RecoveryConsole","value":"SetCommand"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"feb86a88-2259-4ba0-b68e-2dbb7a43b4ce","name":"RemoteHostAllowsDelegationOfNonExportableCredentials","description":"Remote host allows delegation of non-exportable credentials","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CredentialsDelegation","value":"AllowProtectedCreds"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"3531261f-1644-4d10-9242-8e35ef386a83","name":"RemoteShutdown","description":"Force shutdown from a remote system","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/RemoteShutdown","get":"Result/UserRights/RemoteShutdown"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"e8b0cc71-407d-4de9-a8db-4c60ef3ac70a","name":"RenameAdministratorAccount","description":"Accounts: Rename administrator account","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount","get":"Result/LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount"}},"schema":{"type":"string"},"compliance":{"not":{"const":"Administrator"}}},{"id":"08a4b141-c737-404e-8617-9830268e8bfa","name":"ReplaceProcessLevelToken","description":"Replace a process level token","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ReplaceProcessLevelToken","get":"Result/UserRights/ReplaceProcessLevelToken"}},"schema":{"type":"string"},"default":"*S-1-5-19,*S-1-5-20","compliance":{"delimiter":",","items":{"enum":["*S-1-5-19","*S-1-5-20"]}}},{"name":"RequirePasswordWhenComputerWakesOnBattery","description":"Require a password when a computer wakes (on battery)","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Power\\PowerSettings\\0e796bdb-100d-47d6-a2d5-f7d2daa51f51","value":"DCSettingIndex"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"RequirePasswordWhenComputerWakesPluggedIn","description":"Require a password when a computer wakes (plugged in)","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Power\\PowerSettings\\0e796bdb-100d-47d6-a2d5-f7d2daa51f51","value":"ACSettingIndex"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"01d9a108-3379-4c5a-8236-1a724bcccff1","name":"RequireSecureRPCCommunication","description":"Require secure RPC communication","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services","value":"fEncryptRPCTraffic"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"1baa8699-ca1c-466b-b17c-f8eab728b0ee","name":"RestoreFilesAndDirectories","description":"Restore files and directories","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/RestoreFilesAndDirectories","get":"Result/UserRights/RestoreFilesAndDirectories"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-32-551"]}}},{"name":"Schannel_Hashes_MD5_Enabled","description":"Disable MD5","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\Schannel\\Hashes\\MD5","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"Schannel_Hashes_SHA_Enabled","description":"Disable SHA1","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\Schannel\\Hashes\\SHA","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"7869ddef-04ab-4cc5-90f2-5e6fd1540cba","name":"SetDefaultAutoRunBehavior","description":"Default AutoRun Behavior","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer","value":"NoAutorun"},"schema":{"type":"integer","maximum":2},"default":1,"compliance":{"const":1}},{"id":"fa4d7c0b-987e-47f6-bf8b-f38f49e7c00b","name":"Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn","description":"Shutdown: Allow system to be shut down without having to log on","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"ShutdownWithoutLogon"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"7470f80e-a3d3-4ca9-84e8-7a97a317b2e1","name":"Shutdown_ClearVirtualMemoryPageFile","description":"Shutdown: Clear virtual memory pagefile","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Session Manager\\Memory Management","value":"ClearPageFileAtShutdown"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"ef0eefbb-e845-47f3-af9a-3409296d3264","name":"ShutDownTheSystem","description":"Shut down the system","severity":"warning","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/ShutDownTheSystem","get":"Result/UserRights/ShutDownTheSystem"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544","*S-1-5-32-551"]}}},{"name":"SideChannel_AttackMitigation_FeatureSettingsOverride","description":"Configuring speculative execution side-channel mitigation FeatureSettingsOverride","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Session Manager\\Memory Management","value":"FeatureSettingsOverride"},"schema":{"type":"integer","minimum":0,"maximum":83886152},"default":83886152,"compliance":{"const":83886152}},{"name":"SideChannel_AttackMitigation_FeatureSettingsOverride_Mask","description":"Configuring speculative execution side-channel mitigation FeatureSettingsOverrideMask","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Session Manager\\Memory Management","value":"FeatureSettingsOverrideMask"},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"name":"SideChannel_AttackMitigation_Virtualization_MinVmVersionForCpuBasedMitigations","description":"Protect against microarchitectural and execution side-channel vulnerabilities","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Virtualization","value":"MinVmVersionForCpuBasedMitigations"},"schema":{"type":"string"},"default":"1.0","compliance":{"const":"1.0"}},{"name":"SSL_Cryptography_Configuration_00010002","description":"SSL Cryptography Configuration Policies","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\Configuration\\SSL\\00010002","value":"Functions"},"schema":{"type":"string","delimiter":",","items":{"enum":["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_NULL_SHA256","TLS_RSA_WITH_NULL_SHA","TLS_PSK_WITH_AES_256_GCM_SHA384","TLS_PSK_WITH_AES_128_GCM_SHA256","TLS_PSK_WITH_AES_256_CBC_SHA384","TLS_PSK_WITH_AES_128_CBC_SHA256","TLS_PSK_WITH_NULL_SHA384","TLS_PSK_WITH_NULL_SHA256"]}},"default":"TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","compliance":{"delimiter":",","items":{"enum":["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"]}}},{"name":"SSL20_Client_Enabled","description":"SSL2.0 is not enabled - client","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"SSL20_Server_Enabled","description":"SSL2.0 is not enabled - server","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"SSL30_Client_Enabled","description":"SSL3.0 is not enabled - client","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"SSL30_Server_Enabled","description":"SSL3.0 is not enabled - server","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"5c532b76-16c0-4a8c-ac67-015b93f458dc","name":"System_AuditIPsecDriver","description":"Audit IPsec Driver","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/System_AuditIPsecDriver","get":"Result/Audit/System_AuditIPsecDriver"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":3}},{"id":"3f78e74e-1601-4bcc-b2c0-5408642d4b81","name":"System_AuditOtherSystemEvents","description":"Audit Other System Events","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/System_AuditOtherSystemEvents","get":"Result/Audit/System_AuditOtherSystemEvents"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"8042f614-f21e-4dca-ba3f-c8b25523b6b2","name":"System_AuditSecuritySystemExtension","description":"Audit Security System Extension","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/System_AuditSecuritySystemExtension","get":"Result/Audit/System_AuditSecuritySystemExtension"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"minimum":1}},{"id":"d5056b06-4651-4698-b5d2-83e6b092e471","name":"System_AuditSystemIntegrity","description":"Audit System Integrity","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/Audit/System_AuditSystemIntegrity","get":"Result/Audit/System_AuditSystemIntegrity"}},"schema":{"type":"integer","minimum":0,"maximum":3},"default":3,"compliance":{"const":3}},{"id":"cac31d47-c8ea-440f-af85-7697f483b21e","name":"System_BlockUserFromShowingAccountDetailsOnSignin","description":"Block user from showing account details on sign-in","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System","value":"BlockUserFromShowingAccountDetailsOnSignin"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"4a1c7313-02f4-46a3-a16f-5b4a12db44e4","name":"System_DomainJoined_DoNotEnumConnectedUsers","description":"Do not enumerate connected users on domain-joined computers","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System","value":"DontEnumerateConnectedUsers"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"System_Policies_NtfsEncryptPagingFile","description":"System Policies NtfsEncryptPagingFile","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Policies","value":"NtfsEncryptPagingFile"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"System_Services_Afd_DisableAddressSharing","description":"System Services Afd DisableAddressSharing","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Afd\\Parameters","value":"DisableAddressSharing"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"a07ccc0e-fc6a-48d7-a46c-9c7d464c5439","name":"SystemCryptography_ForceStrongKeyProtection","description":"System cryptography: Force strong key protection for user keys stored on the computer","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Cryptography","value":"ForceKeyProtection"},"schema":{"type":"integer","minimum":0,"maximum":2},"default":2,"compliance":{"const":2}},{"id":"b6285a67-7909-4ac1-9e0d-b156a1494b46","name":"SystemCryptography_UseFIPS140CompliantCryptographicAlgorithms","description":"System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\FipsAlgorithmPolicy","value":"STE"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"0be33574-5e6c-4cfe-8b84-18819338eb6e","name":"SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems","description":"System objects: Require case insensitivity for non-Windows subsystems","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Session Manager\\Kernel","value":"ObCaseInsensitive"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"oneOf":[{"const":1},{"const":null}]}},{"id":"8db231ff-6c9a-46f8-84de-ebea4507ffe9","name":"SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects","description":"System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Session Manager","value":"ProtectionMode"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"2b36f636-e882-4b90-92c1-1f55f325053b","name":"SystemSettings_UseCertificateRulesOnWindowsExecutables","description":"System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Safer\\CodeIdentifiers","value":"AuthenticodeEnabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"b8841a6a-97b1-485b-9f3c-e5ccef30d2e6","name":"TakeOwnership","description":"Take ownership of files or other objects","severity":"critical","provider":{"type":"csp","name":"./Vendor/MSFT/Policy","path":{"set":"Config/UserRights/TakeOwnership","get":"Result/UserRights/TakeOwnership"}},"schema":{"type":"string"},"default":"*S-1-5-32-544","compliance":{"delimiter":",","items":{"enum":["*S-1-5-32-544"]},"unevaluatedItems":false}},{"id":"b17eabc0-5d73-4861-acc8-d5b97bc53f12","name":"Terminal_Services_AllowToGetHelp","description":"Configure Solicited Remote Assistance","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services","value":"fAllowToGetHelp"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"d9794f70-e03c-40e5-a812-d2878c0eb6d5","name":"TerminalServices_AlwaysPromptForPassword","description":"Always prompt for password upon connection","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services","value":"fPromptForPassword"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"0979b47f-fbbf-46ad-8def-768256fa012a","name":"TerminalServicesClient_DisablePasswordSaving","description":"Do not allow passwords to be saved","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services","value":"DisablePasswordSaving"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"TLS10_Client_Enabled","description":"TLS1.0 is not enabled - client","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"TLS10_Server_Enabled","description":"TLS1.0 is not enabled - server","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"TLS11_Client_Enabled","description":"TLS1.1 is not enabled - client","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"TLS11_Server_Enabled","description":"TLS1.1 is not enabled - server","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"name":"TLS12_Client_Enabled","description":"TLS1.2 is enabled - client","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"TLS12_Server_Enabled","description":"TLS1.2 is enabled - Server","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"TLS13_Client_Enabled","description":"TLS1.3 