Skip to content

Microsoft Windows 10 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • IPv6 source routing must be configured to highest protection.

    <VulnDiscussion>Configuring the system to disable IPv6 source routing protects against spoofing.</VulnDiscussion><FalsePositives>...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • The system must be configured to ignore NetBIOS name release requests except from WINS servers.

    &lt;VulnDiscussion&gt;Configuring the system to ignore name release requests, except from WINS servers, prevents a denial of service (DoS) attack. ...
    Rule Low Severity
  • SRG-OS-000134-GPOS-00068

    <GroupDescription></GroupDescription>
    Group
  • Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems.

    &lt;VulnDiscussion&gt;A compromised local administrator account can provide means for an attacker to move laterally between domain systems. With U...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules