| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2CF193FE8E8629806C5FA0FC4E522752CA150F38 ~~~~~ Authorization Policy Change: Success Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2CF193FE8E8629806C5FA0FC4E522752CA150F38 ~~~~~ Authorization Policy Change: Success Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2CF193FE8E8629806C5FA0FC4E522752CA150F38 ~~~~~ Authorization Policy Change: Success Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2CF193FE8E8629806C5FA0FC4E522752CA150F38 ~~~~~ Authorization Policy Change: Success Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: -Open a Command Prompt with elevated privileges ("Run as Administrator"). -Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Policy Change >> Authorization Policy Change - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> "Audit Authorization Policy Change" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Privilege Use >> Sensitive Privilege Use - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> "Audit Sensitive Privilege Use" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Privilege Use >> Sensitive Privilege Use - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> "Audit Sensitive Privilege Use" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 632F6B588FA4AF190993D337477F3ECADB75FEC7 ~~~~~ IPSec Driver: Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 632F6B588FA4AF190993D337477F3ECADB75FEC7 ~~~~~ IPSec Driver: Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 632F6B588FA4AF190993D337477F3ECADB75FEC7 ~~~~~ IPSec Driver: Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 632F6B588FA4AF190993D337477F3ECADB75FEC7 ~~~~~ IPSec Driver: Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> IPSec Driver - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit IPSec Driver" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*" Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> Other System Events - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Other System Events" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*" Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> Other System Events - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Other System Events" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> Security State Change - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Security State Change" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> Security System Extension - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Security System Extension" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> System Integrity - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit System Integrity" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: System >> System Integrity - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit System Integrity" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F2418B961E1473B9DE2D8AC6A4EDFDC071036AA7 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Application Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F2418B961E1473B9DE2D8AC6A4EDFDC071036AA7 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Application Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F2418B961E1473B9DE2D8AC6A4EDFDC071036AA7 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Application Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F2418B961E1473B9DE2D8AC6A4EDFDC071036AA7 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Application Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
Check Text
If the system is configured to send audit records directly to an audit server, this is NA. This must be documented with the ISSO. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\EventLog\Application\ Value Name: MaxSize Value Type: REG_DWORD Value: 0x00008000 (32768) (or greater)
Fix Text
If the system is configured to send audit records directly to an audit server, this is NA. This must be documented with the ISSO. Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Event Log Service >> Application >> "Specify the maximum log file size (KB)" to "Enabled" with a "Maximum Log Size (KB)" of "32768" or greater.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 410610951479A93EBAA4D742D6C62B553FFCC5B6 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 1024000 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Security Value Name: MaxSize Value: 0x000fa000 (1024000) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 410610951479A93EBAA4D742D6C62B553FFCC5B6 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 1024000 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Security Value Name: MaxSize Value: 0x000fa000 (1024000) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 410610951479A93EBAA4D742D6C62B553FFCC5B6 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 1024000 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Security Value Name: MaxSize Value: 0x000fa000 (1024000) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 410610951479A93EBAA4D742D6C62B553FFCC5B6 ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 1024000 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Security Value Name: MaxSize Value: 0x000fa000 (1024000) Type: REG_DWORD Comments |
|||||
Check Text
If the system is configured to send audit records directly to an audit server, this is NA. This must be documented with the ISSO. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\EventLog\Security\ Value Name: MaxSize Value Type: REG_DWORD Value: 0x000fa000 (1024000) (or greater)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Event Log Service >> Security >> "Specify the maximum log file size (KB)" to "Enabled" with a "Maximum Log Size (KB)" of "1024000" or greater. If the system is configured to send audit records directly to an audit server, documented with the ISSO.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 489B881681D68174887D297A098A37A658C8A4DD ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\System Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 489B881681D68174887D297A098A37A658C8A4DD ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\System Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 489B881681D68174887D297A098A37A658C8A4DD ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\System Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 489B881681D68174887D297A098A37A658C8A4DD ~~~~~ 'Specify the maximum log file size (KB)' is Enable: (Maximum Log Size (KB) of 32768 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\System Value Name: MaxSize Value: 0x00008000 (32768) Type: REG_DWORD Comments |
|||||
Check Text
If the system is configured to send audit records directly to an audit server, this is NA. This must be documented with the ISSO. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\EventLog\System\ Value Name: MaxSize Value Type: REG_DWORD Value: 0x00008000 (32768) (or greater)
Fix Text
If the system is configured to send audit records directly to an audit server, this is NA. This must be documented with the ISSO. Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Event Log Service >> System >> "Specify the maximum log file size (KB)" to "Enabled" with a "Maximum Log Size (KB)" of "32768" or greater.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
Check Text
Verify the permissions on the Application event log (Application.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding.
