An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: v2024.10.3-0fa4-8a67
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: v2024.10.3-0fa4-8a67
Open sidebar
Navigate
Top
Search
Checks (
260
)
Print
Changes
Pages (
1/18
)
Microsoft Windows 10 STIG
Microsoft Windows 10 Security Technical Implementation Guide
v2 r9 (Released May 15, 2024)
v2 r8 (Released Nov. 9, 2023)
v2 r7 (Released June 7, 2023)
v2 r6 (Released May 11, 2023)
v2 r5 (Released Nov. 14, 2022)
v2 r4 (Released May 31, 2022)
v2 r3 (Released Nov. 1, 2021)
v2 r2 (Released May 4, 2021)
v2 r1 (Released Nov. 13, 2020)
v1 r23 (Released June 17, 2020)
v1 r22 (Released May 15, 2020)
v1 r21 (Released April 24, 2020)
v1 r20 (Released Jan. 27, 2020)
v1 r19 (Released Oct. 25, 2019)
v1 r18 (Released July 26, 2019)
v1 r17 (Released May 24, 2019)
v1 r16 (Released Jan. 25, 2019)
v1 r15 (Released Nov. 15, 2018)
v1 r14 (Released July 27, 2018)
v1 r13 (Released April 27, 2018)
v1 r12 (Released Jan. 26, 2018)
v1 r11 (Released Oct. 31, 2017)
v1 r10 (Released June 27, 2017)
v1 r9 (Released April 28, 2017)
v1 r7 (Released Nov. 8, 2016)
ID
Vuln ID
Title
Cat
Status
WN10-00-000005
V-220697
Domain-joined systems must use Windows 10 Enterprise Edition 64-bit version.
Cat II
WN10-00-000010
V-220698
Windows 10 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use.
Cat II
WN10-00-000015
V-220699
Windows 10 systems must have Unified Extensible Firmware Interface (UEFI) firmware and be configured to run in UEFI mode, not Legacy BIOS.
Cat II
WN10-00-000020
V-220700
Secure Boot must be enabled on Windows 10 systems.
Cat III
WN10-00-000025
V-220701
Windows 10 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: continuously, where ESS is used; 30 days, for any additional internal network scans not covered by ESS; and annually, for external scans by Computer Network Defense Service Provider (CNDSP).
Cat II
WN10-00-000030
V-220702
Windows 10 information systems must use BitLocker to encrypt all disks to protect the confidentiality and integrity of all information at rest.
Cat I
WN10-00-000031
V-220703
Windows 10 systems must use a BitLocker PIN for pre-boot authentication.
Cat I
WN10-00-000032
V-220704
Windows 10 systems must use a BitLocker PIN with a minimum length of six digits for pre-boot authentication.
Cat I
WN10-00-000035
V-220705
The operating system must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.
Cat II
WN10-00-000040
V-220706
Windows 10 systems must be maintained at a supported servicing level.
Cat I
WN10-00-000045
V-220707
The Windows 10 system must use an anti-virus program.
Cat I
WN10-00-000050
V-220708
Local volumes must be formatted using NTFS.
Cat I
WN10-00-000055
V-220709
Alternate operating systems must not be permitted on the same system.
Cat II
WN10-00-000060
V-220710
Non system-created file shares on a system must limit access to groups that require it.
Cat II
WN10-00-000065
V-220711
Unused accounts must be disabled or removed from the system after 35 days of inactivity.
Cat III
1
2
3
4
5
...18
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.