HardeningKitty Final Report

IDCategoryNameSeverityResultRecommendedTestResultSeverityFinding
1000FeaturesSMBv1 SupportPassedFeature is not installed
1103Account PoliciesStore passwords using reversible encryptionPassedConfigured security policyPassed
1101Account PoliciesAccount lockout durationPassedAccount policy setPassed
1100Account PoliciesAccount lockout thresholdPassedAccount policy setPassed
1104Account PoliciesAllow Administrator account lockoutPassedConfigured security policyPassed
1102Account PoliciesReset account lockout counterPassedAccount policy setPassed
1200User Rights AssignmentAccess this computer from the networkPassedConfigured system user right assignmentPassed
1201User Rights AssignmentAllow log on locallyPassedConfigured system user right assignmentPassed
1202User Rights AssignmentDebug programsPassedConfigured system user right assignmentPassed
1203User Rights AssignmentDeny access to this computer from the networkPassedConfigured system user right assignmentPassed
1204User Rights AssignmentDeny log on as a batch jobPassedConfigured system user right assignmentPassed
1205User Rights AssignmentDeny log on as a servicePassedConfigured system user right assignmentPassed
1206User Rights AssignmentDeny log on through Remote Desktop ServicesPassedConfigured system user right assignmentPassed
1300Security OptionsAccounts: Block Microsoft accountsPassedRegistry value created/modifiedPassed
1301Security OptionsAudit: Force audit policy subcategory settings to override audit policy category settingsPassedRegistry value created/modifiedPassed
1302Security OptionsInteractive logon: Do not require CTRL+ALT+DELPassedRegistry value created/modifiedPassed
1303Security OptionsInteractive logon: Don't display last signed-inPassedRegistry value created/modifiedPassed
1304Security OptionsInteractive logon: Don't display username at sign-inPassedRegistry value created/modifiedPassed
1305Security OptionsMicrosoft network client: Digitally sign communications (always)PassedRegistry value created/modifiedPassed
1306Security OptionsMicrosoft network client: Digitally sign communications (if server agrees)PassedRegistry value created/modifiedPassed
1307Security OptionsMicrosoft network server: Digitally sign communications (always)PassedRegistry value created/modifiedPassed
1308Security OptionsMicrosoft network server: Digitally sign communications (if client agrees)PassedRegistry value created/modifiedPassed
1309Security OptionsNetwork access: Do not allow anonymous enumeration of SAM accountsPassedRegistry value created/modifiedPassed
1310Security OptionsNetwork access: Do not allow anonymous enumeration of SAM accounts and sharesPassedRegistry value created/modifiedPassed
1311Security OptionsNetwork access: Do not allow storage of passwords and credentials for network authenticationPassedRegistry value created/modifiedPassed
1324Security OptionsNetwork access: Restrict anonymous access to Named Pipes and SharesPassedRegistry value created/modifiedPassed
1325Security OptionsNetwork access: Restrict clients allowed to make remote calls to SAMPassedRegistry value created/modifiedPassed
1312Security OptionsNetwork security: Allow LocalSystem NULL session fallbackPassedRegistry value created/modifiedPassed
1326Security OptionsNetwork security: Do not store LAN Manager hash value on next password changePassedRegistry value created/modifiedPassed
1313Security OptionsNetwork security: LAN Manager authentication levelPassedRegistry value created/modifiedPassed
1314Security OptionsNetwork security: LDAP client signing requirementsPassedRegistry value created/modifiedPassed
1315Security OptionsNetwork security: Minimum session security for NTLM SSP based (including secure RPC) clientsPassedRegistry value created/modifiedPassed
1316Security OptionsNetwork security: Minimum session security for NTLM SSP based (including secure RPC) serversPassedRegistry value created/modifiedPassed
1317Security OptionsNetwork security: Restrict NTLM: Audit Incoming NTLM TrafficPassedRegistry value created/modifiedPassed
1318Security OptionsNetwork security: Restrict NTLM: Audit NTLM authentication in this domainPassedRegistry value created/modifiedPassed
1319Security OptionsNetwork security: Restrict NTLM: Outgoing NTLM traffic to remote serversPassedRegistry value created/modifiedPassed
1320Security OptionsShutdown: Allow system to be shut down without having to log onPassedRegistry value created/modifiedPassed
1321Security OptionsUser Account Control: Admin Approval Mode for the Built-in Administrator accountPassedRegistry value created/modifiedPassed
1322Security OptionsUser Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModePassedRegistry value created/modifiedPassed
1323Security OptionsUser Account Control: Behavior of the elevation prompt for standard usersPassedRegistry value created/modifiedPassed
1400Windows FirewallEnableFirewall (Domain Profile, Policy)PassedRegistry key createdPassed
1400Windows FirewallEnableFirewall (Domain Profile, Policy)PassedRegistry value created/modifiedPassed
1418Windows FirewallEnableFirewall (Domain Profile)PassedRegistry value created/modifiedPassed
1401Windows FirewallInbound Connections (Domain Profile, Policy)PassedRegistry value created/modifiedPassed
1419Windows FirewallInbound Connections (Domain Profile)PassedRegistry value created/modifiedPassed
1402Windows FirewallOutbound Connections (Domain Profile, Policy)PassedRegistry value created/modifiedPassed
1420Windows FirewallOutbound Connections (Domain Profile)PassedRegistry value created/modifiedPassed
1403Windows FirewallLog size limit (Domain Profile, Policy)PassedRegistry key createdPassed
1403Windows FirewallLog size limit (Domain Profile, Policy)PassedRegistry value created/modifiedPassed
1421Windows FirewallLog size limit (Domain Profile)PassedRegistry value created/modifiedPassed
1404Windows FirewallLog dropped packets (Domain Profile, Policy)PassedRegistry value created/modifiedPassed
1422Windows FirewallLog dropped packets (Domain Profile)PassedRegistry value created/modifiedPassed
1405Windows FirewallLog successful connections (Domain Profile, Policy)PassedRegistry value created/modifiedPassed
1423Windows FirewallLog successful connections (Domain Profile)PassedRegistry value created/modifiedPassed
1406Windows FirewallEnableFirewall (Private Profile, Policy)PassedRegistry key createdPassed
1406Windows FirewallEnableFirewall (Private Profile, Policy)PassedRegistry value created/modifiedPassed
1424Windows FirewallEnableFirewall (Private Profile)PassedRegistry value created/modifiedPassed
1407Windows FirewallInbound Connections (Private Profile, Policy)PassedRegistry value created/modifiedPassed
1425Windows FirewallInbound Connections (Private Profile)PassedRegistry value created/modifiedPassed
1408Windows FirewallOutbound Connections (Private Profile, Policy)PassedRegistry value created/modifiedPassed
1426Windows FirewallOutbound Connections (Private Profile)PassedRegistry value created/modifiedPassed
1409Windows FirewallLog size limit (Private Profile, Policy)PassedRegistry key createdPassed
1409Windows FirewallLog size limit (Private Profile, Policy)PassedRegistry value created/modifiedPassed
1427Windows FirewallLog size limit (Private Profile)PassedRegistry value created/modifiedPassed
1410Windows FirewallLog dropped packets (Private Profile, Policy)PassedRegistry value created/modifiedPassed
1428Windows FirewallLog dropped packets (Private Profile)PassedRegistry value created/modifiedPassed
1411Windows FirewallLog successful connections (Private Profile, Policy)PassedRegistry value created/modifiedPassed
1429Windows FirewallLog successful connections (Private Profile)PassedRegistry value created/modifiedPassed
1412Windows FirewallEnableFirewall (Public Profile, Policy)PassedRegistry key createdPassed
1412Windows FirewallEnableFirewall (Public Profile, Policy)PassedRegistry value created/modifiedPassed
1430Windows FirewallEnableFirewall (Public Profile)PassedRegistry value created/modifiedPassed
1413Windows FirewallInbound Connections (Public Profile, Policy)PassedRegistry value created/modifiedPassed
1431Windows FirewallInbound Connections (Public Profile)PassedRegistry value created/modifiedPassed
1414Windows FirewallOutbound Connections (Public Profile, Policy)PassedRegistry value created/modifiedPassed
1432Windows FirewallOutbound Connections (Public Profile)PassedRegistry value created/modifiedPassed
1415Windows FirewallLog size limit (Public Profile, Policy)PassedRegistry key createdPassed
1415Windows FirewallLog size limit (Public Profile, Policy)PassedRegistry value created/modifiedPassed
1433Windows FirewallLog size limit (Public Profile)PassedRegistry value created/modifiedPassed
1416Windows FirewallLog dropped packets (Public Profile, Policy)PassedRegistry value created/modifiedPassed
1434Windows FirewallLog dropped packets (Public Profile)PassedRegistry value created/modifiedPassed
1417Windows FirewallLog successful connections (Public Profile, Policy)PassedRegistry value created/modifiedPassed
1435Windows FirewallLog successful connections (Public Profile)PassedRegistry value created/modifiedPassed
1500Advanced Audit Policy ConfigurationCredential ValidationPassedAudit policy setPassed
1501Advanced Audit Policy ConfigurationSecurity Group ManagementPassedAudit policy setPassed
1502Advanced Audit Policy ConfigurationUser Account ManagementPassedAudit policy setPassed
1503Advanced Audit Policy ConfigurationDPAPI ActivityPassedAudit policy setPassed
1504Advanced Audit Policy ConfigurationPlug and Play EventsPassedAudit policy setPassed
1505Advanced Audit Policy ConfigurationProcess CreationPassedAudit policy setPassed
1506Advanced Audit Policy ConfigurationAccount LockoutPassedAudit policy setPassed
1507Advanced Audit Policy ConfigurationGroup MembershipPassedAudit policy setPassed
1508Advanced Audit Policy ConfigurationLogonPassedAudit policy setPassed
1509Advanced Audit Policy ConfigurationOther Logon/Logoff EventsPassedAudit policy setPassed
1510Advanced Audit Policy ConfigurationSpecial LogonPassedAudit policy setPassed
1511Advanced Audit Policy ConfigurationDetailed File SharePassedAudit policy setPassed
1512Advanced Audit Policy ConfigurationFile SharePassedAudit policy setPassed
1513Advanced Audit Policy ConfigurationKernel ObjectPassedAudit policy setPassed
1514Advanced Audit Policy ConfigurationOther Object Access EventsPassedAudit policy setPassed
1515Advanced Audit Policy ConfigurationRemovable StoragePassedAudit policy setPassed
1516Advanced Audit Policy ConfigurationSAMPassedAudit policy setPassed
1517Advanced Audit Policy ConfigurationAudit Policy ChangePassedAudit policy setPassed
1518Advanced Audit Policy ConfigurationAuthentication Policy ChangePassedAudit policy setPassed
1519Advanced Audit Policy ConfigurationMPSSVC Rule-Level Policy ChangePassedAudit policy setPassed
1520Advanced Audit Policy ConfigurationOther Policy Change EventsPassedAudit policy setPassed
1521Advanced Audit Policy ConfigurationSensitive Privilege UsePassedAudit policy setPassed
1522Advanced Audit Policy ConfigurationOther System EventsPassedAudit policy setPassed
1523Advanced Audit Policy ConfigurationSecurity State ChangePassedAudit policy setPassed
1524Advanced Audit Policy ConfigurationSecurity System ExtensionPassedAudit policy setPassed
1525Advanced Audit Policy ConfigurationSystem IntegrityPassedAudit policy setPassed
1600Administrative Templates: Control PanelPersonalization: Prevent enabling lock screen cameraPassedRegistry key createdPassed
1600Administrative Templates: Control PanelPersonalization: Prevent enabling lock screen cameraPassedRegistry value created/modifiedPassed
1601Administrative Templates: NetworkDNS Client: Turn off multicast name resolution (LLMNR)PassedRegistry key createdPassed
1601Administrative Templates: NetworkDNS Client: Turn off multicast name resolution (LLMNR)PassedRegistry value created/modifiedPassed
1602Administrative Templates: NetworkLanman Workstation: Enable insecure guest logonsPassedRegistry key createdPassed
1602Administrative Templates: NetworkLanman Workstation: Enable insecure guest logonsPassedRegistry value created/modifiedPassed
1603Administrative Templates: NetworkTurn off Microsoft Peer-to-Peer Networking ServicesPassedRegistry value created/modifiedPassed
1604Administrative Templates: NetworkWLAN Settings: Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid servicesPassedRegistry value created/modifiedPassed
2108Administrative Templates: PowerShellCoreTurn on PowerShell Module LoggingPassedRegistry key createdPassed
2108Administrative Templates: PowerShellCoreTurn on PowerShell Module LoggingPassedRegistry value created/modifiedPassed
2109Administrative Templates: PowerShellCoreTurn on PowerShell Module Logging (PowerShell Policy)PassedRegistry value created/modifiedPassed
2110Administrative Templates: PowerShellCoreTurn on PowerShell Module Logging - Module NamesPassedRegistry key createdPassed
2110Administrative Templates: PowerShellCoreTurn on PowerShell Module Logging - Module NamesPassedRegistry value created/modifiedPassed
2111Administrative Templates: PowerShellCoreTurn on PowerShell Script Block LoggingPassedRegistry key createdPassed
2111Administrative Templates: PowerShellCoreTurn on PowerShell Script Block LoggingPassedRegistry value created/modifiedPassed
2112Administrative Templates: PowerShellCoreTurn on PowerShell Script Block Logging (Invocation)PassedRegistry value created/modifiedPassed
2113Administrative Templates: PowerShellCoreTurn on PowerShell Script Block Logging (PowerShell Policy)PassedRegistry value created/modifiedPassed
2116Administrative Templates: PowerShellCoreTurn on PowerShell TranscriptionPassedRegistry key createdPassed
2116Administrative Templates: PowerShellCoreTurn on PowerShell TranscriptionPassedRegistry value created/modifiedPassed
2114Administrative Templates: PowerShellCoreTurn on PowerShell Transcription (Invocation)PassedRegistry value created/modifiedPassed
2115Administrative Templates: PowerShellCoreTurn on PowerShell Transcription (PowerShell Policy)PassedRegistry value created/modifiedPassed
1772Administrative Templates: PrintersConfigure Redirection GuardPassedRegistry key createdPassed
1772Administrative Templates: PrintersConfigure Redirection GuardPassedRegistry value created/modifiedPassed
1768Administrative Templates: PrintersOnly use Package Point and Print (CVE-2021-36958)PassedRegistry key createdPassed
1768Administrative Templates: PrintersOnly use Package Point and Print (CVE-2021-36958)PassedRegistry value created/modifiedPassed
1769Administrative Templates: PrintersPackage Point and Print - Approved servers (CVE-2021-36958)PassedRegistry value created/modifiedPassed
1764Administrative Templates: PrintersPoint and Print Restrictions: When installing drivers for a new connection (CVE-2021-34527)PassedRegistry key createdPassed
1764Administrative Templates: PrintersPoint and Print Restrictions: When installing drivers for a new connection (CVE-2021-34527)PassedRegistry value created/modifiedPassed
1765Administrative Templates: PrintersPoint and Print Restrictions: When updating drivers for an existing connection (CVE-2021-34527)PassedRegistry value created/modifiedPassed
1771Administrative Templates: Start Menu and TaskbarNotifications: Turn off notifications network usagePassedRegistry key createdPassed
1771Administrative Templates: Start Menu and TaskbarNotifications: Turn off notifications network usagePassedRegistry value created/modifiedPassed
1605Administrative Templates: SystemCredentials Delegation: Allow delegation default credentialsPassedRegistry key createdPassed
1605Administrative Templates: SystemCredentials Delegation: Allow delegation default credentialsPassedRegistry value created/modifiedPassed
1606Administrative Templates: SystemCredentials Delegation: Encryption Oracle RemediationPassedRegistry key createdPassed
1606Administrative Templates: SystemCredentials Delegation: Encryption Oracle RemediationPassedRegistry value created/modifiedPassed
1699Administrative Templates: SystemCredentials Delegation: Remote host allows delegation of non-exportable credentialsPassedRegistry value created/modifiedPassed
1607Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices that match an IDPassedRegistry key createdPassed
1607Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices that match an IDPassedRegistry value created/modifiedPassed
1608Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices that match an ID (Retroactive)PassedRegistry value created/modifiedPassed
1609Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices that match ID PCI\CC_0C0010 (Firewire)PassedRegistry key createdPassed
1609Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices that match ID PCI\CC_0C0010 (Firewire)PassedRegistry value created/modifiedPassed
1610Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices that match ID PCI\CC_0C0A (Thunderbolt)PassedRegistry value created/modifiedPassed
1611Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices using drivers that match an device setup classPassedRegistry value created/modifiedPassed
1612Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices using drivers that match an device setup class (Retroactive)PassedRegistry value created/modifiedPassed
1613Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices using drivers that match d48179be-ec20-11d1-b6b8-00c04fa372a7 (SBP-2 drive)PassedRegistry key createdPassed
1613Administrative Templates: SystemDevice Installation: Device Installation Restrictions: Prevent installation of devices using drivers that match d48179be-ec20-11d1-b6b8-00c04fa372a7 (SBP-2 drive)PassedRegistry value created/modifiedPassed
1623Administrative Templates: SystemDevice Guard: Require UEFI Memory Attributes Table (Policy)PassedRegistry key createdPassed
1623Administrative Templates: SystemDevice Guard: Require UEFI Memory Attributes Table (Policy)PassedRegistry value created/modifiedPassed
1621Administrative Templates: SystemDevice Guard: Secure Launch Configuration (Policy)PassedRegistry value created/modifiedPassed
1622Administrative Templates: SystemDevice Guard: Windows Defender Application Control deployed (Policy)PassedRegistry value created/modifiedPassed
1630Administrative Templates: SystemEarly Launch Antimalware: Boot-Start Driver Initialization PolicyPassedRegistry key createdPassed
1630Administrative Templates: SystemEarly Launch Antimalware: Boot-Start Driver Initialization PolicyPassedRegistry value created/modifiedPassed
1631Administrative Templates: SystemGroup Policy: Process even if the Group Policy objects have not changedPassedRegistry key createdPassed
1631Administrative Templates: SystemGroup Policy: Process even if the Group Policy objects have not changedPassedRegistry value created/modifiedPassed
1632Administrative Templates: SystemGroup Policy: Do not apply during periodic background processingPassedRegistry value created/modifiedPassed
1640Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off the Windows Messenger Customer Experience Improvement ProgramPassedRegistry key createdPassed
1640Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off the Windows Messenger Customer Experience Improvement ProgramPassedRegistry value created/modifiedPassed
1641Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off downloading of print drivers over HTTPPassedRegistry value created/modifiedPassed
1642Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off Windows Error Reporting 1PassedRegistry key createdPassed
1642Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off Windows Error Reporting 1PassedRegistry value created/modifiedPassed
1643Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off Windows Error Reporting 2PassedRegistry value created/modifiedPassed
1644Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off Internet download for Web publishing and online ordering wizardsPassedRegistry value created/modifiedPassed
1645Administrative Templates: SystemInternet Communication Management: Internet Communication settings: Turn off Windows Customer Experience Improvement ProgramPassedRegistry value created/modifiedPassed
1650Administrative Templates: SystemKernel DMA Protection: Enumeration policy for external devices incompatible with Kernel DMA ProtectionPassedRegistry key createdPassed
1650Administrative Templates: SystemKernel DMA Protection: Enumeration policy for external devices incompatible with Kernel DMA ProtectionPassedRegistry value created/modifiedPassed
1660Administrative Templates: SystemLogon: Turn on convenience PIN sign-inPassedRegistry value created/modifiedPassed
1661Administrative Templates: SystemLogon: Turn off app notifications on the lock screenPassedRegistry value created/modifiedPassed
1662Administrative Templates: SystemLogon: Do not display network selection UIPassedRegistry value created/modifiedPassed
1670Administrative Templates: SystemMitigation Options: Untrusted Font BlockingPassedRegistry key createdPassed
1670Administrative Templates: SystemMitigation Options: Untrusted Font BlockingPassedRegistry value created/modifiedPassed
1680Administrative Templates: SystemOS Policies: Allow Clipboard synchronization across devicesPassedRegistry value created/modifiedPassed
1685Administrative Templates: SystemSleep Settings: Require a password when a computer wakes (plugged in)PassedRegistry key createdPassed
1685Administrative Templates: SystemSleep Settings: Require a password when a computer wakes (plugged in)PassedRegistry value created/modifiedPassed
1686Administrative Templates: SystemSleep Settings: Require a password when a computer wakes (on battery)PassedRegistry value created/modifiedPassed
1687Administrative Templates: SystemSleep Settings: Allow standby states (S1-S3) when sleeping (plugged in)PassedRegistry key createdPassed
1687Administrative Templates: SystemSleep Settings: Allow standby states (S1-S3) when sleeping (plugged in)PassedRegistry value created/modifiedPassed
1688Administrative Templates: SystemSleep Settings: Allow standby states (S1-S3) when sleeping (on battery)PassedRegistry value created/modifiedPassed