Fix Text
Ensure the permissions on the Application event log (Application.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
Check Text
Verify the permissions on the Security event log (Security.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding.
Fix Text
Ensure the permissions on the Security event log (Security.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments |
|||||
Check Text
Verify the permissions on the System event log (System.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding.
Fix Text
Ensure the permissions on the System event log (System.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 99F1D6888C196E2A612663A7D9F93227609572AC ~~~~~ Other Policy Change Events: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 99F1D6888C196E2A612663A7D9F93227609572AC ~~~~~ Other Policy Change Events: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 99F1D6888C196E2A612663A7D9F93227609572AC ~~~~~ Other Policy Change Events: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 99F1D6888C196E2A612663A7D9F93227609572AC ~~~~~ Other Policy Change Events: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Policy Change >> Other Policy Change Events - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change>> "Audit Other Policy Change Events" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Logon/Logoff >> Other Logon/Logoff Events - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Other Logon/Logoff Events" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 83B0324896B9F1E212EC8AFB81C12A2CD071D25B ~~~~~ Other Logon/Logoff Events: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Logon/Logoff >> Other Logon/Logoff Events - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Other Logon/Logoff Events" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F37A20FF4D47C1504B7346B9B13E691565CAE1C2 ~~~~~ Detailed File Share: Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F37A20FF4D47C1504B7346B9B13E691565CAE1C2 ~~~~~ Detailed File Share: Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F37A20FF4D47C1504B7346B9B13E691565CAE1C2 ~~~~~ Detailed File Share: Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F37A20FF4D47C1504B7346B9B13E691565CAE1C2 ~~~~~ Detailed File Share: Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a command prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Object Access >> Detailed File Share - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Object Access >> “Audit Detailed File Share" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Policy Change >> MPSSVC Rule-Level Policy Change - Success
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> “Audit MPSSVC Rule-Level Policy Change" with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A142DF7C7C59B26DC662163C294BF0C37FCA4777 ~~~~~ MPSSVC Rule-Level Policy Change: Success and Failure Comments |
|||||
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN10-SO-000030) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open a Command Prompt with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding: Policy Change >> MPSSVC Rule-Level Policy Change - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> “Audit MPSSVC Rule-Level Policy Change" with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
Check Text
If the device does not have a camera, this is NA. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Personalization\ Value Name: NoLockScreenCamera Value Type: REG_DWORD Value: 1
Fix Text
If the device does not have a camera, this is NA. Configure the policy value for Computer Configuration >> Administrative Templates >> Control Panel >> Personalization >> "Prevent enabling lock screen camera" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: 29B8147452F58C3C24F6A9507B138D2C09BDD8F2 ~~~~~ No camera detected so this requirement is NA. Comments |
|||||
Check Text
If the device or operating system does not have a camera installed, this requirement is not applicable. This requirement is not applicable to mobile devices (smartphones and tablets) where the use of the camera is a local AO decision. This requirement is not applicable to dedicated VTC suites located in approved VTC locations that are centrally managed. For an external camera, if there is not a method for the operator to manually disconnect the camera at the end of collaborative computing sessions, this is a finding. For a built-in camera, the camera must be protected by a camera cover (e.g., laptop camera cover slide) when not in use. If the built-in camera is not protected with a camera cover, or if the built-in camera is not disabled in the bios, this is a finding. If the camera is not disconnected or covered, the following registry entry is required: Registry Hive: HKEY_LOCAL_MACHINE RegistryPath\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam Value Name: Value Value Data: Deny If "Value" is set to a value other than "Deny" and the collaborative computing device has not been authorized for use, this is a finding.
Fix Text
If the camera is not disconnected or covered, the following registry entry is required: Registry Hive: HKEY_LOCAL_MACHINE RegistryPath\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam Value Name: Value Value Data: Deny
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Personalization\ Value Name: NoLockScreenSlideshow Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Control Panel >> Personalization >> "Prevent enabling lock screen slide show" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: D0E96E8C2AE11956B4C7E90C0DC40786616E7C1F ~~~~~ 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters Value Name: DisableIpSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: D0E96E8C2AE11956B4C7E90C0DC40786616E7C1F ~~~~~ 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters Value Name: DisableIpSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D0E96E8C2AE11956B4C7E90C0DC40786616E7C1F ~~~~~ 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters Value Name: DisableIpSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D0E96E8C2AE11956B4C7E90C0DC40786616E7C1F ~~~~~ 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters Value Name: DisableIpSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\ Value Name: DisableIpSourceRouting Value Type: REG_DWORD Value: 2
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> MSS (Legacy) >> "MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)" to "Highest protection, source routing is completely disabled". This policy setting requires the installation of the MSS-Legacy custom templates included with the STIG package. "MSS-Legacy.admx" and " MSS-Legacy.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: D620CAF8D08A5A7FBCF9811F9BECE656A64EA0E6 ~~~~~ 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters Value Name: DisableIPSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: D620CAF8D08A5A7FBCF9811F9BECE656A64EA0E6 ~~~~~ 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters Value Name: DisableIPSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D620CAF8D08A5A7FBCF9811F9BECE656A64EA0E6 ~~~~~ 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters Value Name: DisableIPSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D620CAF8D08A5A7FBCF9811F9BECE656A64EA0E6 ~~~~~ 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is Highest protection, source routing is completely disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters Value Name: DisableIPSourceRouting Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ Value Name: DisableIPSourceRouting Value Type: REG_DWORD Value: 2
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> MSS (Legacy) >> "MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)" to "Highest protection, source routing is completely disabled". This policy setting requires the installation of the MSS-Legacy custom templates included with the STIG package. "MSS-Legacy.admx" and " MSS-Legacy.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 30E45018BB7651DB88A5241CEB1F4E1159C948E7 ~~~~~ 'Apply UAC restrictions to local accounts on network logons' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: LocalAccountTokenFilterPolicy Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 30E45018BB7651DB88A5241CEB1F4E1159C948E7 ~~~~~ 'Apply UAC restrictions to local accounts on network logons' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: LocalAccountTokenFilterPolicy Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the system is not a member of a domain, this is NA. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: LocalAccountTokenFilterPolicy Value Type: REG_DWORD Value: 0x00000000 (0)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> MS Security Guide >> "Apply UAC restrictions to local accounts on network logons" to "Enabled". This policy setting requires the installation of the SecGuide custom templates included with the STIG package. "SecGuide.admx" and "SecGuide.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest\ Value Name: UseLogonCredential Type: REG_DWORD Value: 0x00000000 (0)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> MS Security Guide >> "WDigest Authentication (disabling may require KB2871997)" to "Disabled". The patch referenced in the policy title is not required for Windows 10. This policy setting requires the installation of the SecGuide custom templates included with the STIG package. "SecGuide.admx" and "SecGuide.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C33E359580C405646EFE732E9C9A8001CA0E16C3 ~~~~~ 'Remove "Run as Different User" from context menus' is Enabled Registry Path: HKLM:\SOFTWARE\Classes\batfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\cmdfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\exefile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\mscfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C33E359580C405646EFE732E9C9A8001CA0E16C3 ~~~~~ 'Remove "Run as Different User" from context menus' is Enabled Registry Path: HKLM:\SOFTWARE\Classes\batfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\cmdfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\exefile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\mscfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C33E359580C405646EFE732E9C9A8001CA0E16C3 ~~~~~ 'Remove "Run as Different User" from context menus' is Enabled Registry Path: HKLM:\SOFTWARE\Classes\batfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\cmdfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\exefile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\mscfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C33E359580C405646EFE732E9C9A8001CA0E16C3 ~~~~~ 'Remove "Run as Different User" from context menus' is Enabled Registry Path: HKLM:\SOFTWARE\Classes\batfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\cmdfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\exefile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Registry Path: HKLM:\SOFTWARE\Classes\mscfile\shell\runasuser Value Name: SuppressionPolicy Value: 0x00001000 (4096) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry values do not exist or are not configured as specified, this is a finding. The policy configures the same Value Name, Type and Value under four different registry paths. Registry Hive: HKEY_LOCAL_MACHINE Registry Paths: \SOFTWARE\Classes\batfile\shell\runasuser\ \SOFTWARE\Classes\cmdfile\shell\runasuser\ \SOFTWARE\Classes\exefile\shell\runasuser\ \SOFTWARE\Classes\mscfile\shell\runasuser\ Value Name: SuppressionPolicy Type: REG_DWORD Value: 0x00001000 (4096)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> MS Security Guide >> "Remove "Run as Different User" from context menus" to "Enabled". This policy setting requires the installation of the SecGuide custom templates included with the STIG package. "SecGuide.admx" and "SecGuide.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7CFCC9E05DDAF5C85112F200991A5924DE30FA93 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7CFCC9E05DDAF5C85112F200991A5924DE30FA93 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7CFCC9E05DDAF5C85112F200991A5924DE30FA93 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7CFCC9E05DDAF5C85112F200991A5924DE30FA93 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
Windows 10 v1507 LTSB version does not include this setting; it is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Type: REG_DWORD Value: 0x00000000 (0)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Lanman Workstation >> "Enable insecure guest logons" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 393FD3F9F314EA17F6A7048A3CFA6AB4DC74E5B8 ~~~~~ 'Prohibit use of Internet Connection Sharing on your DNS domain network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections Value Name: NC_ShowSharedAccessUI Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 393FD3F9F314EA17F6A7048A3CFA6AB4DC74E5B8 ~~~~~ 'Prohibit use of Internet Connection Sharing on your DNS domain network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections Value Name: NC_ShowSharedAccessUI Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 393FD3F9F314EA17F6A7048A3CFA6AB4DC74E5B8 ~~~~~ 'Prohibit use of Internet Connection Sharing on your DNS domain network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections Value Name: NC_ShowSharedAccessUI Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 393FD3F9F314EA17F6A7048A3CFA6AB4DC74E5B8 ~~~~~ 'Prohibit use of Internet Connection Sharing on your DNS domain network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Network Connections Value Name: NC_ShowSharedAccessUI Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Network Connections\ Value Name: NC_ShowSharedAccessUI Type: REG_DWORD Value: 0x00000000 (0)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Network Connections >> "Prohibit use of Internet Connection Sharing on your DNS domain network" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F3BAF2F37A9EE096EC6D75CCB50F4F80C5A8F612 ~~~~~ 'ECC Curve Order' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002 Value Name: EccCurves Value: NistP384 NistP256 Type: REG_MULTI_SZ Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F3BAF2F37A9EE096EC6D75CCB50F4F80C5A8F612 ~~~~~ 'ECC Curve Order' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002 Value Name: EccCurves Value: NistP384 NistP256 Type: REG_MULTI_SZ Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F3BAF2F37A9EE096EC6D75CCB50F4F80C5A8F612 ~~~~~ 'ECC Curve Order' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002 Value Name: EccCurves Value: NistP384 NistP256 Type: REG_MULTI_SZ Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F3BAF2F37A9EE096EC6D75CCB50F4F80C5A8F612 ~~~~~ 'ECC Curve Order' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002 Value Name: EccCurves Value: NistP384 NistP256 Type: REG_MULTI_SZ Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002\ Value Name: EccCurves Value Type: REG_MULTI_SZ Value: NistP384 NistP256
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> SSL Configuration Settings >> "ECC Curve Order" to "Enabled" with "ECC Curve Order:" including the following in the order listed: NistP384 NistP256
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 82B38F374F25481E13FFA8A129DCB132F5069F24 ~~~~~ 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fMinimizeConnections (Not found) Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 82B38F374F25481E13FFA8A129DCB132F5069F24 ~~~~~ 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fMinimizeConnections (Not found) Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82B38F374F25481E13FFA8A129DCB132F5069F24 ~~~~~ 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fMinimizeConnections (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82B38F374F25481E13FFA8A129DCB132F5069F24 ~~~~~ 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fMinimizeConnections (Not found) Comments |
|||||
Check Text
The default behavior for "Minimize the number of simultaneous connections to the Internet or a Windows Domain" is "Enabled". If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "3", this is not a finding. If it exists and is configured with a value of "0", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy\ Value Name: fMinimizeConnections Value Type: REG_DWORD Value: 3 (or if the Value Name does not exist)
Fix Text
The default behavior for "Minimize the number of simultaneous connections to the Internet or a Windows Domain" is "Enabled". If this must be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Windows Connection Manager >> "Minimize the number of simultaneous connections to the Internet or a Windows Domain" to "Enabled". Under "Options", set "Minimize Policy Options" to "3 = Prevent Wi-Fi When on Ethernet".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 429F4252FB8F6699C02681359AE6B1750873B4FF ~~~~~ 'Prohibit connection to non-domain networks when connected to domain authenticated network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fBlockNonDomain Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 429F4252FB8F6699C02681359AE6B1750873B4FF ~~~~~ 'Prohibit connection to non-domain networks when connected to domain authenticated network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fBlockNonDomain Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 429F4252FB8F6699C02681359AE6B1750873B4FF ~~~~~ 'Prohibit connection to non-domain networks when connected to domain authenticated network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fBlockNonDomain Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 429F4252FB8F6699C02681359AE6B1750873B4FF ~~~~~ 'Prohibit connection to non-domain networks when connected to domain authenticated network' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy Value Name: fBlockNonDomain Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy\ Value Name: fBlockNonDomain Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Windows Connection Manager >> "Prohibit connection to non-domain networks when connected to domain authenticated network" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: E6502904487C2D388E0134DE9AA5D3378AFB5240 ~~~~~ Windows 10 version is 2009 so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: E6502904487C2D388E0134DE9AA5D3378AFB5240 ~~~~~ Windows 10 version is 2009 so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: E6502904487C2D388E0134DE9AA5D3378AFB5240 ~~~~~ Windows 10 version is 2009 so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: E6502904487C2D388E0134DE9AA5D3378AFB5240 ~~~~~ Windows 10 version is 2009 so this requirement is NA. Comments |
|||||
Check Text
This is NA as of v1803 of Windows 10; Wi-Fi sense is no longer available. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\config\ Value Name: AutoConnectAllowedOEM Type: REG_DWORD Value: 0x00000000 (0)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> WLAN Service >> WLAN Settings>> "Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services" to "Disabled". v1507 LTSB does not include this group policy setting. It may be configured through other means such as using group policy from a later version of Windows 10 or a registry update.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: ADD2B1D96AA135BF2C7628C54E9A984DAF42B0E4 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: ADD2B1D96AA135BF2C7628C54E9A984DAF42B0E4 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: ADD2B1D96AA135BF2C7628C54E9A984DAF42B0E4 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: ADD2B1D96AA135BF2C7628C54E9A984DAF42B0E4 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Audit Process Creation >> "Include command line in process creation events" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 0AAE7791EBA4A06C080DFA9A8C60FF5A7E272667 ~~~~~ 'Remote host allows delegation of non-exportable credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation Value Name: AllowProtectedCreds Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 0AAE7791EBA4A06C080DFA9A8C60FF5A7E272667 ~~~~~ 'Remote host allows delegation of non-exportable credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation Value Name: AllowProtectedCreds Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0AAE7791EBA4A06C080DFA9A8C60FF5A7E272667 ~~~~~ 'Remote host allows delegation of non-exportable credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation Value Name: AllowProtectedCreds Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0AAE7791EBA4A06C080DFA9A8C60FF5A7E272667 ~~~~~ 'Remote host allows delegation of non-exportable credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation Value Name: AllowProtectedCreds Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
This is NA for Windows 10 LTSC\B versions 1507 and 1607. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\ Value Name: AllowProtectedCreds Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Credentials Delegation >> "Remote host allows delegation of non-exportable credentials" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A35F1C37518BA5BE7F9CEF7DDAAE6530ED947399 ~~~~~ RequiredSecurityProperties: 1, 2 VirtualizationBasedSecurityStatus: 2 Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A35F1C37518BA5BE7F9CEF7DDAAE6530ED947399 ~~~~~ RequiredSecurityProperties: 1, 2 VirtualizationBasedSecurityStatus: 2 Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A35F1C37518BA5BE7F9CEF7DDAAE6530ED947399 ~~~~~ RequiredSecurityProperties: 1, 2 VirtualizationBasedSecurityStatus: 2 Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A35F1C37518BA5BE7F9CEF7DDAAE6530ED947399 ~~~~~ RequiredSecurityProperties: 1, 2 VirtualizationBasedSecurityStatus: 2 Comments |
|||||
Check Text
Confirm virtualization-based security (VBS) is enabled and running with Secure Boot or Secure Boot and DMA Protection. For those devices that support VBS features, including Credential Guard or protection of code integrity, this must be enabled. If the system meets the hardware and firmware dependencies for enabling VBS but it is not enabled, this is a CAT III finding. VBS, including Credential Guard, currently cannot be implemented in virtual desktop implementations (VDI) due to specific supporting requirements including a TPM, UEFI with Secure Boot, and the capability to run the Hyper-V feature within the virtual desktop. For VDIs where the virtual desktop instance is deleted or refreshed upon logoff, this is NA. Run "PowerShell" with elevated privileges (run as administrator). Enter the following: "Get-CimInstance -ClassName Win32_DeviceGuard -Namespace root\Microsoft\Windows\DeviceGuard" If "RequiredSecurityProperties" does not include a value of "2" indicating "Secure Boot" (e.g., "{1, 2}"), this is a finding. If "Secure Boot and DMA Protection" is configured, "3" will also be displayed in the results (e.g., "{1, 2, 3}"). If "VirtualizationBasedSecurityStatus" is not a value of "2" indicating "Running", this is a finding. Alternately: Run "System Information". Under "System Summary", verify the following: If "Device Guard Virtualization based security" does not display "Running", this is finding. If "Device Guard Required Security Properties" does not display "Base Virtualization Support, Secure Boot", this is finding. If "Secure Boot and DMA Protection" is configured, "DMA Protection" will also be displayed (e.g., "Base Virtualization Support, Secure Boot, DMA Protection"). The policy settings referenced in the Fix section will configure the following registry values. However, due to hardware requirements, the registry values alone do not ensure proper function. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\ Value Name: EnableVirtualizationBasedSecurity Value Type: REG_DWORD Value: 1 Value Name: RequirePlatformSecurityFeatures Value Type: REG_DWORD Value: 1 (Secure Boot only) or 3 (Secure Boot and DMA Protection) A Microsoft article on Credential Guard system requirements can be found at the following link: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/credential-guard-requirements
Fix Text
VBS, including Credential Guard, currently cannot be implemented in virtual desktop implementations (VDI) due to specific supporting requirements including a TPM, UEFI with Secure Boot, and the capability to run the Hyper-V feature within the virtual desktop. For VDIs where the virtual desktop instance is deleted or refreshed upon logoff, this is NA. Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Device Guard >> "Turn On Virtualization Based Security" to "Enabled" with "Secure Boot" or "Secure Boot and DMA Protection" selected for "Select Platform Security Level:". A Microsoft article on Credential Guard system requirements can be found at the following link: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/credential-guard-requirements
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 009983E38051D68CB7767AAF4C319EF951391443 ~~~~~ 'Boot-Start Driver Initialization Policy' is Enabled: (Good, unknown and bad but critical) Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch Value Name: DriverLoadPolicy Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 009983E38051D68CB7767AAF4C319EF951391443 ~~~~~ 'Boot-Start Driver Initialization Policy' is Enabled: (Good, unknown and bad but critical) Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch Value Name: DriverLoadPolicy Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 009983E38051D68CB7767AAF4C319EF951391443 ~~~~~ 'Boot-Start Driver Initialization Policy' is Enabled: (Good, unknown and bad but critical) Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch Value Name: DriverLoadPolicy Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 009983E38051D68CB7767AAF4C319EF951391443 ~~~~~ 'Boot-Start Driver Initialization Policy' is Enabled: (Good, unknown and bad but critical) Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch Value Name: DriverLoadPolicy Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
Check Text
The default behavior is for Early Launch Antimalware - Boot-Start Driver Initialization policy is to enforce "Good, unknown and bad but critical" (preventing "bad"). If the registry value name below does not exist, this a finding. If it exists and is configured with a value of "7", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy Value Type: REG_DWORD Value: 1, 3, or 8 Possible values for this setting are: 8 - Good only 1 - Good and unknown 3 - Good, unknown and bad but critical 7 - All (which includes "Bad" and would be a finding)
Fix Text
Ensure that Early Launch Antimalware - Boot-Start Driver Initialization policy is set to enforce "Good, unknown and bad but critical" (preventing "bad"). If this needs to be corrected configure the policy value for Computer Configuration >> Administrative Templates >> System >> Early Launch Antimalware >> "Boot-Start Driver Initialization Policy" to "Enabled” with "Good, unknown and bad but critical" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7557CBE1D798DD9C24316EE90023C69521D61C2D ~~~~~ 'Configure registry policy processing' is Enabled: (Process even if the Group Policy objects have not changed) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2} Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7557CBE1D798DD9C24316EE90023C69521D61C2D ~~~~~ 'Configure registry policy processing' is Enabled: (Process even if the Group Policy objects have not changed) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2} Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7557CBE1D798DD9C24316EE90023C69521D61C2D ~~~~~ 'Configure registry policy processing' is Enabled: (Process even if the Group Policy objects have not changed) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2} Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7557CBE1D798DD9C24316EE90023C69521D61C2D ~~~~~ 'Configure registry policy processing' is Enabled: (Process even if the Group Policy objects have not changed) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2} Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2} Value Name: NoGPOListChanges Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Group Policy >> "Configure registry policy processing" to "Enabled" and select the option "Process even if the Group Policy objects have not changed".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: AD9A7497FE8CD47FB5AF348D0B743C308CD9D65A ~~~~~ 'Turn off downloading of print drivers over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableWebPnPDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: AD9A7497FE8CD47FB5AF348D0B743C308CD9D65A ~~~~~ 'Turn off downloading of print drivers over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableWebPnPDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: AD9A7497FE8CD47FB5AF348D0B743C308CD9D65A ~~~~~ 'Turn off downloading of print drivers over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableWebPnPDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: AD9A7497FE8CD47FB5AF348D0B743C308CD9D65A ~~~~~ 'Turn off downloading of print drivers over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableWebPnPDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Printers\ Value Name: DisableWebPnPDownload Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Internet Communication Management >> Internet Communication settings >> "Turn off downloading of print drivers over HTTP" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2F9982102A61E5443396DF8FDC770F9E2C20F549 ~~~~~ 'Turn off Internet download for Web publishing and online ordering wizards' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: NoWebServices Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2F9982102A61E5443396DF8FDC770F9E2C20F549 ~~~~~ 'Turn off Internet download for Web publishing and online ordering wizards' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: NoWebServices Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2F9982102A61E5443396DF8FDC770F9E2C20F549 ~~~~~ 'Turn off Internet download for Web publishing and online ordering wizards' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: NoWebServices Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2F9982102A61E5443396DF8FDC770F9E2C20F549 ~~~~~ 'Turn off Internet download for Web publishing and online ordering wizards' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: NoWebServices Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ Value Name: NoWebServices Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Internet Communication Management >> Internet Communication settings >> "Turn off Internet download for Web publishing and online ordering wizards" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7780591C5B701047DBD161609A91B8C491C97280 ~~~~~ 'Turn off printing over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableHTTPPrinting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7780591C5B701047DBD161609A91B8C491C97280 ~~~~~ 'Turn off printing over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableHTTPPrinting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7780591C5B701047DBD161609A91B8C491C97280 ~~~~~ 'Turn off printing over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableHTTPPrinting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7780591C5B701047DBD161609A91B8C491C97280 ~~~~~ 'Turn off printing over HTTP' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers Value Name: DisableHTTPPrinting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Printers\ Value Name: DisableHTTPPrinting Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Internet Communication Management >> Internet Communication settings >> "Turn off printing over HTTP" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: AE3557015A08DB12E5597F43A4E5F8B4B58E08CE ~~~~~ 'Support device authentication using certificate' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: DevicePKInitEnabled (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: AE3557015A08DB12E5597F43A4E5F8B4B58E08CE ~~~~~ 'Support device authentication using certificate' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: DevicePKInitEnabled (Not found) Comments |
|||||
Check Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. The default behavior for "Support device authentication using certificate" is "Automatic". If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "1", this is not a finding. If it exists and is configured with a value of "0", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: DevicePKInitEnabled Value Type: REG_DWORD Value: 1 (or if the Value Name does not exist)
