| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C5A49E1CFD30A72F3C940AB429BAFD8E14AE6618 ~~~~~ 'Microsoft network client: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C5A49E1CFD30A72F3C940AB429BAFD8E14AE6618 ~~~~~ 'Microsoft network client: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C5A49E1CFD30A72F3C940AB429BAFD8E14AE6618 ~~~~~ 'Microsoft network client: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C5A49E1CFD30A72F3C940AB429BAFD8E14AE6618 ~~~~~ 'Microsoft network client: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\ Value Name: RequireSecuritySignature Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Microsoft network client: Digitally sign communications (always)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C2C6D190B20781C6F7D78C96826F328EC59F9E7B ~~~~~ 'Microsoft network client: Send unencrypted password to third-party SMB servers' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: EnablePlainTextPassword Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C2C6D190B20781C6F7D78C96826F328EC59F9E7B ~~~~~ 'Microsoft network client: Send unencrypted password to third-party SMB servers' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: EnablePlainTextPassword Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C2C6D190B20781C6F7D78C96826F328EC59F9E7B ~~~~~ 'Microsoft network client: Send unencrypted password to third-party SMB servers' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: EnablePlainTextPassword Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C2C6D190B20781C6F7D78C96826F328EC59F9E7B ~~~~~ 'Microsoft network client: Send unencrypted password to third-party SMB servers' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters Value Name: EnablePlainTextPassword Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\ Value Name: EnablePlainTextPassword Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Microsoft network client: Send unencrypted password to third-party SMB servers" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BD9225A28377EF999965AC233E0FD3FA86018149 ~~~~~ 'Microsoft network server: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: BD9225A28377EF999965AC233E0FD3FA86018149 ~~~~~ 'Microsoft network server: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BD9225A28377EF999965AC233E0FD3FA86018149 ~~~~~ 'Microsoft network server: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BD9225A28377EF999965AC233E0FD3FA86018149 ~~~~~ 'Microsoft network server: Digitally sign communications (always)' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Value Name: RequireSecuritySignature Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\ Value Name: RequireSecuritySignature Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Microsoft network server: Digitally sign communications (always)" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F31069CC046E2D2CBDAD2721CFEC8E714042ED08 ~~~~~ 'Network access: Let Everyone permissions apply to anonymous users' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: EveryoneIncludesAnonymous Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F31069CC046E2D2CBDAD2721CFEC8E714042ED08 ~~~~~ 'Network access: Let Everyone permissions apply to anonymous users' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: EveryoneIncludesAnonymous Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F31069CC046E2D2CBDAD2721CFEC8E714042ED08 ~~~~~ 'Network access: Let Everyone permissions apply to anonymous users' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: EveryoneIncludesAnonymous Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F31069CC046E2D2CBDAD2721CFEC8E714042ED08 ~~~~~ 'Network access: Let Everyone permissions apply to anonymous users' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: EveryoneIncludesAnonymous Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\ Value Name: EveryoneIncludesAnonymous Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network access: Let Everyone permissions apply to anonymous users" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7841756A49417E5B640EE51E3343CCEDE3E6FD7F ~~~~~ 'Network access: Restrict clients allowed to make remote calls to SAM' is Configured Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: RestrictRemoteSAM Value: O:BAG:BAD:(A;;RC;;;BA) Type: REG_SZ Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 7841756A49417E5B640EE51E3343CCEDE3E6FD7F ~~~~~ 'Network access: Restrict clients allowed to make remote calls to SAM' is Configured Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: RestrictRemoteSAM Value: O:BAG:BAD:(A;;RC;;;BA) Type: REG_SZ Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7841756A49417E5B640EE51E3343CCEDE3E6FD7F ~~~~~ 'Network access: Restrict clients allowed to make remote calls to SAM' is Configured Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: RestrictRemoteSAM Value: O:BAG:BAD:(A;;RC;;;BA) Type: REG_SZ Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7841756A49417E5B640EE51E3343CCEDE3E6FD7F ~~~~~ 'Network access: Restrict clients allowed to make remote calls to SAM' is Configured Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa Value Name: RestrictRemoteSAM Value: O:BAG:BAD:(A;;RC;;;BA) Type: REG_SZ Comments |
|||||
Check Text
Windows 10 v1507 LTSB version does not include this setting, it is NA for those systems. If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\ Value Name: RestrictRemoteSAM Value Type: REG_SZ Value: O:BAG:BAD:(A;;RC;;;BA) If a domain application account such as for a management tool requires this user right, this is not a finding. Vendor documentation must support the requirement for having the user right. The requirement must be documented with the ISSO.
Fix Text
Navigate to the policy Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network access: Restrict clients allowed to make remote calls to SAM". Select "Edit Security" to configure the "Security descriptor:". Add "Administrators" in "Group or user names:" if it is not already listed (this is the default). Select "Administrators" in "Group or user names:". Select "Allow" for "Remote Access" in "Permissions for "Administrators". Click "OK". The "Security descriptor:" must be populated with "O:BAG:BAD:(A;;RC;;;BA) for the policy to be enforced.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E93E254994B885B4BF73196B1C654A88D7A1CFB2 ~~~~~ 'Network security: Allow LocalSystem NULL session fallback' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0 Value Name: allownullsessionfallback Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E93E254994B885B4BF73196B1C654A88D7A1CFB2 ~~~~~ 'Network security: Allow LocalSystem NULL session fallback' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0 Value Name: allownullsessionfallback Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E93E254994B885B4BF73196B1C654A88D7A1CFB2 ~~~~~ 'Network security: Allow LocalSystem NULL session fallback' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0 Value Name: allownullsessionfallback Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E93E254994B885B4BF73196B1C654A88D7A1CFB2 ~~~~~ 'Network security: Allow LocalSystem NULL session fallback' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0 Value Name: allownullsessionfallback Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\LSA\MSV1_0\ Value Name: allownullsessionfallback Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Allow LocalSystem NULL session fallback" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1961C65D62E439DD994746E878FF5E58B7D0E689 ~~~~~ 'Network security: Allow PKU2U authentication requests to this computer to use online identities' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\pku2u Value Name: AllowOnlineID Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1961C65D62E439DD994746E878FF5E58B7D0E689 ~~~~~ 'Network security: Allow PKU2U authentication requests to this computer to use online identities' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\pku2u Value Name: AllowOnlineID Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1961C65D62E439DD994746E878FF5E58B7D0E689 ~~~~~ 'Network security: Allow PKU2U authentication requests to this computer to use online identities' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\pku2u Value Name: AllowOnlineID Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1961C65D62E439DD994746E878FF5E58B7D0E689 ~~~~~ 'Network security: Allow PKU2U authentication requests to this computer to use online identities' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\LSA\pku2u Value Name: AllowOnlineID Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\LSA\pku2u\ Value Name: AllowOnlineID Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Allow PKU2U authentication requests to this computer to use online identities" to "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: SupportedEncryptionTypes Value Type: REG_DWORD Value: 0x7ffffff8 (2147483640)
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Configure encryption types allowed for Kerberos" to "Enabled" with only the following selected: AES128_HMAC_SHA1 AES256_HMAC_SHA1 Future encryption types
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CA96098204159CD21A974ACB15E4D5505B387F91 ~~~~~ 'Network security: LDAP client signing requirements' is Negotiate signing Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LDAP Value Name: LDAPClientIntegrity Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CA96098204159CD21A974ACB15E4D5505B387F91 ~~~~~ 'Network security: LDAP client signing requirements' is Negotiate signing Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LDAP Value Name: LDAPClientIntegrity Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CA96098204159CD21A974ACB15E4D5505B387F91 ~~~~~ 'Network security: LDAP client signing requirements' is Negotiate signing Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LDAP Value Name: LDAPClientIntegrity Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CA96098204159CD21A974ACB15E4D5505B387F91 ~~~~~ 'Network security: LDAP client signing requirements' is Negotiate signing Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\LDAP Value Name: LDAPClientIntegrity Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Services\LDAP\ Value Name: LDAPClientIntegrity Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: LDAP client signing requirements" to "Negotiate signing" at a minimum.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C175B6A8BA1223684134D0E2E59E6F7B89B1A067 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinClientSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C175B6A8BA1223684134D0E2E59E6F7B89B1A067 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinClientSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C175B6A8BA1223684134D0E2E59E6F7B89B1A067 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinClientSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C175B6A8BA1223684134D0E2E59E6F7B89B1A067 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinClientSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ Value Name: NTLMMinClientSec Value Type: REG_DWORD Value: 0x20080000 (537395200)
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" to "Require NTLMv2 session security" and "Require 128-bit encryption" (all options selected).
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C1CD32DB87A556AACC0477A01420E1F740E4BE43 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinServerSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: C1CD32DB87A556AACC0477A01420E1F740E4BE43 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinServerSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C1CD32DB87A556AACC0477A01420E1F740E4BE43 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinServerSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C1CD32DB87A556AACC0477A01420E1F740E4BE43 ~~~~~ 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is 'Require NTLMv2 session security' and 'Require 128-bit encryption' Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 Value Name: NTLMMinServerSec Value: 0x20080000 (537395200) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ Value Name: NTLMMinServerSec Value Type: REG_DWORD Value: 0x20080000 (537395200)
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers" to "Require NTLMv2 session security" and "Require 128-bit encryption" (all options selected).
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1CA705ED667092D89BECAE6AA40B0489C62A8841 ~~~~~ 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy Value Name: Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1CA705ED667092D89BECAE6AA40B0489C62A8841 ~~~~~ 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy Value Name: Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1CA705ED667092D89BECAE6AA40B0489C62A8841 ~~~~~ 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy Value Name: Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1CA705ED667092D89BECAE6AA40B0489C62A8841 ~~~~~ 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is Enabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy Value Name: Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\ Value Name: Enabled Value Type: REG_DWORD Value: 1 Warning: Clients with this setting enabled will not be able to communicate via digitally encrypted or signed protocols with servers that do not support these algorithms. Both the browser and web server must be configured to use TLS otherwise the browser will not be able to connect to a secure site.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 21BF47E4A5506372B793739D85C957AB1A09D4F2 ~~~~~ 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: FilterAdministratorToken Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 21BF47E4A5506372B793739D85C957AB1A09D4F2 ~~~~~ 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: FilterAdministratorToken Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 21BF47E4A5506372B793739D85C957AB1A09D4F2 ~~~~~ 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: FilterAdministratorToken Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 21BF47E4A5506372B793739D85C957AB1A09D4F2 ~~~~~ 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: FilterAdministratorToken Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: FilterAdministratorToken Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Admin Approval Mode for the Built-in Administrator account" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E735EC6F33A1169D2A60002C3D8D2515CA86CBC1 ~~~~~ 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is 'Prompt for consent on the secure desktop' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorAdmin Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: E735EC6F33A1169D2A60002C3D8D2515CA86CBC1 ~~~~~ 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is 'Prompt for consent on the secure desktop' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorAdmin Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E735EC6F33A1169D2A60002C3D8D2515CA86CBC1 ~~~~~ 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is 'Prompt for consent on the secure desktop' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorAdmin Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E735EC6F33A1169D2A60002C3D8D2515CA86CBC1 ~~~~~ 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is 'Prompt for consent on the secure desktop' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorAdmin Value: 0x00000002 (2) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: ConsentPromptBehaviorAdmin Value Type: REG_DWORD Value: 2 (Prompt for consent on the secure desktop)
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode" to "Prompt for consent on the secure desktop".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6ACACB0827264AD5353FC62B6D49CB15E2E3D397 ~~~~~ 'HKLM:\SOFTWARE\Microsoft\Cryptography\Calais\Readers' exists and is populated. 'HKLM:\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards' exists and is populated. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6ACACB0827264AD5353FC62B6D49CB15E2E3D397 ~~~~~ 'HKLM:\SOFTWARE\Microsoft\Cryptography\Calais\Readers' exists and is populated. 'HKLM:\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards' exists and is populated. Comments |
|||||
Check Text
If the system is not a member of a domain, this is Not Applicable. If all of the following settings exist and are populated, this is not a finding. Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\Readers Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards
Fix Text
For nondomain-joined systems, configuring Windows Hello for sign-on options is suggested based on the organization's needs and capabilities.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 612DE6CC150D65A0C6EAECFD65EDF62CB3A9F23C ~~~~~ 'User Account Control: Behavior of the elevation prompt for standard users' is 'Automatically deny elevation requests' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorUser Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 612DE6CC150D65A0C6EAECFD65EDF62CB3A9F23C ~~~~~ 'User Account Control: Behavior of the elevation prompt for standard users' is 'Automatically deny elevation requests' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorUser Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 612DE6CC150D65A0C6EAECFD65EDF62CB3A9F23C ~~~~~ 'User Account Control: Behavior of the elevation prompt for standard users' is 'Automatically deny elevation requests' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorUser Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 612DE6CC150D65A0C6EAECFD65EDF62CB3A9F23C ~~~~~ 'User Account Control: Behavior of the elevation prompt for standard users' is 'Automatically deny elevation requests' Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: ConsentPromptBehaviorUser Value: 0x00000000 (0) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: ConsentPromptBehaviorUser Value Type: REG_DWORD Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Behavior of the elevation prompt for standard users" to "Automatically deny elevation requests".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5496C0668A8A09249300A7E7262DFD46DCBE43E5 ~~~~~ 'User Account Control: Detect application installations and prompt for elevation' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableInstallerDetection Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5496C0668A8A09249300A7E7262DFD46DCBE43E5 ~~~~~ 'User Account Control: Detect application installations and prompt for elevation' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableInstallerDetection Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5496C0668A8A09249300A7E7262DFD46DCBE43E5 ~~~~~ 'User Account Control: Detect application installations and prompt for elevation' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableInstallerDetection Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5496C0668A8A09249300A7E7262DFD46DCBE43E5 ~~~~~ 'User Account Control: Detect application installations and prompt for elevation' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableInstallerDetection Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: EnableInstallerDetection Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Detect application installations and prompt for elevation" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 64B2C322F7C84A280007770D70BF56965D15C96F ~~~~~ 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableSecureUIAPaths Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 64B2C322F7C84A280007770D70BF56965D15C96F ~~~~~ 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableSecureUIAPaths Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 64B2C322F7C84A280007770D70BF56965D15C96F ~~~~~ 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableSecureUIAPaths Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 64B2C322F7C84A280007770D70BF56965D15C96F ~~~~~ 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableSecureUIAPaths Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: EnableSecureUIAPaths Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Only elevate UIAccess applications that are installed in secure locations" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2D70777D40743C5DBAB3D4DBE4BAFBCFC27BCC28 ~~~~~ 'User Account Control: Run all administrators in Admin Approval Mode' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableLUA Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2D70777D40743C5DBAB3D4DBE4BAFBCFC27BCC28 ~~~~~ 'User Account Control: Run all administrators in Admin Approval Mode' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableLUA Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2D70777D40743C5DBAB3D4DBE4BAFBCFC27BCC28 ~~~~~ 'User Account Control: Run all administrators in Admin Approval Mode' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableLUA Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2D70777D40743C5DBAB3D4DBE4BAFBCFC27BCC28 ~~~~~ 'User Account Control: Run all administrators in Admin Approval Mode' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableLUA Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: EnableLUA Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Run all administrators in Admin Approval Mode" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FD7CB37316D10F1E3FED0BDCD0202F2A5CEAD796 ~~~~~ 'User Account Control: Virtualize file and registry write failures to per-user locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableVirtualization Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FD7CB37316D10F1E3FED0BDCD0202F2A5CEAD796 ~~~~~ 'User Account Control: Virtualize file and registry write failures to per-user locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableVirtualization Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FD7CB37316D10F1E3FED0BDCD0202F2A5CEAD796 ~~~~~ 'User Account Control: Virtualize file and registry write failures to per-user locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableVirtualization Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FD7CB37316D10F1E3FED0BDCD0202F2A5CEAD796 ~~~~~ 'User Account Control: Virtualize file and registry write failures to per-user locations' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Value Name: EnableVirtualization Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: EnableVirtualization Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "User Account Control: Virtualize file and registry write failures to per-user locations" to "Enabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89108\Scan.Admin UserSID: S-1-5-21-4163428051-2768110797-3591193048-1016 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found) Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89134\dod_admin UserSID: S-1-5-21-4004422625-1934610219-1178763574-1001 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found) Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found) Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\W.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1106 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found) Comments |
|||||
Check Text
The default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist)
Fix Text
The default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 87F79F66720D9E2E7AA2D4F0BD4E49B75FB81A54 ~~~~~ Access Credential Manager as a trusted caller: No objects assigned to this right. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 87F79F66720D9E2E7AA2D4F0BD4E49B75FB81A54 ~~~~~ Access Credential Manager as a trusted caller: No objects assigned to this right. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 87F79F66720D9E2E7AA2D4F0BD4E49B75FB81A54 ~~~~~ Access Credential Manager as a trusted caller: No objects assigned to this right. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 87F79F66720D9E2E7AA2D4F0BD4E49B75FB81A54 ~~~~~ Access Credential Manager as a trusted caller: No objects assigned to this right. Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts are granted the "Access Credential Manager as a trusted caller" user right, this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Access Credential Manager as a trusted caller" to be defined but containing no entries (blank).
