Skip to content

Microsoft Windows 10 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Only accounts responsible for the administration of a system must have Administrator rights on the system.

    <VulnDiscussion>An account that does not have Administrator duties must not have Administrator rights. Such rights would allow the account t...
    Rule High Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • Only accounts responsible for the backup operations must be members of the Backup Operators group.

    &lt;VulnDiscussion&gt;Backup Operators are able to read and write to any file in the system, regardless of the rights assigned to it. Backup and r...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Only authorized user accounts must be allowed to create or run virtual machines on Windows 10 systems.

    &lt;VulnDiscussion&gt;Allowing other operating systems to run on a secure system may allow users to circumvent security. For Hyper-V, preventing un...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules