| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CFC843CAA9D6038AF5D5852099DD6A1BB493ED43 ~~~~~ 'Use enhanced anti-spoofing when available' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures Value Name: EnhancedAntiSpoofing Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CFC843CAA9D6038AF5D5852099DD6A1BB493ED43 ~~~~~ 'Use enhanced anti-spoofing when available' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures Value Name: EnhancedAntiSpoofing Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CFC843CAA9D6038AF5D5852099DD6A1BB493ED43 ~~~~~ 'Use enhanced anti-spoofing when available' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures Value Name: EnhancedAntiSpoofing Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CFC843CAA9D6038AF5D5852099DD6A1BB493ED43 ~~~~~ 'Use enhanced anti-spoofing when available' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures Value Name: EnhancedAntiSpoofing Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
Windows 10 v1507 LTSB version does not include this setting; it is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures\ Value Name: EnhancedAntiSpoofing Value Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Biometrics >> Facial Features >> "Configure enhanced anti-spoofing" to "Enabled". v1607: The policy name is "Use enhanced anti-spoofing when available".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7E4F6B9D764BEC43054FB933A76FD46CEFEA5B6C ~~~~~ 'Enumerate administrator accounts on elevation' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI Value Name: EnumerateAdministrators Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7E4F6B9D764BEC43054FB933A76FD46CEFEA5B6C ~~~~~ 'Enumerate administrator accounts on elevation' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI Value Name: EnumerateAdministrators Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7E4F6B9D764BEC43054FB933A76FD46CEFEA5B6C ~~~~~ 'Enumerate administrator accounts on elevation' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI Value Name: EnumerateAdministrators Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7E4F6B9D764BEC43054FB933A76FD46CEFEA5B6C ~~~~~ 'Enumerate administrator accounts on elevation' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI Value Name: EnumerateAdministrators Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI\ Value Name: EnumerateAdministrators Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Credential User Interface >> "Enumerate administrator accounts on elevation" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 675DF5D96893954A753326C4A1C2DE41A7320803 ~~~~~ 'Limit Enhanced diagnostic data to the minimum required by Windows Analytics' is Enabled: (Enable Windows Analytics collection) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: LimitEnhancedDiagnosticDataWindowsAnalytics Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 675DF5D96893954A753326C4A1C2DE41A7320803 ~~~~~ 'Limit Enhanced diagnostic data to the minimum required by Windows Analytics' is Enabled: (Enable Windows Analytics collection) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: LimitEnhancedDiagnosticDataWindowsAnalytics Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 675DF5D96893954A753326C4A1C2DE41A7320803 ~~~~~ 'Limit Enhanced diagnostic data to the minimum required by Windows Analytics' is Enabled: (Enable Windows Analytics collection) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: LimitEnhancedDiagnosticDataWindowsAnalytics Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 675DF5D96893954A753326C4A1C2DE41A7320803 ~~~~~ 'Limit Enhanced diagnostic data to the minimum required by Windows Analytics' is Enabled: (Enable Windows Analytics collection) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: LimitEnhancedDiagnosticDataWindowsAnalytics Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
This setting requires v1709 or later of Windows 10; it is NA for prior versions. If "Enhanced" level is enabled for telemetry, this must be configured. If "Security" or "Basic" are configured, this is NA. (See V-220834). If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\DataCollection\ Value Name: LimitEnhancedDiagnosticDataWindowsAnalytics Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Data Collection and Preview Builds >> "Limit Enhanced diagnostic data to the minimum required by Windows Analytics" to "Enabled" with "Enable Windows Analytics collection" selected in "Options:".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 14B9FBD5EC0F50908A19F2904EB7A05C25CC872E ~~~~~ 'Allow Telemetry' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: AllowTelemetry Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 14B9FBD5EC0F50908A19F2904EB7A05C25CC872E ~~~~~ 'Allow Telemetry' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: AllowTelemetry Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 14B9FBD5EC0F50908A19F2904EB7A05C25CC872E ~~~~~ 'Allow Telemetry' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: AllowTelemetry Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 14B9FBD5EC0F50908A19F2904EB7A05C25CC872E ~~~~~ 'Allow Telemetry' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection Value Name: AllowTelemetry Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\DataCollection\ Value Name: AllowTelemetry Type: REG_DWORD Value: 0x00000000 (0) (Security) 0x00000001 (1) (Basic) If an organization is using v1709 or later of Windows 10, this may be configured to "Enhanced" to support Windows Analytics. V-220833 must also be configured to limit the Enhanced diagnostic data to the minimum required by Windows Analytics. This registry value will then be 0x00000002 (2).
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Data Collection and Preview Builds >> "Allow Telemetry" to "Enabled" with "0 - Security [Enterprise Only]" or "1 - Basic" selected in "Options:". If an organization is using v1709 or later of Windows 10, this may be configured to "2 - Enhanced" to support Windows Analytics. V-220833 must also be configured to limit the Enhanced diagnostic data to the minimum required by Windows Analytics.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4A63DDC6B914A33381BF478DA8F617983D075AE8 ~~~~~ 'Turn off Data Execution Prevention for Explorer' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer Value Name: NoDataExecutionPrevention (Not found) Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4A63DDC6B914A33381BF478DA8F617983D075AE8 ~~~~~ 'Turn off Data Execution Prevention for Explorer' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer Value Name: NoDataExecutionPrevention (Not found) Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4A63DDC6B914A33381BF478DA8F617983D075AE8 ~~~~~ 'Turn off Data Execution Prevention for Explorer' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer Value Name: NoDataExecutionPrevention (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4A63DDC6B914A33381BF478DA8F617983D075AE8 ~~~~~ 'Turn off Data Execution Prevention for Explorer' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer Value Name: NoDataExecutionPrevention (Not found) Comments |
|||||
Check Text
The default behavior is for data execution prevention to be turned on for file explorer. If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "0", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Explorer\ Value Name: NoDataExecutionPrevention Value Type: REG_DWORD Value: 0 (or if the Value Name does not exist)
Fix Text
The default behavior is for data execution prevention to be turned on for file explorer. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> File Explorer >> "Turn off Data Execution Prevention for Explorer" to "Not Configured" or "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 980FF0DC97726ACDDD026BE76CF4FA439D23F0E8 ~~~~~ 'Turn off shell protocol protected mode' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: PreXPSP2ShellProtocolBehavior (Not found) Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 980FF0DC97726ACDDD026BE76CF4FA439D23F0E8 ~~~~~ 'Turn off shell protocol protected mode' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: PreXPSP2ShellProtocolBehavior (Not found) Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 980FF0DC97726ACDDD026BE76CF4FA439D23F0E8 ~~~~~ 'Turn off shell protocol protected mode' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: PreXPSP2ShellProtocolBehavior (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 980FF0DC97726ACDDD026BE76CF4FA439D23F0E8 ~~~~~ 'Turn off shell protocol protected mode' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer Value Name: PreXPSP2ShellProtocolBehavior (Not found) Comments |
|||||
Check Text
The default behavior is for shell protected mode to be turned on for file explorer. If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "0", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ Value Name: PreXPSP2ShellProtocolBehavior Value Type: REG_DWORD Value: 0 (or if the Value Name does not exist)
Fix Text
The default behavior is for shell protected mode to be turned on for file explorer. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> File Explorer >> "Turn off shell protocol protected mode" to "Not Configured" or "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
Check Text
This is applicable to unclassified systems, for other systems this is NA. Windows 10 LTSC\B versions do not include Microsoft Edge, this is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter\ Value Name: PreventOverride Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Edge >> "Prevent bypassing Windows Defender SmartScreen prompts for sites" to "Enabled". Windows 10 includes duplicate policies for this setting. It can also be configured under Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender SmartScreen >> Microsoft Edge.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
Check Text
This is applicable to unclassified systems, for other systems this is NA. Windows 10 LTSC\B versions do not include Microsoft Edge, this is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter\ Value Name: PreventOverrideAppRepUnknown Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Edge >> "Prevent bypassing Windows Defender SmartScreen prompts for files" to "Enabled". Windows 10 includes duplicate policies for this setting. It can also be configured under Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender SmartScreen >> Microsoft Edge.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
Check Text
This setting is applicable starting with v1809 of Windows 10; it is NA for prior versions. Windows 10 LTSC\B versions do not include Microsoft Edge; this is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\MicrosoftEdge\Internet Settings\ Value Name: PreventCertErrorOverrides Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Edge >> "Prevent certificate error overrides" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
Check Text
Windows 10 LTSC\B versions do not include Microsoft Edge, this is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main\ Value Name: FormSuggest Passwords Type: REG_SZ Value: no
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Edge >> "Configure Password Manager" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: B25A1A2ECA2675D310A41F0056F41DBFCEAB243E ~~~~~ Operating system is 'Windows 10 Enterprise LTSC 2021' so this requirement is NA. Comments |
|||||
Check Text
This is applicable to unclassified systems, for other systems this is NA. Windows 10 LTSC\B versions do not include Microsoft Edge, this is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter\ Value Name: EnabledV9 Type: REG_DWORD Value: 0x00000001 (1)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Edge >> "Configure Windows Defender SmartScreen" to "Enabled". Windows 10 includes duplicate policies for this setting. It can also be configured under Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender SmartScreen >> Microsoft Edge.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 91E44EA4952901ECB9C71FC575E75862091DAFD1 ~~~~~ 'Enables or disables Windows Game Recording and Broadcasting' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\GameDVR Value Name: AllowGameDVR Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 91E44EA4952901ECB9C71FC575E75862091DAFD1 ~~~~~ 'Enables or disables Windows Game Recording and Broadcasting' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\GameDVR Value Name: AllowGameDVR Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 91E44EA4952901ECB9C71FC575E75862091DAFD1 ~~~~~ 'Enables or disables Windows Game Recording and Broadcasting' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\GameDVR Value Name: AllowGameDVR Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 91E44EA4952901ECB9C71FC575E75862091DAFD1 ~~~~~ 'Enables or disables Windows Game Recording and Broadcasting' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\GameDVR Value Name: AllowGameDVR Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
This is NA for Windows 10 LTSC\B versions 1507 and 1607. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\GameDVR\ Value Name: AllowGameDVR Type: REG_DWORD Value: 0x00000000 (0)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Game Recording and Broadcasting >> "Enables or disables Windows Game Recording and Broadcasting" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CEF5A54871AEE440F7A1BEB6AD066676E445A4E ~~~~~ 'Use a hardware security device' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork Value Name: RequireSecurityDevice Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CEF5A54871AEE440F7A1BEB6AD066676E445A4E ~~~~~ 'Use a hardware security device' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork Value Name: RequireSecurityDevice Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CEF5A54871AEE440F7A1BEB6AD066676E445A4E ~~~~~ 'Use a hardware security device' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork Value Name: RequireSecurityDevice Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CEF5A54871AEE440F7A1BEB6AD066676E445A4E ~~~~~ 'Use a hardware security device' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork Value Name: RequireSecurityDevice Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
Virtual desktop implementations currently may not support the use of TPMs. For virtual desktop implementations where the virtual desktop instance is deleted or refreshed upon logoff, this is NA. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\PassportForWork\ Value Name: RequireSecurityDevice Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Hello for Business >> "Use a hardware security device" to "Enabled". v1507 LTSB: The policy path is Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Passport for Work.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FC6B1CECC3CFAF4C5174B34463A8237556972DF3 ~~~~~ 'Minimum PIN length' is Enabled: (6 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity Value Name: MinimumPINLength Value: 0x00000006 (6) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FC6B1CECC3CFAF4C5174B34463A8237556972DF3 ~~~~~ 'Minimum PIN length' is Enabled: (6 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity Value Name: MinimumPINLength Value: 0x00000006 (6) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FC6B1CECC3CFAF4C5174B34463A8237556972DF3 ~~~~~ 'Minimum PIN length' is Enabled: (6 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity Value Name: MinimumPINLength Value: 0x00000006 (6) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FC6B1CECC3CFAF4C5174B34463A8237556972DF3 ~~~~~ 'Minimum PIN length' is Enabled: (6 or greater) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity Value Name: MinimumPINLength Value: 0x00000006 (6) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\PassportForWork\PINComplexity\ Value Name: MinimumPINLength Type: REG_DWORD Value: 6 (or greater)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> PIN Complexity >> "Minimum PIN length" to "6" or greater. v1607 LTSB: The policy path is Computer Configuration >> Administrative Templates >> Windows Components >> Windows Hello for Business >> Pin Complexity. v1507 LTSB: The policy path is Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Passport for Work >> Pin Complexity.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 338BC62939ABE731004ECB8DB57D03CF7B6B5B2E ~~~~~ 'Do not allow passwords to be saved' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: DisablePasswordSaving Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 338BC62939ABE731004ECB8DB57D03CF7B6B5B2E ~~~~~ 'Do not allow passwords to be saved' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: DisablePasswordSaving Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 338BC62939ABE731004ECB8DB57D03CF7B6B5B2E ~~~~~ 'Do not allow passwords to be saved' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: DisablePasswordSaving Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 338BC62939ABE731004ECB8DB57D03CF7B6B5B2E ~~~~~ 'Do not allow passwords to be saved' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: DisablePasswordSaving Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\ Value Name: DisablePasswordSaving Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Remote Desktop Services >> Remote Desktop Connection Client >> "Do not allow passwords to be saved" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 649B63305BF44C135717D4368AF832D0654318E8 ~~~~~ 'Do not allow drive redirection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fDisableCdm Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 649B63305BF44C135717D4368AF832D0654318E8 ~~~~~ 'Do not allow drive redirection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fDisableCdm Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 649B63305BF44C135717D4368AF832D0654318E8 ~~~~~ 'Do not allow drive redirection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fDisableCdm Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 649B63305BF44C135717D4368AF832D0654318E8 ~~~~~ 'Do not allow drive redirection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fDisableCdm Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\ Value Name: fDisableCdm Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Remote Desktop Services >> Remote Desktop Session Host >> Device and Resource Redirection >> "Do not allow drive redirection" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 9543721DB11F02494E7ED66C64CBD374894522C8 ~~~~~ 'Always prompt for password upon connection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fPromptForPassword Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 9543721DB11F02494E7ED66C64CBD374894522C8 ~~~~~ 'Always prompt for password upon connection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fPromptForPassword Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9543721DB11F02494E7ED66C64CBD374894522C8 ~~~~~ 'Always prompt for password upon connection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fPromptForPassword Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9543721DB11F02494E7ED66C64CBD374894522C8 ~~~~~ 'Always prompt for password upon connection' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fPromptForPassword Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\ Value Name: fPromptForPassword Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Remote Desktop Services >> Remote Desktop Session Host >> Security >> "Always prompt for password upon connection" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 08943A2B448533281BEE2C1020DD339D9FE588C1 ~~~~~ 'Require secure RPC communication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fEncryptRPCTraffic Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 08943A2B448533281BEE2C1020DD339D9FE588C1 ~~~~~ 'Require secure RPC communication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fEncryptRPCTraffic Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 08943A2B448533281BEE2C1020DD339D9FE588C1 ~~~~~ 'Require secure RPC communication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fEncryptRPCTraffic Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 08943A2B448533281BEE2C1020DD339D9FE588C1 ~~~~~ 'Require secure RPC communication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: fEncryptRPCTraffic Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\ Value Name: fEncryptRPCTraffic Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Remote Desktop Services >> Remote Desktop Session Host >> Security "Require secure RPC communication" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 0C53D2EC2EA676A44E2B9D7BD6678B35A9150095 ~~~~~ 'Set client connection encryption level' is Enabled: (High Level) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: MinEncryptionLevel Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 0C53D2EC2EA676A44E2B9D7BD6678B35A9150095 ~~~~~ 'Set client connection encryption level' is Enabled: (High Level) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: MinEncryptionLevel Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0C53D2EC2EA676A44E2B9D7BD6678B35A9150095 ~~~~~ 'Set client connection encryption level' is Enabled: (High Level) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: MinEncryptionLevel Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0C53D2EC2EA676A44E2B9D7BD6678B35A9150095 ~~~~~ 'Set client connection encryption level' is Enabled: (High Level) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services Value Name: MinEncryptionLevel Value: 0x00000003 (3) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\ Value Name: MinEncryptionLevel Value Type: REG_DWORD Value: 3
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Remote Desktop Services >> Remote Desktop Session Host >> Security >> "Set client connection encryption level" to "Enabled" and "High Level".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 3F4C76E881CBB1C19B94AB2CA617139F68420F8A ~~~~~ 'Prevent downloading of enclosures' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: DisableEnclosureDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 3F4C76E881CBB1C19B94AB2CA617139F68420F8A ~~~~~ 'Prevent downloading of enclosures' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: DisableEnclosureDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3F4C76E881CBB1C19B94AB2CA617139F68420F8A ~~~~~ 'Prevent downloading of enclosures' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: DisableEnclosureDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3F4C76E881CBB1C19B94AB2CA617139F68420F8A ~~~~~ 'Prevent downloading of enclosures' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: DisableEnclosureDownload Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds\ Value Name: DisableEnclosureDownload Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> RSS Feeds >> "Prevent downloading of enclosures" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 28C293E474B6B66AEE08C24C00A3F7E5499C0F18 ~~~~~ 'Turn on Basic feed authentication over HTTP' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: AllowBasicAuthInClear (Not found) Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 28C293E474B6B66AEE08C24C00A3F7E5499C0F18 ~~~~~ 'Turn on Basic feed authentication over HTTP' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: AllowBasicAuthInClear (Not found) Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 28C293E474B6B66AEE08C24C00A3F7E5499C0F18 ~~~~~ 'Turn on Basic feed authentication over HTTP' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: AllowBasicAuthInClear (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 28C293E474B6B66AEE08C24C00A3F7E5499C0F18 ~~~~~ 'Turn on Basic feed authentication over HTTP' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds Value Name: AllowBasicAuthInClear (Not found) Comments |
|||||
Check Text
The default behavior is for the Windows RSS platform to not use Basic authentication over HTTP connections. If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "0", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds\ Value Name: AllowBasicAuthInClear Value Type: REG_DWORD Value: 0 (or if the Value Name does not exist)
Fix Text
The default behavior is for the Windows RSS platform to not use Basic authentication over HTTP connections. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> RSS Feeds >> "Turn on Basic feed authentication over HTTP" to "Not Configured" or "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 176D0A2485AF508887C839ACDF2F4D36A9659917 ~~~~~ 'Allow indexing of encrypted files' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search Value Name: AllowIndexingEncryptedStoresOrItems Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 176D0A2485AF508887C839ACDF2F4D36A9659917 ~~~~~ 'Allow indexing of encrypted files' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search Value Name: AllowIndexingEncryptedStoresOrItems Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 176D0A2485AF508887C839ACDF2F4D36A9659917 ~~~~~ 'Allow indexing of encrypted files' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search Value Name: AllowIndexingEncryptedStoresOrItems Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 176D0A2485AF508887C839ACDF2F4D36A9659917 ~~~~~ 'Allow indexing of encrypted files' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search Value Name: AllowIndexingEncryptedStoresOrItems Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Windows Search\ Value Name: AllowIndexingEncryptedStoresOrItems Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Search >> "Allow indexing of encrypted files" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 591988E36B44158A6B5FD47B3E0A4AAA5E959EBC ~~~~~ 'Allow user control over installs' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: EnableUserControl Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 591988E36B44158A6B5FD47B3E0A4AAA5E959EBC ~~~~~ 'Allow user control over installs' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: EnableUserControl Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 591988E36B44158A6B5FD47B3E0A4AAA5E959EBC ~~~~~ 'Allow user control over installs' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: EnableUserControl Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 591988E36B44158A6B5FD47B3E0A4AAA5E959EBC ~~~~~ 'Allow user control over installs' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: EnableUserControl Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Installer\ Value Name: EnableUserControl Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Installer >> "Allow user control over installs" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 25956B5D4AA9F192272A0F7496A999EC40253412 ~~~~~ 'Prevent Internet Explorer security prompt for Windows Installer scripts' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: SafeForScripting (Not found) Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 25956B5D4AA9F192272A0F7496A999EC40253412 ~~~~~ 'Prevent Internet Explorer security prompt for Windows Installer scripts' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: SafeForScripting (Not found) Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 25956B5D4AA9F192272A0F7496A999EC40253412 ~~~~~ 'Prevent Internet Explorer security prompt for Windows Installer scripts' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: SafeForScripting (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 25956B5D4AA9F192272A0F7496A999EC40253412 ~~~~~ 'Prevent Internet Explorer security prompt for Windows Installer scripts' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer Value Name: SafeForScripting (Not found) Comments |
|||||
Check Text
The default behavior is for Internet Explorer to warn users and select whether to allow or refuse installation when a web-based program attempts to install software on the system. If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "0", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Installer\ Value Name: SafeForScripting Value Type: REG_DWORD Value: 0 (or if the Value Name does not exist)
Fix Text
The default behavior is for Internet Explorer to warn users and select whether to allow or refuse installation when a web-based program attempts to install software on the system. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Installer >> "Prevent Internet Explorer security prompt for Windows Installer scripts" to "Not Configured" or "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 465601DA377FEF10B547A2FE7BE36790D6AFAEF4 ~~~~~ 'Sign-in last interactive user automatically after a system-initiated restart' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: DisableAutomaticRestartSignOn Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 465601DA377FEF10B547A2FE7BE36790D6AFAEF4 ~~~~~ 'Sign-in last interactive user automatically after a system-initiated restart' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: DisableAutomaticRestartSignOn Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 465601DA377FEF10B547A2FE7BE36790D6AFAEF4 ~~~~~ 'Sign-in last interactive user automatically after a system-initiated restart' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: DisableAutomaticRestartSignOn Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 465601DA377FEF10B547A2FE7BE36790D6AFAEF4 ~~~~~ 'Sign-in last interactive user automatically after a system-initiated restart' is Disabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: DisableAutomaticRestartSignOn Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: DisableAutomaticRestartSignOn Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Logon Options >> "Sign-in last interactive user automatically after a system-initiated restart" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: EB4A265C9E587BD9D606DF1E88D13CF74FE47192 ~~~~~ 'Turn on PowerShell Script Block Logging' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging Value Name: EnableScriptBlockLogging Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: EB4A265C9E587BD9D606DF1E88D13CF74FE47192 ~~~~~ 'Turn on PowerShell Script Block Logging' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging Value Name: EnableScriptBlockLogging Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: EB4A265C9E587BD9D606DF1E88D13CF74FE47192 ~~~~~ 'Turn on PowerShell Script Block Logging' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging Value Name: EnableScriptBlockLogging Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: EB4A265C9E587BD9D606DF1E88D13CF74FE47192 ~~~~~ 'Turn on PowerShell Script Block Logging' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging Value Name: EnableScriptBlockLogging Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging\ Value Name: EnableScriptBlockLogging Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows PowerShell >> "Turn on PowerShell Script Block Logging" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4A4CD99AD9B2D52A3D642DCC31C496CFF4E83E5A ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4A4CD99AD9B2D52A3D642DCC31C496CFF4E83E5A ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4A4CD99AD9B2D52A3D642DCC31C496CFF4E83E5A ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4A4CD99AD9B2D52A3D642DCC31C496CFF4E83E5A ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\WinRM\Client\ Value Name: AllowUnencryptedTraffic Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> "Allow unencrypted traffic" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4B17B5D6EF94B0E0F37FCDDEEB811EFC975C0103 ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4B17B5D6EF94B0E0F37FCDDEEB811EFC975C0103 ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4B17B5D6EF94B0E0F37FCDDEEB811EFC975C0103 ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4B17B5D6EF94B0E0F37FCDDEEB811EFC975C0103 ~~~~~ 'Allow unencrypted traffic' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: AllowUnencryptedTraffic Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\WinRM\Service\ Value Name: AllowUnencryptedTraffic Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Service >> "Allow unencrypted traffic" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1AA481372E4667D4FE24C95C9119B1D501E8D612 ~~~~~ 'Disallow WinRM from storing RunAs credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: DisableRunAs Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1AA481372E4667D4FE24C95C9119B1D501E8D612 ~~~~~ 'Disallow WinRM from storing RunAs credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: DisableRunAs Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1AA481372E4667D4FE24C95C9119B1D501E8D612 ~~~~~ 'Disallow WinRM from storing RunAs credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: DisableRunAs Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1AA481372E4667D4FE24C95C9119B1D501E8D612 ~~~~~ 'Disallow WinRM from storing RunAs credentials' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service Value Name: DisableRunAs Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\WinRM\Service\ Value Name: DisableRunAs Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Service >> "Disallow WinRM from storing RunAs credentials" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 511153A33523CC0CB3BE2DD4DD561A858B374981 ~~~~~ 'Disallow Digest authentication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowDigest Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 511153A33523CC0CB3BE2DD4DD561A858B374981 ~~~~~ 'Disallow Digest authentication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowDigest Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 511153A33523CC0CB3BE2DD4DD561A858B374981 ~~~~~ 'Disallow Digest authentication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowDigest Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 511153A33523CC0CB3BE2DD4DD561A858B374981 ~~~~~ 'Disallow Digest authentication' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client Value Name: AllowDigest Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\WinRM\Client\ Value Name: AllowDigest Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> "Disallow Digest authentication" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CD295ABCDFB51D0EE8DA52FAD5F6A33DF8038C9A ~~~~~ 'Let Windows apps activate with voice' is NOT configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: (NotFound) Value: (NotFound) Type: (NotFound) 'Let Windows apps activate with voice while the system is locked' is configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: LetAppsActivateWithVoiceAboveLock Value: 2 Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CD295ABCDFB51D0EE8DA52FAD5F6A33DF8038C9A ~~~~~ 'Let Windows apps activate with voice' is NOT configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: (NotFound) Value: (NotFound) Type: (NotFound) 'Let Windows apps activate with voice while the system is locked' is configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: LetAppsActivateWithVoiceAboveLock Value: 2 Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CD295ABCDFB51D0EE8DA52FAD5F6A33DF8038C9A ~~~~~ 'Let Windows apps activate with voice' is NOT configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: (NotFound) Value: (NotFound) Type: (NotFound) 'Let Windows apps activate with voice while the system is locked' is configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: LetAppsActivateWithVoiceAboveLock Value: 2 Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CD295ABCDFB51D0EE8DA52FAD5F6A33DF8038C9A ~~~~~ 'Let Windows apps activate with voice' is NOT configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: (NotFound) Value: (NotFound) Type: (NotFound) 'Let Windows apps activate with voice while the system is locked' is configured to 'Enabled' with 'Default for all Apps:' set to 'Force Deny'. Registry Path: HKLM:\\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy Value Name: LetAppsActivateWithVoiceAboveLock Value: 2 Type: REG_DWORD Comments |
|||||
Check Text
This setting requires v1903 or later of Windows 10; it is NA for prior versions. The setting is NA when the “Allow voice activation” policy is configured to disallow applications to be activated with voice for all users. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\AppPrivacy\ Value Name: LetAppsActivateWithVoiceAboveLock Type: REG_DWORD Value: 0x00000002 (2) If the following registry value exists and is configured as specified, requirement is NA. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\AppPrivacy\ Value Name: LetAppsActivateWithVoice Type: REG_DWORD Value: 0x00000002 (2)
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> App Privacy >> "Let Windows apps activate with voice while the system is locked" to "Enabled" with “Default for all Apps:” set to “Force Deny”. The requirement is NA if the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> App Privacy >> "Let Windows apps activate with voice" is configured to "Enabled" with “Default for all Apps:” set to “Force Deny”.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: D02062E8EFA394EFD128CC780304DBFC3EAAE719 ~~~~~ 'Turn on convenience PIN sign-in' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: AllowDomainPINLogon Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: D02062E8EFA394EFD128CC780304DBFC3EAAE719 ~~~~~ 'Turn on convenience PIN sign-in' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: AllowDomainPINLogon Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D02062E8EFA394EFD128CC780304DBFC3EAAE719 ~~~~~ 'Turn on convenience PIN sign-in' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: AllowDomainPINLogon Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D02062E8EFA394EFD128CC780304DBFC3EAAE719 ~~~~~ 'Turn on convenience PIN sign-in' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\System Value Name: AllowDomainPINLogon Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\Windows\System Value Name: AllowDomainPINLogon Value Type: REG_DWORD Value data: 0
Fix Text
Disable the convenience PIN sign-in. If this needs to be corrected configure the policy value for Computer Configuration >> Administrative Templates >> System >> Logon >> Set "Turn on convenience PIN sign-in" to "Disabled”.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 641D5B0C1E325C0255D6AC4FA357A5C980716995 ~~~~~ 'Allow Windows Ink Workspace' is Enabled: (On, but disallow access above lock) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsInkWorkspace Value Name: AllowWindowsInkWorkspace Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 641D5B0C1E325C0255D6AC4FA357A5C980716995 ~~~~~ 'Allow Windows Ink Workspace' is Enabled: (On, but disallow access above lock) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsInkWorkspace Value Name: AllowWindowsInkWorkspace Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 641D5B0C1E325C0255D6AC4FA357A5C980716995 ~~~~~ 'Allow Windows Ink Workspace' is Enabled: (On, but disallow access above lock) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsInkWorkspace Value Name: AllowWindowsInkWorkspace Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 641D5B0C1E325C0255D6AC4FA357A5C980716995 ~~~~~ 'Allow Windows Ink Workspace' is Enabled: (On, but disallow access above lock) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\WindowsInkWorkspace Value Name: AllowWindowsInkWorkspace Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\WindowsInkWorkspace Value Name: AllowWindowsInkWorkspace Value Type: REG_DWORD Value data: 1
Fix Text
Disable the convenience PIN sign-in. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Ink Workspace >> Set "Allow Windows Ink Workspace" to "Enabled” and set Options "On, but disallow access above lock".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 6F076B52FC6C5BE7DBAFCEAD9AD6E65054D1D24D ~~~~~ 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is Enabled: (Block All) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Kernel DMA Protection Value Name: DeviceEnumerationPolicy Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 6F076B52FC6C5BE7DBAFCEAD9AD6E65054D1D24D ~~~~~ 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is Enabled: (Block All) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Kernel DMA Protection Value Name: DeviceEnumerationPolicy Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6F076B52FC6C5BE7DBAFCEAD9AD6E65054D1D24D ~~~~~ 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is Enabled: (Block All) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Kernel DMA Protection Value Name: DeviceEnumerationPolicy Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6F076B52FC6C5BE7DBAFCEAD9AD6E65054D1D24D ~~~~~ 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is Enabled: (Block All) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Kernel DMA Protection Value Name: DeviceEnumerationPolicy Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
This is NA prior to v1803 of Windows 10. If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\Windows\Kernel DMA Protection Value Name: DeviceEnumerationPolicy Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Kernel DMA Protection >> "Enumeration policy for external devices incompatible with Kernel DMA Protection" to "Enabled" with "Enumeration Policy" set to "Block All".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A7C5AB66360003520409137D264A0BD7302B272F ~~~~~ Subject: CN=ECA Root CA 4, OU=ECA, O=U.S. Government, C=US Thumbprint: 73E8BB08E337D6A5A6AEF90CFFDD97D9176CB582 NotAfter: 12/30/2029 Installed: True Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A7C5AB66360003520409137D264A0BD7302B272F ~~~~~ Subject: CN=ECA Root CA 4, OU=ECA, O=U.S. Government, C=US Thumbprint: 73E8BB08E337D6A5A6AEF90CFFDD97D9176CB582 NotAfter: 12/30/2029 Installed: True Comments |
|||||
Check Text
Verify the ECA Root CA certificates are installed on unclassified systems as Trusted Root Certification Authorities. Run "PowerShell" as an administrator. Execute the following command: Get-ChildItem -Path Cert:Localmachine\root | Where Subject -Like "*ECA*" | FL Subject, Thumbprint, NotAfter If the following certificate "Subject" and "Thumbprint" information is not displayed, this is a finding. Subject: CN=ECA Root CA 4, OU=ECA, O=U.S. Government, C=US Thumbprint: 73E8BB08E337D6A5A6AEF90CFFDD97D9176CB582 NotAfter: 12/30/2029 Alternately use the Certificates MMC snap-in: Run "MMC". Select "File", "Add/Remove Snap-in". Select "Certificates", click "Add". Select "Computer account", click "Next". Select "Local computer: (the computer this console is running on)", click "Finish". Click "OK". Expand "Certificates" and navigate to "Trusted Root Certification Authorities >> Certificates". For each of the ECA Root CA certificates noted below: Right-click on the certificate and select "Open". Select the "Details" Tab. Scroll to the bottom and select "Thumbprint". If the ECA Root CA certificate below is not listed or the value for the "Thumbprint" field is not as noted, this is a finding. ECA Root CA 4 Thumbprint: 73E8BB08E337D6A5A6AEF90CFFDD97D9176CB582 Valid to: Sunday, December 30, 2029
Fix Text
Install the ECA Root CA certificate on unclassified systems. ECA Root CA 4 The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files. Certificate bundles published by the PKI can be found at https://crl.gds.disa.mil/.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A2EC40048BA7B0A9F2D0A13E537C545D4F6F79D7 ~~~~~ Subject: CN=DoD Root CA 3, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=DoD Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: 49CBE933151872E17C8EAE7F0ABA97FB610F6477 NotAfter: 11/16/2024 Installed: True Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A2EC40048BA7B0A9F2D0A13E537C545D4F6F79D7 ~~~~~ Subject: CN=DoD Root CA 3, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=DoD Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: 49CBE933151872E17C8EAE7F0ABA97FB610F6477 NotAfter: 11/16/2024 Installed: True Comments |
|||||
Check Text
Verify the DoD Interoperability cross-certificates are installed on unclassified systems as Untrusted Certificates. Run "PowerShell" as an administrator. Execute the following command: Get-ChildItem -Path Cert:Localmachine\disallowed | Where {$_.Issuer -Like "*DoD Interoperability*" -and $_.Subject -Like "*DoD*"} | FL Subject, Issuer, Thumbprint, NotAfter If the following certificate "Subject", "Issuer", and "Thumbprint" information is not displayed, this is a finding. Subject: CN=DoD Root CA 3, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=DoD Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: 49CBE933151872E17C8EAE7F0ABA97FB610F6477 NotAfter: 11/16/2024 Alternately, use the Certificates MMC snap-in: Run "MMC". Select "File", "Add/Remove Snap-in". Select "Certificates", click "Add". Select "Computer account", click "Next". Select "Local computer: (the computer this console is running on)", click "Finish". Click "OK". Expand "Certificates" and navigate to Untrusted Certificates >> Certificates. For each certificate with "DoD Root CA…" under "Issued To" and "DoD Interoperability Root CA…" under "Issued By": Right-click on the certificate and select "Open". Select the "Details" tab. Scroll to the bottom and select "Thumbprint". If the certificates below are not listed or the value for the "Thumbprint" field is not as noted, this is a finding. Issued To: DoD Root CA 3 Issued By: DoD Interoperability Root CA 2 Thumbprint: 49CBE933151872E17C8EAE7F0ABA97FB610F6477 Valid to: Wednesday, November 16, 2024
Fix Text
Install the DoD Interoperability Root CA cross-certificates on unclassified systems. Issued To - Issued By - Thumbprint DoD Root CA 3 - DoD Interoperability Root CA 2 - 49CBE933151872E17C8EAE7F0ABA97FB610F6477 The certificates can be installed using the InstallRoot tool. The tool and user guide are available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files. PKI can be found at https://crl.gds.disa.mil/.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35050B44054DB3A2BB2EF585B4198C7CAEE81E4F ~~~~~ This is not an unclassified system so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A49AC51E65251963BCF59A4603952BF695EF12C6 ~~~~~ Subject: CN=DoD Root CA 3, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=US DoD CCEB Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: 9B74964506C7ED9138070D08D5F8B969866560C8 NotAfter: 7/18/2025 Installed: True Subject: CN=DoD Root CA 6, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=US DoD CCEB Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: D471CA32F7A692CE6CBB6196BD3377FE4DBCD106 NotAfter: 7/18/2026 Installed: True Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A49AC51E65251963BCF59A4603952BF695EF12C6 ~~~~~ Subject: CN=DoD Root CA 3, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=US DoD CCEB Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: 9B74964506C7ED9138070D08D5F8B969866560C8 NotAfter: 7/18/2025 Installed: True Subject: CN=DoD Root CA 6, OU=PKI, OU=DoD, O=U.S. Government, C=US Issuer: CN=US DoD CCEB Interoperability Root CA 2, OU=PKI, OU=DoD, O=U.S. Government, C=US Thumbprint: D471CA32F7A692CE6CBB6196BD3377FE4DBCD106 NotAfter: 7/18/2026 Installed: True Comments |
|||||
Check Text
Verify the US DOD CCEB Interoperability Root CA cross-certificate is installed on unclassified systems as an Untrusted Certificate. Run "PowerShell" as an administrator. Execute the following command: Get-ChildItem -Path Cert:Localmachine\disallowed | Where Issuer -Like "*CCEB Interoperability*" | FL Subject, Issuer, Thumbprint, NotAfter If the following certificate "Subject", "Issuer", and "Thumbprint" information is not displayed, this is a finding. Subject: CN=DOD Root CA 3, OU=PKI, OU=DOD, O=U.S. Government, C=US Issuer: CN=US DOD CCEB Interoperability Root CA 2, OU=PKI, OU=DOD, O=U.S. Government, C=US Thumbprint: 9B74964506C7ED9138070D08D5F8B969866560C8 NotAfter: 7/18/2025 9:56:22 AM Alternately, use the Certificates MMC snap-in: Run "MMC". Select "File", then click "Add/Remove Snap-in". Select "Certificates", then click "Add". Select "Computer account", then click "Next". Select "Local computer: (the computer this console is running on)", then click "Finish". Click "OK". Expand "Certificates" and navigate to Untrusted Certificates >> Certificates. For each certificate with "US DOD CCEB Interoperability Root CA …" under "Issued By": Right-click on the certificate and select "Open". Select the "Details" tab. Scroll to the bottom and select "Thumbprint". If the certificate below is not listed or the value for the "Thumbprint" field is not as noted, this is a finding. Subject: CN=DOD Root CA 3, OU=PKI, OU=DOD, O=U.S. Government, C=US Issuer: CN=US DOD CCEB Interoperability Root CA 2, OU=PKI, OU=DOD, O=U.S. Government, C=US Thumbprint: 9B74964506C7ED9138070D08D5F8B969866560C8 NotAfter: 7/18/2025 9:56:22 AM Subject: CN=DOD Root CA 6, OU=PKI, OU=DOD, O=U.S. Government, C=US Issuer: CN=US DOD CCEB Interoperability Root CA 2, OU=PKI, OU=DOD, O=U.S. Government, C=US Thumbprint: D471CA32F7A692CE6CBB6196BD3377FE4DBCD106 NotAfter: 7/18/2026 9:56:22 AM
Fix Text
Install the US DOD CCEB Interoperability Root CA cross-certificate on unclassified systems. Issued To - Issued By - Thumbprint DOD Root CA 3 - US DOD CCEB Interoperability Root CA 2 9B74964506C7ED9138070D08D5F8B969866560C8 Issued To: DOD Root CA 6 Issued By: US DOD CCEB Interoperability Root CA 2 Thumbprint: D471CA32F7A692CE6CBB6196BD3377FE4DBCD106 NotAfter: 7/18/2026 The certificates can be installed using the InstallRoot tool. The tool and user guide are available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files. PKI can be found at https://crl.gds.disa.mil/.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 8A9F5422786D4EFACE58ACD7B0A7BB12DFFE3921 ~~~~~ HKLM:\SECURITY --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadPermissions, ChangePermissions AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SOFTWARE --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SYSTEM --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 8A9F5422786D4EFACE58ACD7B0A7BB12DFFE3921 ~~~~~ HKLM:\SECURITY --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadPermissions, ChangePermissions AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SOFTWARE --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SYSTEM --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 8A9F5422786D4EFACE58ACD7B0A7BB12DFFE3921 ~~~~~ HKLM:\SECURITY --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadPermissions, ChangePermissions AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SOFTWARE --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SYSTEM --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 8A9F5422786D4EFACE58ACD7B0A7BB12DFFE3921 ~~~~~ HKLM:\SECURITY --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadPermissions, ChangePermissions AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SOFTWARE --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- HKLM:\SYSTEM --------------------- Default permissions are in place. Current ACL: RegistryRights : ReadKey AccessControlType : Allow IdentityReference : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None RegistryRights : ReadKey AccessControlType : Allow IdentityReference : S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 IsInherited : False InheritanceFlags : ContainerInherit PropagationFlags : None --------------------- Comments |
|||||
Check Text
Verify the default registry permissions for the keys note below of the HKEY_LOCAL_MACHINE hive. If any non-privileged groups such as Everyone, Users or Authenticated Users have greater than Read permission, this is a finding. Run "Regedit". Right click on the registry areas noted below. Select "Permissions..." and the "Advanced" button. HKEY_LOCAL_MACHINE\SECURITY Type - "Allow" for all Inherited from - "None" for all Principal - Access - Applies to SYSTEM - Full Control - This key and subkeys Administrators - Special - This key and subkeys HKEY_LOCAL_MACHINE\SOFTWARE Type - "Allow" for all Inherited from - "None" for all Principal - Access - Applies to Users - Read - This key and subkeys Administrators - Full Control - This key and subkeys SYSTEM - Full Control - This key and subkeys CREATOR OWNER - Full Control - This key and subkeys ALL APPLICATION PACKAGES - Read - This key and subkeys HKEY_LOCAL_MACHINE\SYSTEM Type - "Allow" for all Inherited from - "None" for all Principal - Access - Applies to Users - Read - This key and subkeys Administrators - Full Control - This key and subkeys SYSTEM - Full Control - This key and subkeys CREATOR OWNER - Full Control - This key and subkeys ALL APPLICATION PACKAGES - Read - This key and subkeys Other subkeys under the noted keys may also be sampled. There may be some instances where non-privileged groups have greater than Read permission. Microsoft has given Read permission to the SOFTWARE and SYSTEM registry keys in later versions of Windows 10 to the following SID, this is currently not a finding. S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 If the defaults have not been changed, these are not a finding.
Fix Text
Maintain the default permissions for the HKEY_LOCAL_MACHINE registry hive. The default permissions of the higher level keys are noted below. HKEY_LOCAL_MACHINE\SECURITY Type - "Allow" for all Inherited from - "None" for all Principal - Access - Applies to SYSTEM - Full Control - This key and subkeys Administrators - Special - This key and subkeys HKEY_LOCAL_MACHINE\SOFTWARE Type - "Allow" for all Inherited from - "None" for all Principal - Access - Applies to Users - Read - This key and subkeys Administrators - Full Control - This key and subkeys SYSTEM - Full Control - This key and subkeys CREATOR OWNER - Full Control - This key and subkeys ALL APPLICATION PACKAGES - Read - This key and subkeys HKEY_LOCAL_MACHINE\SYSTEM Type - "Allow" for all Inherited from - "None" for all Principal - Access - Applies to Users - Read - This key and subkeys Administrators - Full Control - This key and subkeys SYSTEM - Full Control - This key and subkeys CREATOR OWNER - Full Control - This key and subkeys ALL APPLICATION PACKAGES - Read - This key and subkeys Microsoft has also given Read permission to the SOFTWARE and SYSTEM registry keys in later versions of Windows 10 to the following SID. S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4B36C634C9C40B0094FF0676E2CD029965645B6F ~~~~~ 'Accounts: Guest account status' is Disabled EnableGuestAccount: 0 Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4B36C634C9C40B0094FF0676E2CD029965645B6F ~~~~~ 'Accounts: Guest account status' is Disabled EnableGuestAccount: 0 Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4B36C634C9C40B0094FF0676E2CD029965645B6F ~~~~~ 'Accounts: Guest account status' is Disabled EnableGuestAccount: 0 Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4B36C634C9C40B0094FF0676E2CD029965645B6F ~~~~~ 'Accounts: Guest account status' is Disabled EnableGuestAccount: 0 Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options. If the value for "Accounts: Guest account status" is not set to "Disabled", this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Accounts: Guest account status" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 11C8987DBFFC9052B48349887397485EE4575B9B ~~~~~ 'Accounts: Limit local account use of blank passwords to console logon only' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: LimitBlankPasswordUse Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 11C8987DBFFC9052B48349887397485EE4575B9B ~~~~~ 'Accounts: Limit local account use of blank passwords to console logon only' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: LimitBlankPasswordUse Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11C8987DBFFC9052B48349887397485EE4575B9B ~~~~~ 'Accounts: Limit local account use of blank passwords to console logon only' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: LimitBlankPasswordUse Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11C8987DBFFC9052B48349887397485EE4575B9B ~~~~~ 'Accounts: Limit local account use of blank passwords to console logon only' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: LimitBlankPasswordUse Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\ Value Name: LimitBlankPasswordUse Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Accounts: Limit local account use of blank passwords to console logon only" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A5AD8E6621056536D220CA7C6A67BF0A37C8CF26 ~~~~~ 'Accounts: Rename administrator account' is Configured NewAdministratorName: xAdministrator Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A5AD8E6621056536D220CA7C6A67BF0A37C8CF26 ~~~~~ 'Accounts: Rename administrator account' is Configured NewAdministratorName: xAdministrator Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 938B5D59F6EEE4836658D1458955462833BA0985 ~~~~~ 'Accounts: Rename administrator account' is Configured NewAdministratorName: X_Admin Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 938B5D59F6EEE4836658D1458955462833BA0985 ~~~~~ 'Accounts: Rename administrator account' is Configured NewAdministratorName: X_Admin Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options. If the value for "Accounts: Rename administrator account" is set to "Administrator", this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Accounts: Rename administrator account" to a name other than "Administrator".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A3A426DBE1430D47DFDDA61CE036F49841EE3E11 ~~~~~ 'Accounts: Rename guest account' is Configured NewGuestName: xGuest Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A3A426DBE1430D47DFDDA61CE036F49841EE3E11 ~~~~~ 'Accounts: Rename guest account' is Configured NewGuestName: xGuest Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65D963B5E42EA95D69DDA5CE0A378E6B2420D343 ~~~~~ 'Accounts: Rename guest account' is Configured NewGuestName: Visitor Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65D963B5E42EA95D69DDA5CE0A378E6B2420D343 ~~~~~ 'Accounts: Rename guest account' is Configured NewGuestName: Visitor Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options. If the value for "Accounts: Rename guest account" is set to "Guest", this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Accounts: Rename guest account" to a name other than "Guest".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 324AD06F381FD021DAE56A525BB09066ECE5E5CF ~~~~~ 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: SCENoApplyLegacyAuditPolicy Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 324AD06F381FD021DAE56A525BB09066ECE5E5CF ~~~~~ 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: SCENoApplyLegacyAuditPolicy Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 324AD06F381FD021DAE56A525BB09066ECE5E5CF ~~~~~ 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: SCENoApplyLegacyAuditPolicy Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 324AD06F381FD021DAE56A525BB09066ECE5E5CF ~~~~~ 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: SCENoApplyLegacyAuditPolicy Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\ Value Name: SCENoApplyLegacyAuditPolicy Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C92AC1F7572F9B3171081EB2EEAAF362D261AA1F ~~~~~ 'Domain member: Digitally encrypt or sign secure channel data (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireSignOrSeal Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C92AC1F7572F9B3171081EB2EEAAF362D261AA1F ~~~~~ 'Domain member: Digitally encrypt or sign secure channel data (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireSignOrSeal Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C92AC1F7572F9B3171081EB2EEAAF362D261AA1F ~~~~~ 'Domain member: Digitally encrypt or sign secure channel data (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireSignOrSeal Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C92AC1F7572F9B3171081EB2EEAAF362D261AA1F ~~~~~ 'Domain member: Digitally encrypt or sign secure channel data (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireSignOrSeal Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\ Value Name: RequireSignOrSeal Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Domain member: Digitally encrypt or sign secure channel data (always)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E8105F4A055719C6863012165C512F667D2DC2D5 ~~~~~ 'Domain member: Digitally encrypt secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SealSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E8105F4A055719C6863012165C512F667D2DC2D5 ~~~~~ 'Domain member: Digitally encrypt secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SealSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E8105F4A055719C6863012165C512F667D2DC2D5 ~~~~~ 'Domain member: Digitally encrypt secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SealSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E8105F4A055719C6863012165C512F667D2DC2D5 ~~~~~ 'Domain member: Digitally encrypt secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SealSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\ Value Name: SealSecureChannel Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Domain member: Digitally encrypt secure channel data (when possible)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 685804E6BA9636AF386D9935CF3C842E8E5D1A87 ~~~~~ 'Domain member: Digitally sign secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SignSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 685804E6BA9636AF386D9935CF3C842E8E5D1A87 ~~~~~ 'Domain member: Digitally sign secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SignSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 685804E6BA9636AF386D9935CF3C842E8E5D1A87 ~~~~~ 'Domain member: Digitally sign secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SignSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 685804E6BA9636AF386D9935CF3C842E8E5D1A87 ~~~~~ 'Domain member: Digitally sign secure channel data (when possible)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: SignSecureChannel Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\ Value Name: SignSecureChannel Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Domain member: Digitally sign secure channel data (when possible)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A43C9B8CB640DBD916EC75B515875BE22877FB1B ~~~~~ 'Domain member: Require strong (Windows 2000 or Later) session key' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireStrongKey Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A43C9B8CB640DBD916EC75B515875BE22877FB1B ~~~~~ 'Domain member: Require strong (Windows 2000 or Later) session key' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireStrongKey Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A43C9B8CB640DBD916EC75B515875BE22877FB1B ~~~~~ 'Domain member: Require strong (Windows 2000 or Later) session key' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireStrongKey Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A43C9B8CB640DBD916EC75B515875BE22877FB1B ~~~~~ 'Domain member: Require strong (Windows 2000 or Later) session key' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Value Name: RequireStrongKey Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\ Value Name: RequireStrongKey Value Type: REG_DWORD Value: 1 Warning: This setting may prevent a system from being joined to a domain if not configured consistently between systems.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Domain member: Require strong (Windows 2000 or Later) session key" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 61889039469BEE02CE032563F1503A67C9B510A6 ~~~~~ 'Interactive logon: Machine inactivity limit' is Enabled: (900 or less but not 0) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: InactivityTimeoutSecs Value: 0x00000384 (900) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 61889039469BEE02CE032563F1503A67C9B510A6 ~~~~~ 'Interactive logon: Machine inactivity limit' is Enabled: (900 or less but not 0) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: InactivityTimeoutSecs Value: 0x00000384 (900) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 61889039469BEE02CE032563F1503A67C9B510A6 ~~~~~ 'Interactive logon: Machine inactivity limit' is Enabled: (900 or less but not 0) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: InactivityTimeoutSecs Value: 0x00000384 (900) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 61889039469BEE02CE032563F1503A67C9B510A6 ~~~~~ 'Interactive logon: Machine inactivity limit' is Enabled: (900 or less but not 0) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: InactivityTimeoutSecs Value: 0x00000384 (900) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: InactivityTimeoutSecs Value Type: REG_DWORD Value: 0x00000384 (900) (or less, excluding "0" which is effectively disabled)
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Interactive logon: Machine inactivity limit" to "900" seconds" or less, excluding "0" which is effectively disabled.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E8B54A53D42E7E78768CD8651A8875ECA26F3615 ~~~~~ 'Interactive logon: Message text for users attempting to log on' is Configured Properly Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: LegalNoticeText Value: You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. Type: REG_SZ Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E8B54A53D42E7E78768CD8651A8875ECA26F3615 ~~~~~ 'Interactive logon: Message text for users attempting to log on' is Configured Properly Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: LegalNoticeText Value: You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. Type: REG_SZ Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E8B54A53D42E7E78768CD8651A8875ECA26F3615 ~~~~~ 'Interactive logon: Message text for users attempting to log on' is Configured Properly Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: LegalNoticeText Value: You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. Type: REG_SZ Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E8B54A53D42E7E78768CD8651A8875ECA26F3615 ~~~~~ 'Interactive logon: Message text for users attempting to log on' is Configured Properly Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: LegalNoticeText Value: You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. Type: REG_SZ Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: LegalNoticeText Value Type: REG_SZ Value: You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Interactive logon: Message text for users attempting to log on" to the following. You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2CAAC2074B82986A1F2C53818B9A189E05AD0251 ~~~~~ 'Interactive logon: Smart card removal behavior' is Lock Workstation or Force Logoff Registry Path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Value Name: SCRemoveOption Value: 1 Type: REG_SZ Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2CAAC2074B82986A1F2C53818B9A189E05AD0251 ~~~~~ 'Interactive logon: Smart card removal behavior' is Lock Workstation or Force Logoff Registry Path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Value Name: SCRemoveOption Value: 1 Type: REG_SZ Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2CAAC2074B82986A1F2C53818B9A189E05AD0251 ~~~~~ 'Interactive logon: Smart card removal behavior' is Lock Workstation or Force Logoff Registry Path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Value Name: SCRemoveOption Value: 1 Type: REG_SZ Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2CAAC2074B82986A1F2C53818B9A189E05AD0251 ~~~~~ 'Interactive logon: Smart card removal behavior' is Lock Workstation or Force Logoff Registry Path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Value Name: SCRemoveOption Value: 1 Type: REG_SZ Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ Value Name: SCRemoveOption Value Type: REG_SZ Value: 1 (Lock Workstation) or 2 (Force Logoff) This can be left not configured or set to "No action" on workstations with the following conditions. This must be documented with the ISSO. -The setting cannot be configured due to mission needs, or because it interferes with applications. -Policy must be in place that users manually lock workstations when leaving them unattended. -The screen saver is properly configured to lock as required.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Interactive logon: Smart card removal behavior" to "Lock Workstation" or "Force Logoff".