An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: v2024.10.3-0fa4-8a67
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: v2024.10.3-0fa4-8a67
Open sidebar
Navigate
Top
Search
Checks (
260
)
Print
Changes
Pages (
15/18
)
Microsoft Windows 10 STIG
Microsoft Windows 10 Security Technical Implementation Guide
v2 r9 (Released May 15, 2024)
v2 r8 (Released Nov. 9, 2023)
v2 r7 (Released June 7, 2023)
v2 r6 (Released May 11, 2023)
v2 r5 (Released Nov. 14, 2022)
v2 r4 (Released May 31, 2022)
v2 r3 (Released Nov. 1, 2021)
v2 r2 (Released May 4, 2021)
v2 r1 (Released Nov. 13, 2020)
v1 r23 (Released June 17, 2020)
v1 r22 (Released May 15, 2020)
v1 r21 (Released April 24, 2020)
v1 r20 (Released Jan. 27, 2020)
v1 r19 (Released Oct. 25, 2019)
v1 r18 (Released July 26, 2019)
v1 r17 (Released May 24, 2019)
v1 r16 (Released Jan. 25, 2019)
v1 r15 (Released Nov. 15, 2018)
v1 r14 (Released July 27, 2018)
v1 r13 (Released April 27, 2018)
v1 r12 (Released Jan. 26, 2018)
v1 r11 (Released Oct. 31, 2017)
v1 r10 (Released June 27, 2017)
v1 r9 (Released April 28, 2017)
v1 r7 (Released Nov. 8, 2016)
ID
Vuln ID
Title
Cat
Status
WN10-SO-000167
V-220933
Remote calls to the Security Account Manager (SAM) must be restricted to Administrators.
Cat II
WN10-SO-000180
V-220934
NTLM must be prevented from falling back to a Null session.
Cat II
WN10-SO-000185
V-220935
PKU2U authentication using online identities must be prevented.
Cat II
WN10-SO-000190
V-220936
Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.
Cat II
WN10-SO-000195
V-220937
The system must be configured to prevent the storage of the LAN Manager hash of passwords.
Cat I
WN10-SO-000205
V-220938
The LanMan authentication level must be set to send NTLMv2 response only, and to refuse LM and NTLM.
Cat I
WN10-SO-000210
V-220939
The system must be configured to the required LDAP client signing level.
Cat II
WN10-SO-000215
V-220940
The system must be configured to meet the minimum session security requirement for NTLM SSP based clients.
Cat II
WN10-SO-000220
V-220941
The system must be configured to meet the minimum session security requirement for NTLM SSP based servers.
Cat II
WN10-SO-000230
V-220942
The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.
Cat II
WN10-SO-000240
V-220943
The default permissions of global system objects must be increased.
Cat III
WN10-SO-000245
V-220944
User Account Control approval mode for the built-in Administrator must be enabled.
Cat II
WN10-SO-000250
V-220945
User Account Control must, at minimum, prompt administrators for consent on the secure desktop.
Cat II
WN10-SO-000251
V-220946
Windows 10 must use multifactor authentication for local and network access to privileged and nonprivileged accounts.
Cat II
WN10-SO-000255
V-220947
User Account Control must automatically deny elevation requests for standard users.
Cat II
Prev
1...
11
12
13
14
15
16
17
18
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.