is enabled - client","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.3\\Client","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"TLS13_Server_Enabled","description":"TLS1.3 is enabled - Server","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.3\\Server","value":"Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"93c677e7-e7c8-49c4-bb46-d40dad88f17b","name":"TS_ENCRYPTION_POLICY","description":"Set client connection encryption level","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services","value":"MinEncryptionLevel"},"schema":{"type":"integer","maximum":3},"default":3,"compliance":{"oneOf":[{"const":3},{"const":null}]}},{"id":"467c29d0-b1be-4113-937c-65583cedf2f0","name":"UserAccountControl_AllowUIAccessApplicationsToPromptForElevation","description":"User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"EnableUIADesktopToggle"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"fc8a4401-ff7a-4a6d-add4-758acce6b76c","name":"UserAccountControl_BehaviorOfTheElevationPromptForAdministrators","description":"User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"ConsentPromptBehaviorAdmin"},"schema":{"type":"integer","minimum":0,"maximum":5},"default":2,"compliance":{"minimum":1,"maximum":2}},{"id":"ea132d56-9c29-4d2a-bc92-fc81f616e540","name":"UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers","description":"User Account Control: Behavior of the elevation prompt for standard users","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"ConsentPromptBehaviorUser"},"schema":{"type":"integer","enum":[0,1,3]},"default":0,"compliance":{"const":0}},{"id":"19a185ff-1009-4079-937a-dace5e3c2f50","name":"UserAccountControl_DetectApplicationInstallationsAndPromptForElevation","description":"User Account Control: Detect application installations and prompt for elevation","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"EnableInstallerDetection"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated","description":"User Account Control: Only elevate executables that are signed and validated","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"ValidateAdminCodeSignatures"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"600ea254-773b-43b5-be89-ca8221e96279","name":"UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations","description":"User Account Control: Only elevate UIAccess applications that are installed in secure locations","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"EnableSecureUIAPaths"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"1d099cbe-a327-42cd-9562-9896389c4263","name":"UserAccountControl_RunAllAdministratorsInAdminApprovalMode","description":"User Account Control: Run all administrators in Admin Approval Mode","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"EnableLUA"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"21a9a771-ef63-419c-bee4-8619f19a77ff","name":"UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation","description":"User Account Control: Switch to the secure desktop when prompting for elevation","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"PromptOnSecureDesktop"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"967531f7-69cd-4a38-a517-3ebf4e5284cd","name":"UserAccountControl_UseAdminApprovalMode","description":"User Account Control: Admin Approval Mode for the Built-in Administrator account","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"FilterAdministratorToken"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"61f7469c-c76a-4265-b84f-d838adb06436","name":"UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations","description":"User Account Control: Virtualize file and registry write failures to per-user locations","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"EnableVirtualization"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"336d9398-7f8b-4743-bf48-9bddc7906984","name":"WDigestAuthentication","description":"WDigest Authentication","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\SecurityProviders\\WDigest","value":"UseLogonCredential"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"e1b7d5ea-8e40-47ae-b53e-910959c6649e","name":"Windows_Enable_SafeDLLSearchMode","description":"Enable Safe DLL search mode","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Session Manager","value":"SafeDllSearchMode"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"3e20b64c-0356-4e95-ba4e-2ebd51e10bb9","name":"Windows_EvenLog_System_MaxSize","description":"Windows EvenLog System MaxSize","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\EventLog\\System","value":"MaxSize"},"schema":{"type":"integer","minimum":0,"maximum":32768},"default":32768,"compliance":{"minimum":32768}},{"id":"e7e377d1-d6e0-4acc-a073-75b3243a646e","name":"Windows_EventLog_Application_MaxSize","description":"Windows EventLog Application MaxSize","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\EventLog\\Application","value":"MaxSize"},"schema":{"type":"integer","minimum":0,"maximum":32768},"default":32768,"compliance":{"minimum":32768}},{"id":"c139db2e-8dea-418e-bf7c-372ec0278e31","name":"Windows_EventLog_Security_MaxSize","description":"Windows EventLog Security MaxSize","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\EventLog\\Security","value":"MaxSize"},"schema":{"type":"integer","minimum":0,"maximum":1048576},"default":1048576,"compliance":{"minimum":196608}},{"id":"1b1dcdbf-d949-44da-b942-0fc2eb225985","name":"Windows_EventLog_Security_Retention","description":"Windows Security eventlog behavior reaching max size","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\EventLog\\Security","value":"Retention"},"schema":{"type":"string"},"default":"0","compliance":{"oneOf":[{"const":"0"},{"const":""}]}},{"id":"ae110ac5-8387-464d-8790-e29ffce8f8d9","name":"Windows_EventLog_Security_WarningLevel","description":"Windows security eventlog WarningLevel threshold percentage","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Eventlog\\Security","value":"WarningLevel"},"schema":{"type":"integer","minimum":0,"maximum":90},"default":90,"compliance":{"maximum":90}},{"id":"99cd4fc9-bcf1-4def-8ce6-5a3c4ea8f8c9","name":"Windows_GroupPolicy_NoBackGroundPolicy","description":"Windows GroupPolicy NoBackGroundPolicy","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Group Policy\\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}","value":"NoBackgroundPolicy"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"2eda113a-0fb7-446c-856a-83e010d36671","name":"Windows_Installer_AlwaysInstallElevated","description":"Windows Installer AlwaysInstallElevated","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Installer","value":"AlwaysInstallElevated"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"5d42c180-4350-49ec-9bb6-e51e1258022c","name":"Windows_Installer_EnableUserControl","description":"Windows Installer EnableUserControl","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Installer","value":"EnableUserControl"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"name":"Windows_LanmanServer_AllowInsecureGuestAuth","description":"Windows LanmanServer AllowInsecureGuestAuth","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\LanmanServer\\Parameters","value":"AllowInsecureGuestAuth"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"e9118234-b52b-4b54-ae1a-893a63fe859d","name":"Windows_LanManServer_SMBServerNameHardeningLevel","description":"Microsoft network server: Server SPN target name validation level","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\LanManServer\\Parameters","value":"SMBServerNameHardeningLevel"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"d1a15c43-08e0-4d7f-a3f1-e8253fa2083e","name":"Windows_NetBIOS_NodeType_Pnode","description":"NetBT NodeType configuration","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\NetBT\\Parameters","value":"NodeType"},"schema":{"type":"integer","maximum":8},"default":2,"compliance":{"const":2}},{"id":"d74f926c-8ee5-4f06-8c59-2871197d8f41","name":"Windows_NetworkProvider_HardenedPaths_NETLOGON","description":"Windows NetworkProvider HardenedPaths NETLOGON","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkProvider\\HardenedPaths","value":"\\\\*\\NETLOGON"},"schema":{"type":"string"},"default":"RequireMutualAuthentication=1,RequireIntegrity=1,RequirePrivacy=1","compliance":{"const":"RequireMutualAuthentication=1,RequireIntegrity=1,RequirePrivacy=1"}},{"id":"da9fef3f-5a75-43e0-aa0a-d1d8c23af706","name":"Windows_NetworkProvider_HardenedPaths_SYSVOL","description":"Windows NetworkProvider HardenedPaths SYSVOL","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkProvider\\HardenedPaths","value":"\\\\*\\SYSVOL"},"schema":{"type":"string"},"default":"RequireMutualAuthentication=1,RequireIntegrity=1,RequirePrivacy=1","compliance":{"const":"RequireMutualAuthentication=1,RequireIntegrity=1,RequirePrivacy=1"}},{"id":"1648f727-644b-4454-a472-b1a803342e8a","name":"Windows_Policies_System_Audit_ProcessCreationIncludeCmdLine_Enabled","description":"Windows Policies System Audit ProcessCreationIncludeCmdLine Enabled","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Audit","value":"ProcessCreationIncludeCmdLine_Enabled"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"b784a87e-4aa2-4f61-8b3f-38abff6dac22","name":"Windows_Policies_System_DisableAutomaticRestartSignOn","description":"Windows Policies System DisableAutomaticRestartSignOn","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"DisableAutomaticRestartSignOn"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"Windows_Policies_System_LocalAccountTokenFilterPolicy","description":"Windows Policies System LocalAccountTokenFilterPolicy","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System","value":"LocalAccountTokenFilterPolicy"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"b5c7204a-96b7-4fb9-a7fa-5201b89f5146","name":"Windows_Powershell_ScriptBlockLogging_EnableScriptBlockLogging","description":"Windows Powershell ScriptBlockLogging EnableScriptBlockLogging","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PowerShell\\ScriptBlockLogging","value":"EnableScriptBlockLogging"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"bea7aff2-db2d-4db7-bf47-0e475db398a3","name":"Windows_System_DisableLockScreenAppNotifications","description":"Turn off app notifications on the lock screen","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System","value":"DisableLockScreenAppNotifications"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"0644341a-0db8-4ff6-8bfe-5751a9b3d1dc","name":"Windows_System_EnumerateLocalUsers","description":"Windows System EnumerateLocalUsers","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System","value":"EnumerateLocalUsers"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"484c747f-1418-4c27-a944-c3b1e1690b33","name":"Windows_WindowsSearch_AllowIndexingEncryptedStoresOrItems","description":"Windows WindowsSearch AllowIndexingEncryptedStoresOrItems","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search","value":"AllowIndexingEncryptedStoresOrItems"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"oneOf":[{"const":0},{"const":null}]}},{"id":"d2d187ef-0321-4e5e-95aa-ac03f16e6373","name":"WindowsDefender_ConfigureAttachSurfaceReductionRules","description":"Configure Attack Surface Reduction rules","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Windows Defender Exploit Guard\\ASR","value":"ExploitGuard_ASR_Rules"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"f569293f-f00a-4f11-803c-b1fd2fecd7d8","name":"WindowsDefender_DisableAntiSpyware","description":"Turn off Microsoft Defender AntiVirus","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender","value":"DisableAntiSpyware"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"dd3e3ed2-65d2-484f-b909-c9001e347671","name":"WindowsDefender_DisableConsumerAccountStateContent","description":"Turn off cloud consumer account state content","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent","value":"DisableConsumerAccountStateContent"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"1eb84c57-2252-466d-8504-c7d34fce2126","name":"WindowsDefender_DisableEmailScanning","description":"Turn on e-mail scanning","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Scan","value":"DisableEmailScanning"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"d243297a-f2a7-49b3-850c-28ceddcd6a5f","name":"WindowsDefender_DisableIOAVProtection","description":"Scan all downloaded files and attachments","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Real-Time Protection","value":"DisableIOAVProtection"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"822cb00e-9414-44af-9ff3-20bedf3dfe54","name":"WindowsDefender_DisableRealtimeMonitoring","description":"Turn