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F48790F3B781A7406A6B4E00D9AD0AAB7E2F399C ~~~~~ Allow log on locally: BUILTIN\Administrators BUILTIN\Users Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F48790F3B781A7406A6B4E00D9AD0AAB7E2F399C ~~~~~ Allow log on locally: BUILTIN\Administrators BUILTIN\Users Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F48790F3B781A7406A6B4E00D9AD0AAB7E2F399C ~~~~~ Allow log on locally: BUILTIN\Administrators BUILTIN\Users Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F48790F3B781A7406A6B4E00D9AD0AAB7E2F399C ~~~~~ Allow log on locally: BUILTIN\Administrators BUILTIN\Users Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Allow log on locally" user right, this is a finding: Administrators Users
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Allow log on locally" to only include the following groups or accounts: Administrators Users
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FE97405F6D28A745E95E87B5555D354412968910 ~~~~~ Back up files and directories: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FE97405F6D28A745E95E87B5555D354412968910 ~~~~~ Back up files and directories: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FE97405F6D28A745E95E87B5555D354412968910 ~~~~~ Back up files and directories: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FE97405F6D28A745E95E87B5555D354412968910 ~~~~~ Back up files and directories: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Back up files and directories" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Back up files and directories" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 636C8684B90F7F0155FAFD92359E722DCC949E95 ~~~~~ Change the system time: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT SERVICE\autotimesvc Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 636C8684B90F7F0155FAFD92359E722DCC949E95 ~~~~~ Change the system time: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT SERVICE\autotimesvc Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3154AE2BF76D66CA1C11EA80D35122A24DA6E792 ~~~~~ Change the system time: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3154AE2BF76D66CA1C11EA80D35122A24DA6E792 ~~~~~ Change the system time: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Change the system time" user right, this is a finding: Administrators LOCAL SERVICE NT SERVICE\autotimesvc is added in v1909 cumulative update.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Change the system time" to only include the following groups or accounts: Administrators LOCAL SERVICE NT SERVICE\autotimesvc is added in v1909 cumulative update.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 392F23BFEA1FFA843FBED2A87296251BF545F4E6 ~~~~~ Create a pagefile: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 392F23BFEA1FFA843FBED2A87296251BF545F4E6 ~~~~~ Create a pagefile: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 392F23BFEA1FFA843FBED2A87296251BF545F4E6 ~~~~~ Create a pagefile: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 392F23BFEA1FFA843FBED2A87296251BF545F4E6 ~~~~~ Create a pagefile: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Create a pagefile" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Create a pagefile" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1B5B4C099509D3018C425654D2D4FB7E1B14B154 ~~~~~ Create global objects: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 1B5B4C099509D3018C425654D2D4FB7E1B14B154 ~~~~~ Create global objects: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1B5B4C099509D3018C425654D2D4FB7E1B14B154 ~~~~~ Create global objects: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1B5B4C099509D3018C425654D2D4FB7E1B14B154 ~~~~~ Create global objects: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Create global objects" user right, this is a finding: Administrators LOCAL SERVICE NETWORK SERVICE SERVICE
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Create global objects" to only include the following groups or accounts: Administrators LOCAL SERVICE NETWORK SERVICE SERVICE
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 9E9F312FE6D327D0F8B24DB218DD2C4C9713AAB7 ~~~~~ Create permanent shared objects: No objects assigned to this right. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 9E9F312FE6D327D0F8B24DB218DD2C4C9713AAB7 ~~~~~ Create permanent shared objects: No objects assigned to this right. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9E9F312FE6D327D0F8B24DB218DD2C4C9713AAB7 ~~~~~ Create permanent shared objects: No objects assigned to this right. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9E9F312FE6D327D0F8B24DB218DD2C4C9713AAB7 ~~~~~ Create permanent shared objects: No objects assigned to this right. Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts are granted the "Create permanent shared objects" user right, this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Create permanent shared objects" to be defined but containing no entries (blank).
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 3CD4E9016C9F359F5DA68C3C0F6C5C9FA18CC580 ~~~~~ Create symbolic links: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 3CD4E9016C9F359F5DA68C3C0F6C5C9FA18CC580 ~~~~~ Create symbolic links: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3CD4E9016C9F359F5DA68C3C0F6C5C9FA18CC580 ~~~~~ Create symbolic links: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3CD4E9016C9F359F5DA68C3C0F6C5C9FA18CC580 ~~~~~ Create symbolic links: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Create symbolic links" user right, this is a finding: Administrators If the workstation has an approved use of Hyper-V, such as being used as a dedicated admin workstation using Hyper-V to separate administration and standard user functions, "NT VIRTUAL MACHINES\VIRTUAL MACHINE" may be assigned this user right and is not a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Create symbolic links" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3269727D2232F7C9C8B33EADB868AEDDB9E50831 ~~~~~ Deny log on as a batch job: BUILTIN\Guests MONTFORD-POINT\Domain Admins MONTFORD-POINT\Enterprise Admins Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3269727D2232F7C9C8B33EADB868AEDDB9E50831 ~~~~~ Deny log on as a batch job: BUILTIN\Guests MONTFORD-POINT\Domain Admins MONTFORD-POINT\Enterprise Admins Comments |
|||||
Check Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If the following groups or accounts are not defined for the "Deny log on as a batch job" right, this is a finding. Domain Systems Only: Enterprise Admin Group Domain Admin Group
Fix Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Deny log on as a batch job" to include the following: Domain Systems Only: Enterprise Admin Group Domain Admin Group
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 6386CA45E70EAC022EEE395ACF120AD858947656 ~~~~~ Enable computer and user accounts to be trusted for delegation: No objects assigned to this right. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 6386CA45E70EAC022EEE395ACF120AD858947656 ~~~~~ Enable computer and user accounts to be trusted for delegation: No objects assigned to this right. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6386CA45E70EAC022EEE395ACF120AD858947656 ~~~~~ Enable computer and user accounts to be trusted for delegation: No objects assigned to this right. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6386CA45E70EAC022EEE395ACF120AD858947656 ~~~~~ Enable computer and user accounts to be trusted for delegation: No objects assigned to this right. Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts are granted the "Enable computer and user accounts to be trusted for delegation" user right, this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Enable computer and user accounts to be trusted for delegation" to be defined but containing no entries (blank).
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: B79C184446E73079F465BE23CEE82A18CF0870A8 ~~~~~ Force shutdown from a remote system: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: B79C184446E73079F465BE23CEE82A18CF0870A8 ~~~~~ Force shutdown from a remote system: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: B79C184446E73079F465BE23CEE82A18CF0870A8 ~~~~~ Force shutdown from a remote system: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: B79C184446E73079F465BE23CEE82A18CF0870A8 ~~~~~ Force shutdown from a remote system: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Force shutdown from a remote system" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Force shutdown from a remote system" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 3BB4559735E48794BD8165BD31FB3B91B5C97D70 ~~~~~ Impersonate a client after authentication: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 3BB4559735E48794BD8165BD31FB3B91B5C97D70 ~~~~~ Impersonate a client after authentication: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3BB4559735E48794BD8165BD31FB3B91B5C97D70 ~~~~~ Impersonate a client after authentication: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3BB4559735E48794BD8165BD31FB3B91B5C97D70 ~~~~~ Impersonate a client after authentication: BUILTIN\Administrators NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SERVICE Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Impersonate a client after authentication" user right, this is a finding: Administrators LOCAL SERVICE NETWORK SERVICE SERVICE
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Impersonate a client after authentication" to only include the following groups or accounts: Administrators LOCAL SERVICE NETWORK SERVICE SERVICE
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 59F1C37C37F91193AA2671D4DEFF065B9A2BCA05 ~~~~~ Load and unload device drivers: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 59F1C37C37F91193AA2671D4DEFF065B9A2BCA05 ~~~~~ Load and unload device drivers: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 59F1C37C37F91193AA2671D4DEFF065B9A2BCA05 ~~~~~ Load and unload device drivers: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 59F1C37C37F91193AA2671D4DEFF065B9A2BCA05 ~~~~~ Load and unload device drivers: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Load and unload device drivers" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Load and unload device drivers" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: AA88E2DBE75A77500E026C0631E31EB834CB2521 ~~~~~ Lock pages in memory: No objects assigned to this right. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: AA88E2DBE75A77500E026C0631E31EB834CB2521 ~~~~~ Lock pages in memory: No objects assigned to this right. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: AA88E2DBE75A77500E026C0631E31EB834CB2521 ~~~~~ Lock pages in memory: No objects assigned to this right. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: AA88E2DBE75A77500E026C0631E31EB834CB2521 ~~~~~ Lock pages in memory: No objects assigned to this right. Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts are granted the "Lock pages in memory" user right, this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Lock pages in memory" to be defined but containing no entries (blank).
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F506B79F7BAE0B4B9C26A872BD506286097A5492 ~~~~~ Manage auditing and security log: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F506B79F7BAE0B4B9C26A872BD506286097A5492 ~~~~~ Manage auditing and security log: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F506B79F7BAE0B4B9C26A872BD506286097A5492 ~~~~~ Manage auditing and security log: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F506B79F7BAE0B4B9C26A872BD506286097A5492 ~~~~~ Manage auditing and security log: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Manage auditing and security log" user right, this is a finding: Administrators If the organization has an "Auditors" group the assignment of this group to the user right would not be a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Manage auditing and security log" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 17C44C7943BC8AAB7D21F72E23CEC41AFE1A9F0C ~~~~~ Modify firmware environment values: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 17C44C7943BC8AAB7D21F72E23CEC41AFE1A9F0C ~~~~~ Modify firmware environment values: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 17C44C7943BC8AAB7D21F72E23CEC41AFE1A9F0C ~~~~~ Modify firmware environment values: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 17C44C7943BC8AAB7D21F72E23CEC41AFE1A9F0C ~~~~~ Modify firmware environment values: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Modify firmware environment values" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Modify firmware environment values" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CF44D7B584EFD68DFC4D843B21D491E2F6848B64 ~~~~~ Perform volume maintenance tasks: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: CF44D7B584EFD68DFC4D843B21D491E2F6848B64 ~~~~~ Perform volume maintenance tasks: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CF44D7B584EFD68DFC4D843B21D491E2F6848B64 ~~~~~ Perform volume maintenance tasks: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CF44D7B584EFD68DFC4D843B21D491E2F6848B64 ~~~~~ Perform volume maintenance tasks: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Perform volume maintenance tasks" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Perform volume maintenance tasks" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 15D359836034C5F1C910175CB6D5F67772067F27 ~~~~~ Profile single process: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 15D359836034C5F1C910175CB6D5F67772067F27 ~~~~~ Profile single process: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 15D359836034C5F1C910175CB6D5F67772067F27 ~~~~~ Profile single process: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 15D359836034C5F1C910175CB6D5F67772067F27 ~~~~~ Profile single process: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Profile single process" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Profile single process" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F888137124F8E9A99188DF6656EBE43CAAE52E7E ~~~~~ Restore files and directories: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F888137124F8E9A99188DF6656EBE43CAAE52E7E ~~~~~ Restore files and directories: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F888137124F8E9A99188DF6656EBE43CAAE52E7E ~~~~~ Restore files and directories: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F888137124F8E9A99188DF6656EBE43CAAE52E7E ~~~~~ Restore files and directories: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Restore files and directories" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Restore files and directories" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2EE38D6B4E98B44453F4F74A2761EDEB80FBC3B1 ~~~~~ Take ownership of files or other objects: BUILTIN\Administrators Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 2EE38D6B4E98B44453F4F74A2761EDEB80FBC3B1 ~~~~~ Take ownership of files or other objects: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2EE38D6B4E98B44453F4F74A2761EDEB80FBC3B1 ~~~~~ Take ownership of files or other objects: BUILTIN\Administrators Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2EE38D6B4E98B44453F4F74A2761EDEB80FBC3B1 ~~~~~ Take ownership of files or other objects: BUILTIN\Administrators Comments |
|||||
Check Text
Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment. If any groups or accounts other than the following are granted the "Take ownership of files or other objects" user right, this is a finding: Administrators
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> "Take ownership of files or other objects" to only include the following groups or accounts: Administrators
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\*\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\*\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\*\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\*\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments |
|||||
Check Text
This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. If the following registry values do not exist or are not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\ Value Name: \\*\NETLOGON Value Type: REG_SZ Value: RequireMutualAuthentication=1, RequireIntegrity=1 Value Name: \\*\SYSVOL Value Type: REG_SZ Value: RequireMutualAuthentication=1, RequireIntegrity=1 Additional entries would not be a finding.
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Network Provider >> "Hardened UNC Paths" to "Enabled" with at least the following configured in "Hardened UNC Paths:" (click the "Show" button to display). Value Name: \\*\SYSVOL Value: RequireMutualAuthentication=1, RequireIntegrity=1 Value Name: \\*\NETLOGON Value: RequireMutualAuthentication=1, RequireIntegrity=1
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A45EAC4E3D6C6E7C671383D89AAE41F94F46804D ~~~~~ 'Turn on PowerShell Transcription' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription Value Name: EnableTranscripting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: A45EAC4E3D6C6E7C671383D89AAE41F94F46804D ~~~~~ 'Turn on PowerShell Transcription' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription Value Name: EnableTranscripting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A45EAC4E3D6C6E7C671383D89AAE41F94F46804D ~~~~~ 'Turn on PowerShell Transcription' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription Value Name: EnableTranscripting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: A45EAC4E3D6C6E7C671383D89AAE41F94F46804D ~~~~~ 'Turn on PowerShell Transcription' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription Value Name: EnableTranscripting Value: 0x00000001 (1) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription\ Value Name: EnableTranscripting Value Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows PowerShell >> "Turn on PowerShell Transcription" to "Enabled". Specify the Transcript output directory to point to a Central Log Server or another secure location to prevent user access.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 20084BF752FA10BB981D8B6E81803EB2C45CEE3E ~~~~~ Internet Explorer is supported on Windows 10 Enterprise LTSC 2021 Reference: https://docs.microsoft.com/en-us/lifecycle/faq/internet-explorer-microsoft-edge Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 20084BF752FA10BB981D8B6E81803EB2C45CEE3E ~~~~~ Internet Explorer is supported on Windows 10 Enterprise LTSC 2021 Reference: https://docs.microsoft.com/en-us/lifecycle/faq/internet-explorer-microsoft-edge Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: EB29562146CB9048C1CD666F4CB7E15DC1C0B1A9 ~~~~~ Internet Explorer is not installed on this system. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: EB29562146CB9048C1CD666F4CB7E15DC1C0B1A9 ~~~~~ Internet Explorer is not installed on this system. Comments |
|||||
Check Text
Determine if IE11 is installed or enabled on Windows 10 semi-annual channel. If IE11 is installed or not disabled on Windows 10 semi-annual channel, this is a finding. If IE11 is installed on a unsupported operating system and is enabled or installed, this is a finding. For more information, visit: https://learn.microsoft.com/en-us/lifecycle/faq/internet-explorer-microsoft-edge#what-is-the-lifecycle-policy-for-internet-explorer-
Fix Text
For Windows 10 semi-annual channel, remove or disable the IE11 application. To disable IE11 as a standalone browser: Set the policy value for "Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Disable Internet Explorer 11 as a standalone browser" to "Enabled" with the option value set to "Never".
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CDF0FBA2C490925B122D87AB28B4AB248337262 ~~~~~ 'HKLM:\SYSTEM\CurrentControlSet\Services\PortProxy\v4tov4\tcp' does not exist 'netsh interface portproxy show all' returned no output Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CDF0FBA2C490925B122D87AB28B4AB248337262 ~~~~~ 'HKLM:\SYSTEM\CurrentControlSet\Services\PortProxy\v4tov4\tcp' does not exist 'netsh interface portproxy show all' returned no output Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDF0FBA2C490925B122D87AB28B4AB248337262 ~~~~~ 'HKLM:\SYSTEM\CurrentControlSet\Services\PortProxy\v4tov4\tcp' does not exist 'netsh interface portproxy show all' returned no output Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDF0FBA2C490925B122D87AB28B4AB248337262 ~~~~~ 'HKLM:\SYSTEM\CurrentControlSet\Services\PortProxy\v4tov4\tcp' does not exist 'netsh interface portproxy show all' returned no output Comments |
|||||
Check Text
Check the registry key for existence of proxied ports: HKLM\SYSTEM\CurrentControlSet\Services\PortProxy\. If the key contains v4tov4\tcp\ or is populated v4tov4\tcp\, this is a finding. Run "netsh interface portproxy show all". If the command displays any results, this is a finding.
Fix Text
Contact the Administrator to run "netsh interface portproxy delete" with elevation. Remove any enabled portproxies that may be configured.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 35876C8966B85EC1E2B626A04F1F3A7173B7D72A ~~~~~ System is a 'Standalone Workstation' so this requirement is NA. Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: EE3C41B079CD55070D61693A3A80148AC172FB2D ~~~~~ OS Configuration: Member Workstation GPOs applied to the system... --------------------------- Name: AR2.1-Disable SmartScreen GPO CRQ#200000 UniqueID: {BDCF3DB0-ED6B-4CFD-A3DE-A0EE39CFF553} AppliedOrder: 24 Enabled: True Enforced: True SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Adobe Reader DC Continuous protected view MAR2022 UniqueID: {73FB4C08-5E4E-4613-9C92-A1935473C0B8} AppliedOrder: 23 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Axway Configuration UniqueID: {9A2E7FFB-86B0-4C62-BFC8-6E7AC786A1ED} AppliedOrder: 22 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - RBAC UniqueID: {88602F3D-3A9F-4447-934A-2DDE7E6AC06D} AppliedOrder: 21 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - BitLocker Backup to Active Directory UniqueID: {13CF8084-13EC-427B-9CAB-F3243723B027} AppliedOrder: 20 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Windows 10 v2r1 Computer UniqueID: {633BF66A-4F82-4562-A78F-EEFA83686F95} AppliedOrder: 19 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Google Chrome FIX FEB2022 UniqueID: {4077A504-B830-4B59-868A-35847B93E9C6} AppliedOrder: 18 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Edge FIX FEB2022 UniqueID: {003A4B00-8A6C-4430-82C7-EB242F312734} AppliedOrder: 17 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Mozilla Firefox FIX FEB2022 UniqueID: {5464EA36-F45C-4BE0-89E6-A0043741FA96} AppliedOrder: 16 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Microsoft Edge v1r1 Computer UniqueID: {0DF1B468-68C7-4E60-BD66-971FBBABB95A} AppliedOrder: 15 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Google Chrome V2R1 - Computer UniqueID: {466A3169-B8B0-4E46-BC61-6CA031284F5E} AppliedOrder: 14 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Disable Sleep/Hibernate UniqueID: {35D3D931-A7DC-4B8B-9BE0-A67CFBD6268D} AppliedOrder: 13 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Internet Explorer 11 V1R19 - Computer UniqueID: {3C3C67E4-A139-4561-AF7B-D5AC7CAE2AD1} AppliedOrder: 12 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Microsoft Office 2016 - Office System V1R1 Computer UniqueID: {5AD817C7-2BBB-40FA-B6CE-AD8AC845A998} AppliedOrder: 11 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: DoD Adobe Acrobat Pro DC Continuous STIG Computer V1R2 UniqueID: {A1C7DDFF-5F74-49B9-9AC2-F92D1735189A} AppliedOrder: 10 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: Time Service 5-22 UniqueID: {C692EDD4-18D1-4698-AFE9-226C60EF20D2} AppliedOrder: 9 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Workstation Admins - Add Local UniqueID: {A9EC0F9B-D4F9-46EC-921D-9172267D8C09} AppliedOrder: 8 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Adobe Disable FIPS UniqueID: {6FAF5E3A-CAF7-4AC5-A9B3-201DB0CA8011} AppliedOrder: 7 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR 2.1 - LAPS Configuration Policy UniqueID: {446E9640-684E-4528-A16F-A72F31B95B67} AppliedOrder: 6 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: Default Domain Policy UniqueID: {31B2F340-016D-11D2-945F-00C04FB984F9} AppliedOrder: 5 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: Domain User Pol Adds 04-22 UniqueID: {0AB94EFD-80CB-4182-8BE0-4D5C77808FAD} AppliedOrder: 4 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Disable print spooler inbound UniqueID: {57995639-3CC1-481E-871D-B60D68B54F2A} AppliedOrder: 3 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: IE11 STIG V2R1 4-22 UniqueID: {FF4CF530-57BD-4651-8020-451CF511BF99} AppliedOrder: 2 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: UniqueID: AppliedOrder: 