Check: WN10-CC-000005
Microsoft Windows 10 STIG:
WN10-CC-000005
(in versions v2 r9 through v1 r7)
Title
Camera access from the lock screen must be disabled. (Cat II impact)
Discussion
Enabling camera access from the lock screen could allow for unauthorized use. Requiring logon will ensure the device is only used by authorized personnel.
Check Content
If the device does not have a camera, this is NA. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Personalization\ Value Name: NoLockScreenCamera Value Type: REG_DWORD Value: 1
Fix Text
If the device does not have a camera, this is NA. Configure the policy value for Computer Configuration >> Administrative Templates >> Control Panel >> Personalization >> "Prevent enabling lock screen camera" to "Enabled".
Additional Identifiers
Rule ID: SV-220792r569187_rule
Vulnerability ID: V-220792
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |