CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

Default Value:

Disabled.

References:

1. CCE-35370-6

CIS Controls:

Version 6

16.14 Encrypt/Hash All Authentication Files And Monitor Their Access Verify that all authentication files are encrypted or hashed and that these files cannot be accessed without root or administrator privileges. Audit all access to password files in the system.

16.5 Ensure Workstation Screen Locks Are Configured Configure screen locks on systems to limit access to unattended workstations.

Version 7

16.2 Configure Centralized Point of Authentication Configure access for all accounts through as few centralized points of authentication as possible, including network, security, and cloud systems.

16.4 Encrypt or Hash all Authentication Credentials Encrypt or hash with a salt all authentication credentials when stored.

16.5 Encrypt Transmittal of Username and Authentication Credentials Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels.

62 | P a g e