off real-time protection","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Real-Time Protection","value":"DisableRealtimeMonitoring"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"4054c4db-7927-4344-87b4-156c1d681598","name":"WindowsDefender_DisableRemovableDriveScanning","description":"Scan removable drives","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Scan","value":"DisableRemovableDriveScanning"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"23d573d1-0d29-435c-bbc9-509b3c9cfa60","name":"WindowsDefender_DisableScriptScanning","description":"Turn on script scanning","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Real-Time Protection","value":"DisableScriptScanning"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"ee69b98c-4bce-4af5-88b9-b8cee25b7524","name":"WindowsDefender_DisallowExploitProtectionOverride","description":"Prevent users from modifying settings","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender Security Center\\App and Browser protection","value":"DisallowExploitProtectionOverride"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"181da750-0ecf-4af3-8724-ab1d6718fd6b","name":"WindowsDefender_EnableTranscripting","description":"Turn on PowerShell Transcription","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PowerShell\\Transcription","value":"EnableTranscripting"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"dcb8d6a6-45b5-4c3c-8f12-86e0c3680a72","name":"WindowsDefender_PUAProtection","description":"Configure detection for potentially unwanted applications","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender","value":"PUAProtection"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"3007d6c4-a091-4449-9d05-409319e65883","name":"WindowsDefender_SignatureUpdates_Interval","description":"Windows Defender Signature Updates Interval","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Defender\\Signature Updates","value":"SignatureUpdateInterval"},"schema":{"type":"integer","maximum":24},"default":1,"compliance":{"const":1}},{"name":"WindowsDefender_SignatureUpdates_ScheduleDay","description":"Windows Defender Signature Updates Schedule Day","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows Defender\\Signature Updates","value":"ScheduleDay"},"schema":{"type":"integer","minimum":0,"maximum":8},"default":0,"compliance":{"const":0}},{"id":"31f2f70a-685f-4e0a-96ba-cb0c0e83768b","name":"WindowsDefender_SubmitSamplesConsent","description":"Send file samples when further analysis is required","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SpyNet","value":"SubmitSamplesConsent"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"88338d83-a4e2-421b-b3f3-db6bd2c694a0","name":"WindowsFirewall_Domain_AllowLocalIPsecPolicyMerge","description":"Windows Firewall: Domain: Settings: Apply local connection security rules","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile","value":"AllowLocalIPsecPolicyMerge"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"1196a355-37e4-4a6f-8a8e-740db0d73f09","name":"WindowsFirewall_Domain_DefaultInboundAction","description":"Windows Firewall: Domain: Inbound connections","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile","value":"DefaultInboundAction"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"df94d448-eb5c-40f8-a2c1-35af6ba6e566","name":"WindowsFirewall_Domain_Logging_LogDroppedPackets","description":"Windows Firewall: Domain: Logging: Log dropped packets","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile\\Logging","value":"LogDroppedPackets"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"02e555c8-7deb-4fab-a565-d018af8ba39e","name":"WindowsFirewall_Domain_Logging_LogFilePath","description":"Windows Firewall: Domain: Logging: Name","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile\\Logging","value":"LogFilePath"},"schema":{"type":"string"},"default":"%SystemRoot%\\System32\\logfiles\\firewall\\domainfw.log","compliance":{"pattern":".log"}},{"id":"c67e4967-4e36-4d6a-b1ee-bad7cd747c7c","name":"WindowsFirewall_Domain_Logging_LogFileSize","description":"Windows Firewall: Domain: Logging: Size limit (KB)","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile\\Logging","value":"LogFileSize"},"schema":{"type":"integer","minimum":0,"maximum":16384},"default":16384,"compliance":{"minimum":16384}},{"id":"7a9e9e07-2e95-48ec-9a3b-7ee693e35711","name":"WindowsFirewall_Domain_Logging_LogSuccessfulConnections","description":"Windows Firewall: Domain: Logging: Log successful connections","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile\\Logging","value":"LogSuccessfulConnections"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"68757cac-7589-4ed9-a162-27e5926f2deb","name":"WindowsFirewall_DomainProfile_DefaultOutboundAction","description":"Windows Firewall: Domain: Outbound connections","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile","value":"DefaultOutboundAction"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"d4cb5e92-f237-4f83-95fb-1dde6be6db1b","name":"WindowsFirewall_DomainProfile_DisableNotifications","description":"Windows Firewall: Domain: Settings: Display a notification","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile","value":"DisableNotifications"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"b75811fe-ac22-4171-9511-27fec5177351","name":"WindowsFirewall_DomainProfile_DisableUnicastResponsesToMulticastBroadcast","description":"Windows Firewall: Domain: Allow unicast response","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile","value":"DisableUnicastResponsesToMulticastBroadcast"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"4a459b04-79c8-4fb3-9ea0-cf4b77ee58d7","name":"WindowsFirewall_DomainProfile_EnableFirewall","description":"Windows Firewall: Domain: Firewall state","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile","value":"EnableFirewall"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"28b5cfb6-7548-44f9-9f43-a542644fa1fd","name":"WindowsFirewall_PrivateProfile_AllowLocalIPsecPolicyMerge","description":"Windows Firewall: Private: Settings: Apply local connection security rules","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile","value":"AllowLocalIPsecPolicyMerge"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"52bb00ec-987c-4f16-a81d-96ef84259bea","name":"WindowsFirewall_PrivateProfile_DefaultInboundAction","description":"Windows Firewall: Private: Inbound connections","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile","value":"DefaultInboundAction"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"c98cfb4e-113f-4a25-a080-ab1f7d0f8f38","name":"WindowsFirewall_PrivateProfile_DefaultOutboundAction","description":"Windows Firewall: Private: Outbound connections","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile","value":"DefaultOutboundAction"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"d177f27b-8d9b-4bb1-a45c-5f3a11384d1f","name":"WindowsFirewall_PrivateProfile_DisableNotifications","description":"Windows Firewall: Private: Settings: Display a notification","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile","value":"DisableNotifications"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"3dcf28a5-e199-4b78-8933-7828dfde4b9d","name":"WindowsFirewall_PrivateProfile_DisableUnicastResponsesToMulticastBroadcast","description":"Windows Firewall: Private: Allow unicast response","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile","value":"DisableUnicastResponsesToMulticastBroadcast"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"c8e1851a-fb32-4197-a1c0-d9da262d37f1","name":"WindowsFirewall_PrivateProfile_EnableFirewall","description":"Windows Firewall: Private: Firewall state","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile","value":"EnableFirewall"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"be3bba5f-7bd3-4574-b6c2-93341e01b8c0","name":"WindowsFirewall_PrivateProfile_Logging_LogDroppedPackets","description":"Windows Firewall: Private: Logging: Log dropped packets","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile\\Logging","value":"LogDroppedPackets"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"4c40870a-fe76-4e52-a71c-8344d17a9bc3","name":"WindowsFirewall_PrivateProfile_Logging_LogFilePath","description":"Windows Firewall: Private: Logging: Name","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile\\Logging","value":"LogFilePath"},"schema":{"type":"string"},"default":"%SystemRoot%\\System32\\logfiles\\firewall\\privatefw.log","compliance":{"pattern":".log"}},{"id":"c3bdeda2-0740-42b6-aac2-7d7234f3a557","name":"WindowsFirewall_PrivateProfile_Logging_LogFileSize","description":"Windows Firewall: Private: Logging: Size limit (KB)","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile\\Logging","value":"LogFileSize"},"schema":{"type":"integer","minimum":0,"maximum":16384},"default":16384,"compliance":{"minimum":16384}},{"id":"396f1552-406d-4b58-b4a6-fc56c75eb70a","name":"WindowsFirewall_PrivateProfile_Logging_LogSuccessfulConnections","description":"Windows Firewall: Private: Logging: Log successful connections","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PrivateProfile\\Logging","value":"LogSuccessfulConnections"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"10a43735-527c-46f0-a95c-954a8f9594dc","name":"WindowsFirewall_PublicProfile_AllowLocalIPsecPolicyMerge","description":"Windows Firewall: Public: Settings: Apply local connection security rules","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile","value":"AllowLocalIPsecPolicyMerge"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"d33c1242-a351-4a00-8a0c-0b50f44441ef","name":"WindowsFirewall_PublicProfile_DefaultInboundAction","description":"Windows Firewall: Public: Inbound connections","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile","value":"DefaultInboundAction"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"753e721c-be46-47f4-9571-8509ca5c1e61","name":"WindowsFirewall_PublicProfile_DefaultOutboundAction","description":"Windows Firewall: Public: Outbound connections","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile","value":"DefaultOutboundAction"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"f34e3441-5977-432b-899b-119fc66e1b08","name":"WindowsFirewall_PublicProfile_DisableNotifications","description":"Windows Firewall: Public: Settings: Display a notification","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile","value":"DisableNotifications"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"b72cc850-f180-4479-abce-2b72815afead","name":"WindowsFirewall_PublicProfile_DisableUnicastResponsesToMulticastBroadcast","description":"Windows Firewall: Public: Allow unicast response","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile","value":"DisableUnicastResponsesToMulticastBroadcast"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"5e33a15a-7db0-4a1d-b771-db3764f3a625","name":"WindowsFirewall_PublicProfile_EnableFirewall","description":"Windows Firewall: Public: Firewall state","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile","value":"EnableFirewall"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"4ef05db7-7bdc-4a89-b488-31893914e994","name":"WindowsFirewall_PublicProfile_Logging_LogDroppedPackets","description":"Windows Firewall: Public: Logging: Log dropped packets","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile\\Logging","value":"LogDroppedPackets"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"id":"2614f6be-da8e-4dbc-89d9-7ba4d63564c7","name":"WindowsFirewall_PublicProfile_Logging_LogFilePath","description":"Windows Firewall: Public: Logging: Name","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile\\Logging","value":"LogFilePath"},"schema":{"type":"string"},"default":"%SystemRoot%\\System32\\logfiles\\firewall\\publicfw.log","compliance":{"pattern":".log"}},{"id":"8c115a38-7ea4-4aa8-9115-c78e31bdb411","name":"WindowsFirewall_PublicProfile_Logging_LogFileSize","description":"Windows Firewall: Public: Logging: Size limit (KB)","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile\\Logging","value":"LogFileSize"},"schema":{"type":"integer","minimum":0,"maximum":16384},"default":16384,"compliance":{"minimum":16384}},{"id":"2f38577d-b711-4eb3-bdc8-b423fc013ed2","name":"WindowsFirewall_PublicProfile_Logging_LogSuccessfulConnections","description":"Windows Firewall: Public: Logging: Log successful connections","severity":"warning","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\PublicProfile\\Logging","value":"LogSuccessfulConnections"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"WindowsNT_MitigationOptions_MitigationOptions_FontBocking","description":"WindowsNT MitigationOptions MitigationOptions FontBocking","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\MitigationOptions","value":"MitigationOptions_FontBocking"},"schema":{"type":"string"},"default":"1000000000000","compliance":{"const":"1000000000000"}},{"name":"WindowsNT_Rpc_EnableAuthEpResolution","description":"Enable RPC Endpoint Mapper Client Authentication","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Rpc","value":"EnableAuthEpResolution"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"WindowsNT_Rpc_RestrictRemoteClients","description":"WindowsNT Rpc RestrictRemoteClients","severity":"critical","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Rpc","value":"RestrictRemoteClients"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":1,"compliance":{"const":1}},{"name":"WindowsSearch_AllowSearchToUseLocation","description":"Allow search and Cortana to use location","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search","value":"AllowSearchToUseLocation"},"schema":{"type":"integer","minimum":0,"maximum":1},"default":0,"compliance":{"const":0}},{"id":"824438cc-72b2-4a24-b13b-7ff0954f0130","name":"WinlogonCachedLogonsCount","description":"Interactive logon: Number of previous logons to cache (in case domain controller is not available)","severity":"informational","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon","value":"CachedLogonsCount"},"schema":{"type":"string"},"default":"0","compliance":{"minimum":0,"maximum":4}},{"name":"WinVerifyTrust_Mitigation_1","description":"WinVerifyTrust Signature Validation vulnerability Mitigation 1","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\Wintrust\\Config","value":"EnableCertPaddingCheck"},"schema":{"type":"string"},"default":"1","compliance":{"const":"1"}},{"name":"WinVerifyTrust_Mitigation_2","description":"WinVerifyTrust Signature Validation vulnerability Mitigation 2","severity":"important","provider":{"type":"registry","path":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Cryptography\\Wintrust\\Config","value":"EnableCertPaddingCheck"},"schema":{"type":"string"},"default":"1","compliance":{"const":"1"}}],"alias":{"get":"msftinventory","set":"msftpolicies"},"context":"device"} '@ } # SIG # Begin signature block # MIIoKwYJKoZIhvcNAQcCoIIoHDCCKBgCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCKBNWwDyxPnLw8 # 8IOdChtG2ZwJo5rAgVJhLDabtYlTdKCCDXYwggX0MIID3KADAgECAhMzAAAEBGx0 # Bv9XKydyAAAAAAQEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjQwOTEyMjAxMTE0WhcNMjUwOTExMjAxMTE0WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQC0KDfaY50MDqsEGdlIzDHBd6CqIMRQWW9Af1LHDDTuFjfDsvna0nEuDSYJmNyz # NB10jpbg0lhvkT1AzfX2TLITSXwS8D+mBzGCWMM/wTpciWBV/pbjSazbzoKvRrNo # DV/u9omOM2Eawyo5JJJdNkM2d8qzkQ0bRuRd4HarmGunSouyb9NY7egWN5E5lUc3 # a2AROzAdHdYpObpCOdeAY2P5XqtJkk79aROpzw16wCjdSn8qMzCBzR7rvH2WVkvF # HLIxZQET1yhPb6lRmpgBQNnzidHV2Ocxjc8wNiIDzgbDkmlx54QPfw7RwQi8p1fy # 4byhBrTjv568x8NGv3gwb0RbAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQU8huhNbETDU+ZWllL4DNMPCijEU4w # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMjkyMzAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAIjmD9IpQVvfB1QehvpC # Ge7QeTQkKQ7j3bmDMjwSqFL4ri6ae9IFTdpywn5smmtSIyKYDn3/nHtaEn0X1NBj # L5oP0BjAy1sqxD+uy35B+V8wv5GrxhMDJP8l2QjLtH/UglSTIhLqyt8bUAqVfyfp # h4COMRvwwjTvChtCnUXXACuCXYHWalOoc0OU2oGN+mPJIJJxaNQc1sjBsMbGIWv3 # cmgSHkCEmrMv7yaidpePt6V+yPMik+eXw3IfZ5eNOiNgL1rZzgSJfTnvUqiaEQ0X # dG1HbkDv9fv6CTq6m4Ty3IzLiwGSXYxRIXTxT4TYs5VxHy2uFjFXWVSL0J2ARTYL # E4Oyl1wXDF1PX4bxg1yDMfKPHcE1Ijic5lx1KdK1SkaEJdto4hd++05J9Bf9TAmi # u6EK6C9Oe5vRadroJCK26uCUI4zIjL/qG7mswW+qT0CW0gnR9JHkXCWNbo8ccMk1 # sJatmRoSAifbgzaYbUz8+lv+IXy5GFuAmLnNbGjacB3IMGpa+lbFgih57/fIhamq # 5VhxgaEmn/UjWyr+cPiAFWuTVIpfsOjbEAww75wURNM1Imp9NJKye1O24EspEHmb # DmqCUcq7NqkOKIG4PVm3hDDED/WQpzJDkvu4FrIbvyTGVU01vKsg4UfcdiZ0fQ+/ # V0hf8yrtq9CkB8iIuk5bBxuPMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGgswghoHAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAAQEbHQG/1crJ3IAAAAABAQwDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIGZudWDh/tGJIOz8ZrCqoq5c # o/CY+f8ilDuZSfOdP1FmMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEAgrMlnZ46i39FxV5vPlbIclf/piVy3jMSKb0JljhxMIKq/CrGV1qY1eKj # 5i/MxYU1g7j/i8OIDUyBIeUneoQZIU5urvuwQSwu87LGwgvfU3UsGQW6ipFGeZxx # 67NBw6pXlCrEV46HJvsGjuKpIu0/xHx6DZHOnp/zKHzXNi0mu2oFzXcvpEn1KQzU # CFPtJAICFSk12OxZ+1bGRD4B7l0fCKFlb0BK5wpjIo+dlVvNlDQHiZzXGqWgr5kv # 7I3IMrNK/BarMzEU4L2wkZSTOypq/wfFxnZbvb4hav68MjwtxFj3GFkkZB+LMZvR # I0gzSXrHNG1juLTudx7orobuiWqspaGCF5UwgheRBgorBgEEAYI3AwMBMYIXgTCC # F30GCSqGSIb3DQEHAqCCF24wghdqAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFRBgsq # hkiG9w0BCRABBKCCAUAEggE8MIIBOAIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCDoMXoXuSAwqdMsoeeysdsu/QuXQtv9HTFY0Pd2kQFBkQIGZzur+WLU # GBIyMDI0MTExOTAxMjIyOS43NFowBIACAfSggdGkgc4wgcsxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVy # aWNhIE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNTIEVTTjpBOTM1LTAz # RTAtRDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaCC # EewwggcgMIIFCKADAgECAhMzAAAB6Q9xMH5d8RI2AAEAAAHpMA0GCSqGSIb3DQEB # CwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH # EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNV # BAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4XDTIzMTIwNjE4NDUy # NloXDTI1MDMwNTE4NDUyNlowgcsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMx # JzAlBgNVBAsTHm5TaGllbGQgVFNTIEVTTjpBOTM1LTAzRTAtRDk0NzElMCMGA1UE # AxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCCAiIwDQYJKoZIhvcNAQEB # BQADggIPADCCAgoCggIBAKyajDFBFWCnhNJzedNrrKsA8mdXoDtplidPD/LH3S7U # NIfz2e99A3Nv7l+YErymkfvpOYnOMdRwiZ3zjkD+m9ljk7w8IG7sar7Hld7qmVC3 # jHBVRRxAhPGSU5nVGb18nmeHyCfE7Fp7MUwzjWwMjssykrAgpAzBcNy1gq8LJDLq # Q7axUsHraQXz3ZnBximIhXHctPUs90y3Uh5LfkpjkzHKVF1NLsTUmhyXfQ2BwGIl # +qcxx7Tl4SKkixM7gMif/9O0/VHHntVd+8I7w1IKH13GzK+eDSVRVj66ur8bxBEW # g6X/ug4jRF/xCD7eHJhrIewj3C28McadPfQ2vjXHNOnDYjplZoiE/Ay7kO92QQbN # Xu9hPe1v21O+Jjemy6XVPkP3fz8B80upqdUIm0/jLPRUkFIZX6HrplxpQk7GltIi # MiZo4sXXw06OZ/WfANq2wGi5dZcUrsTlLRUtHKhOoMLEcbiZbeak1Cikz9TVYmeO # yxZCW4rx5v4wMqWT0T+E4FgqzYp95Dgcbt05wr7Aw5qYZ/C+Qh7t2TKXObwF4BRA # LwvGsBDKSFIfL4VpD3cMCV9BijBgO3MZeoTrA4BN4oUjfS71iXENPMC4sMrTvdyd # 0xXipoPd65cDrFQ0KjODuuKGIdRozjcCZv0Qa5GXTbb7I/ByWbKSyyTfRrhGne/1 # AgMBAAGjggFJMIIBRTAdBgNVHQ4EFgQUkX4zicUIdiO4iPRa6/6NyO0H7E4wHwYD # VR0jBBgwFoAUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXwYDVR0fBFgwVjBUoFKgUIZO # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw # VGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3JsMGwGCCsGAQUFBwEBBGAwXjBc # BggrBgEFBQcwAoZQaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0 # cy9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYD # VR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAOBgNVHQ8BAf8EBAMC # B4AwDQYJKoZIhvcNAQELBQADggIBAFaxKn6uazEUt7rUAT3Qp6fZc+BAckOJLhJs # uG/N9WMM8OY51ETvm5CiFiEUx0bAcptWYsrSUdXUCnP8dyJmijJ6gC+QdBoeYuHA # EaSjIABXFxppScc0hRL0u94vTQ/CZxIMuA3RX8XKTbRCkcMS6TApHyR9oERfzcDK # 9DOV/9ugM2hYoSCl0CwvxLMLNcUucOjPMIkarRHPBCB4QGvwTgrbBDZZcj9knFlL # /53cV3AbgSsEXPNSJJtXabfGww/dyoJEUO0nULf8meNcwKGeb1ssMPXBontM+nnB # h2/Q6X35o3S3UGY7MKPwOaoq5TDOAIr1OO3DkpSNo7pCN6AfOd1f+1mtjv3Z19EB # evl0asqSmywgerqutY7g+Uvc5L7hyIv+Xymb6g0ldYZdgkvkfos2crJclUTD/UVs # 7j4bP5Th8UXGzZLxTC+sFthxxVD074WWPvFMB4hMmwem0C9ESoJz79jHOEgqQDzx # DxCEkpQO1rNq0kftk52LQsIrCCpA7gfzUpkYNIuS0W81GGHxkEB6efWlb7lQEZjP # YamBzFVcpPUK5Rh2UdH0Po2tWEap2EZODs6D93/ygyU8bdiO6oXGJ2IiygDDb4yE # jXNesiLnq3omQnvknr0X6WSH2bIkmk2THjWxIHVcraMlaCrtWUG4/UG5eNneqDKb # 2vXC/Qy1MIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAAAAAAFTANBgkqhkiG # 9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO # BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEy # MDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw # MTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8MQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGlt # ZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB # AOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2AX9sSuDivbk+F2Az # /1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpSg0S3po5GawcU88V2 # 9YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2rrPY2vjUmZNqYO7oa # ezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k45GPsjksUZzpcGkN # yjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSueik3rMvrg0XnRm7K # MtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09/SDPc31BmkZ1zcRf # NN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR6L8FA6PRc6ZNN3SU # HDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxCaC4Q6oRRRuLRvWoY # WmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaDIV1fMHSRlJTYuVD5 # C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMURHXLvjflSxIUXk8A8 # FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMBAAGjggHdMIIB2TAS # BgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQqp1L+ZMSavoKRPEY1 # Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXAYDVR0gBFUw # UzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNy # b3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMBMGA1UdJQQMMAoG # CCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIB # hjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQW9fO # mhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9w # a2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNybDBaBggr # BgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNv # bS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MA0GCSqGSIb3 # DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2Pk5HZHixBpOXPTEz # tTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03dmLq2HnjYNi6cqYJW # AAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1TkeFN1JFe53Z/zjj3G # 82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kpicO8F7BUhUKz/Aye # ixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKpW99Jo3QMvOyRgNI9 # 5ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrYUP4KWN1APMdUbZ1j # dEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QBjloZkWsNn6Qo3GcZ # KCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkBRH58oWFsc/4Ku+xB # Zj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0ViY1w/ue10CgaiQuP # Ntq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq0Z4+7X6gMTN9vMvp # e784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1VM1izoXBm8qGCA08w # ggI3AgEBMIH5oYHRpIHOMIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMScw # JQYDVQQLEx5uU2hpZWxkIFRTUyBFU046QTkzNS0wM0UwLUQ5NDcxJTAjBgNVBAMT # HE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMCGgMVAKtp # h/XEOTasydT9UmjYYYrWfGjxoIGDMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg # UENBIDIwMTAwDQYJKoZIhvcNAQELBQACBQDq5ip3MCIYDzIwMjQxMTE4MjEwNDU1 # WhgPMjAyNDExMTkyMTA0NTVaMHYwPAYKKwYBBAGEWQoEATEuMCwwCgIFAOrmKncC # AQAwCQIBAAIBSQIB/zAHAgEAAgISHjAKAgUA6ud79wIBADA2BgorBgEEAYRZCgQC # MSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqG # SIb3DQEBCwUAA4IBAQCMoMWjX1ztK7c0PSelF5m4i1UQbNHX4NGpeFiqX7bqtcph # HPHUf5bjMwGaJRXvDbpcFwpXRfFGD5R0UL3A2HOgTVZaikJW24FbSt/R7ieBy4PY # fNauRhGLqCxD/7klFZQ5+7ilrXswRUKzeHLxkdqNilyal8nbW7NWt4P5SU9HkzxF # NxLI158uIt0Gedfi5h4FLbfN2NSUJQ7PuH1ZXKgDM2LNDAP47fG2i6pnOnHIeJbu # QIQ8Ofsmh5hCSBAuBnT//5ZoTMwdfCEsf8JWNDdBDGe/Vkjz514Bos5ytUNVNavE # UTL0QZk1u0rKXX2Pceo75sBMFcQVM7rQ/8HqulXtMYIEDTCCBAkCAQEwgZMwfDEL # MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v # bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWlj # cm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAHpD3Ewfl3xEjYAAQAAAekw # DQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAv # BgkqhkiG9w0BCQQxIgQgCAz1Bz8xAfkyZWBKjXcN9FTEy6ocrnucl0bCColRVL0w # gfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCCkkJJ4l2k3Jo9UykFhfsdlOK4l # aKxg/E8JoFWzfarEJTCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX # YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg # Q29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAy # MDEwAhMzAAAB6Q9xMH5d8RI2AAEAAAHpMCIEIIAB9Yb9jhsQe/okuCUJ889anGkW # LDSAw0OPCZBos8fcMA0GCSqGSIb3DQEBCwUABIICAFkE2dOLVOVSANIPmEITqGdL # Slo+h8EL/B1NXmnJYWqfE3J05mtxfus4M34wF0ahOJIR0mjuDjIB5IP3PbXBq1y2 # F2ZZNUIj/B4L/GzHTICD6SoHsgHJ5FurHp9rESX4/B6jyeDlgIxxpc8XSDxgJo4S # 3dIdQ2K4jjlX12Q5U2Xt+l6kSkUnWny5Sk1vniOL4ikaMUBo//KeuENgilnXPpWn # 3j1jqhdcSU2k+LXi6dTfs28aAzeQdQewKt/FBBCrT3gpdoUjqpsQeP4v5Mh9lNAz # nkVGamAoxvtWzuJ0tmCP3ws1O2I5cUfBFUkhugvB/QJSOCyr4rUWauIn42KYPr0V # hnBMeUQ7rKdp03Z637uIypSWZW3emuXs9SeUQ9hQU2Trc4rjfq8EGPsMv/rwe5tT # MSmxp7rDWEbYD7Si46D6ZXD5xBtycVuZhysXPidVOK70WO4usJ9bw3tYfHyCQpwn # 1oMVcOdllRBHcVJq8tjBU51wy4+JDEuyH69zsKqca6MATff8kBk8uZ1ds/k2Fjrv # Hh5lQFh6GDW0ZDe+6z/CA5DrsfSyybXhJkBwpZ40yZh3rPgiIF+/R1qCww1gz+rR # dnssIsXyjuEPx45EocXv2YypoVtPmvlvKizsFzj8ze8DWq2ZYM82mHHgHmzSr8so # IHpe9RKf+j7XEuZlike7 # SIG # End signature block |