Fix Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. The default behavior for "Support device authentication using certificate" is "Automatic". If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> System >> Kerberos >> "Support device authentication using certificate" to "Not Configured or "Enabled" with either option selected in "Device authentication behavior using certificate:".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C63F5407FB05305B58DC58070EE19D102A8982C0 ~~~~~ 'Do not display network selection UI' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: DontDisplayNetworkSelectionUI Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C63F5407FB05305B58DC58070EE19D102A8982C0 ~~~~~ 'Do not display network selection UI' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: DontDisplayNetworkSelectionUI Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C63F5407FB05305B58DC58070EE19D102A8982C0 ~~~~~ 'Do not display network selection UI' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: DontDisplayNetworkSelectionUI Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C63F5407FB05305B58DC58070EE19D102A8982C0 ~~~~~ 'Do not display network selection UI' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: DontDisplayNetworkSelectionUI Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\System\ Value Name: DontDisplayNetworkSelectionUI Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Logon >> "Do not display network selection UI" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D31C60634D3CC16614EA5BDDF62BF323B5B9A25C ~~~~~ 'Enumerate local users on domain-joined computers' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: EnumerateLocalUsers Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D31C60634D3CC16614EA5BDDF62BF323B5B9A25C ~~~~~ 'Enumerate local users on domain-joined computers' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: EnumerateLocalUsers Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\System\ Value Name: EnumerateLocalUsers Value Type: REG_DWORD Value: 0
Fix Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Logon >> "Enumerate local users on domain-joined computers" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: DEF4995148E29A1A9D587055844AEAA407FD7234 ~~~~~ 'Require a password when a computer wakes (on battery)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: DCSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: DEF4995148E29A1A9D587055844AEAA407FD7234 ~~~~~ 'Require a password when a computer wakes (on battery)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: DCSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DEF4995148E29A1A9D587055844AEAA407FD7234 ~~~~~ 'Require a password when a computer wakes (on battery)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: DCSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DEF4995148E29A1A9D587055844AEAA407FD7234 ~~~~~ 'Require a password when a computer wakes (on battery)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: DCSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51\ Value Name: DCSettingIndex Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Power Management >> Sleep Settings >> "Require a password when a computer wakes (on battery)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BFA345F26AABB27839EE8AFC87597A3DDBD162E5 ~~~~~ 'Require a password when a computer wakes (plugged in)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: ACSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BFA345F26AABB27839EE8AFC87597A3DDBD162E5 ~~~~~ 'Require a password when a computer wakes (plugged in)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: ACSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BFA345F26AABB27839EE8AFC87597A3DDBD162E5 ~~~~~ 'Require a password when a computer wakes (plugged in)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: ACSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BFA345F26AABB27839EE8AFC87597A3DDBD162E5 ~~~~~ 'Require a password when a computer wakes (plugged in)' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51 Value Name: ACSettingIndex Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51\ Value Name: ACSettingIndex Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Power Management >> Sleep Settings >> "Require a password when a computer wakes (plugged in)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 40E3D085D5C4B8BECD35CFE7A6BA8C4D346FDA19 ~~~~~ 'Restrict Unauthenticated RPC clients' is Enabled: (Authenticated) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Rpc Value Name: RestrictRemoteClients Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 40E3D085D5C4B8BECD35CFE7A6BA8C4D346FDA19 ~~~~~ 'Restrict Unauthenticated RPC clients' is Enabled: (Authenticated) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Rpc Value Name: RestrictRemoteClients Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 40E3D085D5C4B8BECD35CFE7A6BA8C4D346FDA19 ~~~~~ 'Restrict Unauthenticated RPC clients' is Enabled: (Authenticated) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Rpc Value Name: RestrictRemoteClients Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 40E3D085D5C4B8BECD35CFE7A6BA8C4D346FDA19 ~~~~~ 'Restrict Unauthenticated RPC clients' is Enabled: (Authenticated) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Rpc Value Name: RestrictRemoteClients Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Rpc\ Value Name: RestrictRemoteClients Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Remote Procedure Call >> "Restrict Unauthenticated RPC clients" to "Enabled" and "Authenticated".