1 Enabled: True Enforced: False SourceOU: Local Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: EE3C41B079CD55070D61693A3A80148AC172FB2D ~~~~~ OS Configuration: Member Workstation GPOs applied to the system... --------------------------- Name: AR2.1-Disable SmartScreen GPO CRQ#200000 UniqueID: {BDCF3DB0-ED6B-4CFD-A3DE-A0EE39CFF553} AppliedOrder: 24 Enabled: True Enforced: True SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Adobe Reader DC Continuous protected view MAR2022 UniqueID: {73FB4C08-5E4E-4613-9C92-A1935473C0B8} AppliedOrder: 23 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Axway Configuration UniqueID: {9A2E7FFB-86B0-4C62-BFC8-6E7AC786A1ED} AppliedOrder: 22 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - RBAC UniqueID: {88602F3D-3A9F-4447-934A-2DDE7E6AC06D} AppliedOrder: 21 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - BitLocker Backup to Active Directory UniqueID: {13CF8084-13EC-427B-9CAB-F3243723B027} AppliedOrder: 20 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Windows 10 v2r1 Computer UniqueID: {633BF66A-4F82-4562-A78F-EEFA83686F95} AppliedOrder: 19 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Google Chrome FIX FEB2022 UniqueID: {4077A504-B830-4B59-868A-35847B93E9C6} AppliedOrder: 18 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Edge FIX FEB2022 UniqueID: {003A4B00-8A6C-4430-82C7-EB242F312734} AppliedOrder: 17 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Mozilla Firefox FIX FEB2022 UniqueID: {5464EA36-F45C-4BE0-89E6-A0043741FA96} AppliedOrder: 16 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Microsoft Edge v1r1 Computer UniqueID: {0DF1B468-68C7-4E60-BD66-971FBBABB95A} AppliedOrder: 15 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Google Chrome V2R1 - Computer UniqueID: {466A3169-B8B0-4E46-BC61-6CA031284F5E} AppliedOrder: 14 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Disable Sleep/Hibernate UniqueID: {35D3D931-A7DC-4B8B-9BE0-A67CFBD6268D} AppliedOrder: 13 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Internet Explorer 11 V1R19 - Computer UniqueID: {3C3C67E4-A139-4561-AF7B-D5AC7CAE2AD1} AppliedOrder: 12 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Microsoft Office 2016 - Office System V1R1 Computer UniqueID: {5AD817C7-2BBB-40FA-B6CE-AD8AC845A998} AppliedOrder: 11 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: DoD Adobe Acrobat Pro DC Continuous STIG Computer V1R2 UniqueID: {A1C7DDFF-5F74-49B9-9AC2-F92D1735189A} AppliedOrder: 10 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: Time Service 5-22 UniqueID: {C692EDD4-18D1-4698-AFE9-226C60EF20D2} AppliedOrder: 9 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Workstation Admins - Add Local UniqueID: {A9EC0F9B-D4F9-46EC-921D-9172267D8C09} AppliedOrder: 8 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Adobe Disable FIPS UniqueID: {6FAF5E3A-CAF7-4AC5-A9B3-201DB0CA8011} AppliedOrder: 7 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR 2.1 - LAPS Configuration Policy UniqueID: {446E9640-684E-4528-A16F-A72F31B95B67} AppliedOrder: 6 Enabled: True Enforced: False SourceOU: OU=COMPUTERS,OU=MONTFORD-POINT,DC=MONTFORD-POINT,DC=navy,DC=mil Name: Default Domain Policy UniqueID: {31B2F340-016D-11D2-945F-00C04FB984F9} AppliedOrder: 5 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: Domain User Pol Adds 04-22 UniqueID: {0AB94EFD-80CB-4182-8BE0-4D5C77808FAD} AppliedOrder: 4 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: AR21 - Disable print spooler inbound UniqueID: {57995639-3CC1-481E-871D-B60D68B54F2A} AppliedOrder: 3 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: IE11 STIG V2R1 4-22 UniqueID: {FF4CF530-57BD-4651-8020-451CF511BF99} AppliedOrder: 2 Enabled: True Enforced: False SourceOU: DC=MONTFORD-POINT,DC=navy,DC=mil Name: UniqueID: AppliedOrder: 1 Enabled: True Enforced: False SourceOU: Local Comments |
|||||
Check Text
Verify the Windows 10 system is receiving policy from either Group Policy or an MDM with the following steps: From a command line or PowerShell: gpresult /R OS Configuration: Member Workstation If the system is not being managed by GPO, ask the administrator to indicate which MDM is managing the device. From PowerShell: Get-Service -Name "IntuneManagementExtension" If the Windows 10 system is not receiving policy from either Group Policy or an MDM, this is a finding. This is NA for standalone, nondomain-joined systems.
Fix Text
Configure the Windows 10 system to use either Group Policy or an approved MDM product to enforce STIG compliance.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
Check Text
Verify that Audit Sensitive Privilege Use auditing has been enabled: Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> Audit Sensitive Privilege Use. If "Audit Sensitive Privilege Use" is not set to "Success", this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> Audit Sensitive Privilege Use with "Success" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments |
|||||
Check Text
Verify that Audit Sensitive Privilege Use auditing has been enabled: Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> Audit Sensitive Privilege Use. If "Audit Sensitive Privilege Use" is not set to "Failure", this is a finding.
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> Audit Sensitive Privilege Use with "Failure" selected.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 6771B96D1ED1098549965ED8F67FF9028082CC2A ~~~~~ SecurityServicesRunning: 1, 2 Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 6771B96D1ED1098549965ED8F67FF9028082CC2A ~~~~~ SecurityServicesRunning: 1, 2 Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be OPEN on 10/23/2025 ResultHash: 83848C949BBF8A4E2EBDBB4A433926F0E07188E0 ~~~~~ SecurityServicesRunning: 1 Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be OPEN on 10/23/2025 ResultHash: 83848C949BBF8A4E2EBDBB4A433926F0E07188E0 ~~~~~ SecurityServicesRunning: 1 Comments |
|||||
Check Text
Confirm virtualization-based protection of code integrity. For devices that support the virtualization based security (VBS) feature for protection of code integrity, this must be enabled. If the system meets the hardware, firmware, and compatible device driver dependencies for enabling virtualization-based protection of code integrity but it is not enabled, this is a CAT II finding. Virtualization based security currently cannot be implemented in virtual desktop implementations (VDI) due to specific supporting requirements including a TPM, UEFI with Secure Boot, and the capability to run the Hyper-V feature within the virtual desktop. For VDIs where the virtual desktop instance is deleted or refreshed upon logoff, this is NA. Run "PowerShell" with elevated privileges (run as administrator). Enter the following: "Get-CimInstance -ClassName Win32_DeviceGuard -Namespace root\Microsoft\Windows\DeviceGuard" If "SecurityServicesRunning" does not include a value of "2" (e.g., "{1, 2}"), this is a finding. Alternately: Run "System Information". Under "System Summary", verify the following: If "Virtualization-based Security Services Running" does not list "Hypervisor enforced Code Integrity", this is finding. The policy settings referenced in the Fix section will configure the following registry value. However due to hardware requirements, the registry value alone does not ensure proper function. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\ Value Name: HypervisorEnforcedCodeIntegrity Value Type: REG_DWORD Value: 0x00000001 (1) (Enabled with UEFI lock), or 0x00000002 (2) (Enabled without lock)
Fix Text
Virtualization-based security currently cannot be implemented in VDIs due to specific supporting requirements, including a TPM, UEFI with Secure Boot, and the capability to run the Hyper-V feature within the virtual desktop. For VDIs where the virtual desktop instance is deleted or refreshed upon logoff, this is NA. Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Device Guard >> "Turn On Virtualization Based Security" to "Enabled" with "Enabled with UEFI lock" or "Enabled without lock" selected for "Virtualization Based Protection of Code Integrity:". "Enabled with UEFI lock" is preferred as more secure; however, it cannot be turned off remotely through a group policy change if there is an issue. "Enabled without lock" will allow this to be turned off remotely while testing for issues.
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) was unable to determine a Status but found the below configuration on 12/17/2025: ResultHash: BD6278244192424F9751ED5FC0ED5A6ABF394023 ~~~~~ Failed accounts: --------------------- Name: Alexandra.M.Perl SID: S-1-5-21-4163428051-2768110797-3591193048-1017 Enabled: True Last Logon: 07/26/2023 17:40:36 [875 days] Name: AMPerl.IAAdmin SID: S-1-5-21-4163428051-2768110797-3591193048-1018 Enabled: True Last Logon: Never Name: Joshua.J.Jordan SID: S-1-5-21-4163428051-2768110797-3591193048-1019 Enabled: True Last Logon: Never Name: jtbegarek.iaadmin SID: S-1-5-21-4163428051-2768110797-3591193048-1024 Enabled: True Last Logon: 09/09/2025 15:25:28 [99 days] Name: Ronald.W.Bunch SID: S-1-5-21-4163428051-2768110797-3591193048-1020 Enabled: True Last Logon: Never Name: Ryan.W.Arnold SID: S-1-5-21-4163428051-2768110797-3591193048-1021 Enabled: True Last Logon: Never Name: Thomas.L.Jones SID: S-1-5-21-4163428051-2768110797-3591193048-1022 Enabled: True Last Logon: Never Name: tljones.iaadmin SID: S-1-5-21-4163428051-2768110797-3591193048-1023 Enabled: True Last Logon: Never Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) was unable to determine a Status but found the below configuration on 12/17/2025: ResultHash: 100D50DA00AC9D15565FF2A46FDBBF78EFC00B0D ~~~~~ Failed accounts: --------------------- Name: Alexandra.M.Perl SID: S-1-5-21-4004422625-1934610219-1178763574-1016 Enabled: True Last Logon: 04/12/2024 17:51:05 [614 days] Name: AMPerl.IAAdmin SID: S-1-5-21-4004422625-1934610219-1178763574-1021 Enabled: True Last Logon: 08/13/2023 16:24:24 [857 days] Name: Jason.T.Davis SID: S-1-5-21-4004422625-1934610219-1178763574-1025 Enabled: True Last Logon: 01/28/2025 15:51:00 [323 days] Name: Joshua.J.Jordan SID: S-1-5-21-4004422625-1934610219-1178763574-1017 Enabled: True Last Logon: 08/07/2024 13:39:41 [497 days] Name: jtbegarek.iaadmin SID: S-1-5-21-4004422625-1934610219-1178763574-1026 Enabled: True Last Logon: 10/16/2025 16:49:04 [62 days] Name: Ryan.W.Arnold SID: S-1-5-21-4004422625-1934610219-1178763574-1019 Enabled: True Last Logon: 05/28/2025 12:18:16 [203 days] Name: Thomas.L.Jones SID: S-1-5-21-4004422625-1934610219-1178763574-1020 Enabled: True Last Logon: 11/06/2025 14:13:44 [41 days] Name: tljones.iaadmin SID: S-1-5-21-4004422625-1934610219-1178763574-1024 Enabled: True Last Logon: Never Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 578927A0E4EC2A3AFF257E82B2D49C0A580FAC3B ~~~~~ No enabled accounts found that have not logged on within 35 days. Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 578927A0E4EC2A3AFF257E82B2D49C0A580FAC3B ~~~~~ No enabled accounts found that have not logged on within 35 days. Comments |
|||||
Check Text
Run "PowerShell". Copy the lines below to the PowerShell window and enter. "([ADSI]('WinNT://{0}' -f $env:COMPUTERNAME)).Children | Where { $_.SchemaClassName -eq 'user' } | ForEach { $user = ([ADSI]$_.Path) $lastLogin = $user.Properties.LastLogin.Value $enabled = ($user.Properties.UserFlags.Value -band 0x2) -ne 0x2 if ($lastLogin -eq $null) { $lastLogin = 'Never' } Write-Host $user.Name $lastLogin $enabled }" This will return a list of local accounts with the account name, last logon, and if the account is enabled (True/False). For example: User1 10/31/2015 5:49:56 AM True Review the list to determine the finding validity for each account reported. Exclude the following accounts: Built-in administrator account (Disabled, SID ending in 500) Built-in guest account (Disabled, SID ending in 501) Built-in DefaultAccount (Disabled, SID ending in 503) Local administrator account If any enabled accounts have not been logged on to within the past 35 days, this is a finding. Inactive accounts that have been reviewed and deemed to be required must be documented with the information system security officer (ISSO).
Fix Text
Regularly review local accounts and verify their necessity. Disable or delete any active accounts that have not been used in the last 35 days.