CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

18.5.1 Background Intelligent Transfer Service (BITS) ........................................................ 567 18.5.2 BranchCache ................................................................................................................................ 567 18.5.3 DirectAccess Client Experience Settings ........................................................................ 567 18.5.4 DNS Client...................................................................................................................................... 568 18.5.4.1 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled' (Scored) ................................................................................................................................................... 568 18.5.5 Fonts ................................................................................................................................................ 570 18.5.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' (Scored) ............ 570 18.5.6 Hotspot Authentication .......................................................................................................... 572 18.5.7 Lanman Server ............................................................................................................................ 572 18.5.8 LanmanWorkstation ............................................................................................................... 573 18.5.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' (Scored) ...................................................................................................................................................................... 573 18.5.9 Link-Layer Topology Discovery.......................................................................................... 575 18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' (Scored) ................................................................................................................................................... 575 18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' (Scored) ................................................................................................................................................... 577 18.5.10 Microsoft Peer-to-Peer Networking Services............................................................ 579 18.5.10.2 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled' (Scored) ......................................................................................................................... 579 18.5.11 Network Connections ........................................................................................................... 582 18.5.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' (Scored) ........................................... 582 18.5.11.3 (L1) Ensure 'Prohibit use of Internet Connection Sharing on your DNS domain network' is set to 'Enabled' (Scored) ....................................................................... 585 18.5.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled' (Scored) ......................................................................................... 587 18.5.12 Network Connectivity Status Indicator ........................................................................ 588 18.5.13 Network Isolation ................................................................................................................... 588 18.5.14 Network Provider ................................................................................................................... 589

18 | P a g e