1690Administrative Templates: SystemRemote Assistance: Configure Offer Remote AssistancePassedRegistry value created/modifiedPassed
1691Administrative Templates: SystemRemote Assistance: Configure Solicited Remote AssistancePassedRegistry value created/modifiedPassed
1692Administrative Templates: SystemRemote Procedure Call: Enable RPC Endpoint Mapper Client AuthenticationPassedRegistry key createdPassed
1692Administrative Templates: SystemRemote Procedure Call: Enable RPC Endpoint Mapper Client AuthenticationPassedRegistry value created/modifiedPassed
1693Administrative Templates: SystemRemote Procedure Call: Restrict Unauthenticated RPC clientsPassedRegistry value created/modifiedPassed
1694Administrative Templates: SystemSecurity Settings: Enable svchost.exe mitigation optionsPassedRegistry value created/modifiedPassed
1695Administrative Templates: SystemWindows Performance PerfTrack: Enable/Disable PerfTrackPassedRegistry key createdPassed
1695Administrative Templates: SystemWindows Performance PerfTrack: Enable/Disable PerfTrackPassedRegistry value created/modifiedPassed
1696Administrative Templates: SystemUser Profiles: Turn off the advertising IDPassedRegistry key createdPassed
1696Administrative Templates: SystemUser Profiles: Turn off the advertising IDPassedRegistry value created/modifiedPassed
1697Administrative Templates: SystemTime Providers: Enable Windows NTP ClientPassedRegistry key createdPassed
1697Administrative Templates: SystemTime Providers: Enable Windows NTP ClientPassedRegistry value created/modifiedPassed
1698Administrative Templates: SystemTime Providers: Enable Windows NTP ServerPassedRegistry key createdPassed
1698Administrative Templates: SystemTime Providers: Enable Windows NTP ServerPassedRegistry value created/modifiedPassed
1700Administrative Templates: Windows ComponentsApp Package Deployment: Allow a Windows app to share application data between usersPassedRegistry key createdPassed
1700Administrative Templates: Windows ComponentsApp Package Deployment: Allow a Windows app to share application data between usersPassedRegistry value created/modifiedPassed
1701Administrative Templates: Windows ComponentsApp Privacy: Let Windows apps activate with voice while the system is lockedPassedRegistry key createdPassed
1701Administrative Templates: Windows ComponentsApp Privacy: Let Windows apps activate with voice while the system is lockedPassedRegistry value created/modifiedPassed
1702Administrative Templates: Windows ComponentsApp runtime: Block launching Universal Windows apps with Windows Runtime API access from hosted contentPassedRegistry value created/modifiedPassed
1703Administrative Templates: Windows ComponentsApplication Compatibility: Turn off Application TelemetryPassedRegistry key createdPassed
1703Administrative Templates: Windows ComponentsApplication Compatibility: Turn off Application TelemetryPassedRegistry value created/modifiedPassed
1704Administrative Templates: Windows ComponentsAutoPlay Policies: Turn off AutoplayPassedRegistry value created/modifiedPassed
1705Administrative Templates: Windows ComponentsAutoPlay Policies: Disallow Autoplay for non-volume devicesPassedRegistry value created/modifiedPassed
1706Administrative Templates: Windows ComponentsAutoPlay Policies: Set the default behavior for AutoRunPassedRegistry value created/modifiedPassed
1707Administrative Templates: Windows ComponentsBiometrics: Allow the use of biometricsPassedRegistry key createdPassed
1707Administrative Templates: Windows ComponentsBiometrics: Allow the use of biometricsPassedRegistry value created/modifiedPassed
1773Administrative Templates: Windows ComponentsBiometrics: Facial Features: Configure enhanced anti-spoofingPassedRegistry key createdPassed
1773Administrative Templates: Windows ComponentsBiometrics: Facial Features: Configure enhanced anti-spoofingPassedRegistry value created/modifiedPassed
1761Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Choose drive encryption method and cipher strength (for operating system drives)PassedRegistry key createdPassed
1761Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Choose drive encryption method and cipher strength (for operating system drives)PassedRegistry value created/modifiedPassed
1709Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Disable new DMA devices when this computer is lockedPassedRegistry value created/modifiedPassed
1710Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Allow Secure Boot for integrity validationPassedRegistry value created/modifiedPassed
1711Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Require additional authentication at startupPassedRegistry value created/modifiedPassed
1715Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Require additional authentication at startup: Allow BitLocker without a compatible TPMPassedRegistry value created/modifiedPassed
1716Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Require additional authentication at startup: Configure TPM startupPassedRegistry value created/modifiedPassed
1717Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Require additional authentication at startup: Configure TPM startup PINPassedRegistry value created/modifiedPassed
1718Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Require additional authentication at startup: Configure TPM startup keyPassedRegistry value created/modifiedPassed
1719Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Require additional authentication at startup: Configure TPM startup key and PINPassedRegistry value created/modifiedPassed
1712Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Allow enhanced PINs for startupPassedRegistry value created/modifiedPassed
1713Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Configure use of hardware-based encryption for operating system drivesPassedRegistry value created/modifiedPassed
1763Administrative Templates: Windows ComponentsBitLocker Drive Encryption: Operating System Drives: Configure minimum PIN length for startupPassedRegistry value created/modifiedPassed
1720Administrative Templates: Windows ComponentsCloud Content: Do not show Windows tipsPassedRegistry value created/modifiedPassed
1721Administrative Templates: Windows ComponentsCloud Content: Turn off Microsoft consumer experiencesPassedRegistry value created/modifiedPassed
1722Administrative Templates: Windows ComponentsCredential User Interface: Do not display the password reveal buttonPassedRegistry key createdPassed
1722Administrative Templates: Windows ComponentsCredential User Interface: Do not display the password reveal buttonPassedRegistry value created/modifiedPassed
1724Administrative Templates: Windows ComponentsCredential User Interface: Enumerate administrator accounts on elevationPassedRegistry key createdPassed
1724Administrative Templates: Windows ComponentsCredential User Interface: Enumerate administrator accounts on elevationPassedRegistry value created/modifiedPassed
1725Administrative Templates: Windows ComponentsData Collection and Preview Builds: Allow Diagnostic DataPassedRegistry value created/modifiedPassed
1726Administrative Templates: Windows ComponentsData Collection and Preview Builds: Allow device name to be sent in Windows diagnostic dataPassedRegistry value created/modifiedPassed
1727Administrative Templates: Windows ComponentsDelivery Optimization: Download ModePassedRegistry key createdPassed
1727Administrative Templates: Windows ComponentsDelivery Optimization: Download ModePassedRegistry value created/modifiedPassed
1728Administrative Templates: Windows ComponentsEvent Log Service: Application: Specify the maximum log file size (KB)PassedRegistry key createdPassed
1728Administrative Templates: Windows ComponentsEvent Log Service: Application: Specify the maximum log file size (KB)PassedRegistry value created/modifiedPassed
1729Administrative Templates: Windows ComponentsEvent Log Service: Security: Specify the maximum log file size (KB)PassedRegistry key createdPassed
1729Administrative Templates: Windows ComponentsEvent Log Service: Security: Specify the maximum log file size (KB)PassedRegistry value created/modifiedPassed
1730Administrative Templates: Windows ComponentsEvent Log Service: System: Specify the maximum log file size (KB)PassedRegistry key createdPassed
1730Administrative Templates: Windows ComponentsEvent Log Service: System: Specify the maximum log file size (KB)PassedRegistry value created/modifiedPassed
1774Administrative Templates: Windows ComponentsEvent Log Service: Microsoft-Windows-PowerShell/Operational: Specify the maximum log file size (KB)PassedRegistry value created/modifiedPassed
1775Administrative Templates: Windows ComponentsEvent Log Service: PowerShellCore/Operational: Specify the maximum log file size (KB)PassedRegistry key createdPassed
1775Administrative Templates: Windows ComponentsEvent Log Service: PowerShellCore/Operational: Specify the maximum log file size (KB)PassedRegistry value created/modifiedPassed
1731Administrative Templates: Windows ComponentsFile Explorer: Allow the use of remote paths in file shortcut iconsPassedRegistry value created/modifiedPassed
1732Administrative Templates: Windows ComponentsHomeGroup: Prevent the computer from joining a homegroupPassedRegistry key createdPassed
1732Administrative Templates: Windows ComponentsHomeGroup: Prevent the computer from joining a homegroupPassedRegistry value created/modifiedPassed
1800Microsoft Defender AntivirusTurn off Microsoft Defender AntivirusPassedRegistry value created/modifiedPassed
1801Microsoft Defender AntivirusConfigure detection for potentially unwanted applicationsPassedRegistry value created/modifiedPassed
1806Microsoft Defender AntivirusExclusions: Extension Exclusions (Policy)PassedRegistry key createdPassed
1806Microsoft Defender AntivirusExclusions: Extension Exclusions (Policy)PassedRegistry value created/modifiedPassed
1813Microsoft Defender AntivirusExclusions: Extension Exclusions (Intune)PassedThis setting is not configured by HardeningKittyPassed
1808Microsoft Defender AntivirusExclusions: Path Exclusions (Policy)PassedRegistry value created/modifiedPassed
1814Microsoft Defender AntivirusExclusions: Path Exclusions (Intune)PassedThis setting is not configured by HardeningKittyPassed
1810Microsoft Defender AntivirusExclusions: Process Exclusions (Policy)PassedRegistry value created/modifiedPassed
1815Microsoft Defender AntivirusExclusions: Process Exclusions (Intune)PassedThis setting is not configured by HardeningKittyPassed
1816Microsoft Defender AntivirusMAPS: Join Microsoft MAPSPassedRegistry key createdPassed
1816Microsoft Defender AntivirusMAPS: Join Microsoft MAPSPassedRegistry value created/modifiedPassed
1817Microsoft Defender AntivirusMAPS: Configure the 'Block at First Sight' featurePassedRegistry value created/modifiedPassed
1818Microsoft Defender AntivirusMAPS: Send file samples when further analysis is requiredPassedRegistry value created/modifiedPassed
1819Microsoft Defender AntivirusMpEngine: Enable file hash computation featurePassedRegistry key createdPassed
1819Microsoft Defender AntivirusMpEngine: Enable file hash computation featurePassedRegistry value created/modifiedPassed
1820Microsoft Defender AntivirusMpEngine: Select cloud protection levelPassedRegistry value created/modifiedPassed
1821Microsoft Defender AntivirusReal-time Protection: Scan all downloaded files and attachmentsPassedRegistry key createdPassed
1821Microsoft Defender AntivirusReal-time Protection: Scan all downloaded files and attachmentsPassedRegistry value created/modifiedPassed
1822Microsoft Defender AntivirusReal-time Protection: Turn off real-time protectionPassedRegistry value created/modifiedPassed
1823Microsoft Defender AntivirusReal-time Protection: Turn on behavior monitoring (Policy)PassedRegistry value created/modifiedPassed
1824Microsoft Defender AntivirusReal-time Protection: Turn on script scanningPassedRegistry value created/modifiedPassed
1825Microsoft Defender AntivirusScan: Scan removable drivesPassedRegistry key createdPassed
1825Microsoft Defender AntivirusScan: Scan removable drivesPassedRegistry value created/modifiedPassed
1812Microsoft Defender AntivirusEnable sandboxing for Microsoft Defender AntivirusPassedRegistry value created/modifiedPassed
1900Microsoft Defender Exploit GuardAttack Surface Reduction rulesPassedRegistry key createdPassed
1900Microsoft Defender Exploit GuardAttack Surface Reduction rulesPassedRegistry value created/modifiedPassed
1901Microsoft Defender Exploit GuardASR: Block executable content from email client and webmail (Policy)PassedRegistry key createdPassed
1901Microsoft Defender Exploit GuardASR: Block executable content from email client and webmail (Policy)PassedRegistry value created/modifiedPassed
1916Microsoft Defender Exploit GuardASR: Block executable content from email client and webmailHighFailed to add ASR ruleFailed
1933Microsoft Defender Exploit GuardASR: Block executable content from email client and webmail (Intune)PassedThis setting is not configured by HardeningKittyPassed
1902Microsoft Defender Exploit GuardASR: Block all Office applications from creating child processes (Policy)PassedRegistry value created/modifiedPassed
1917Microsoft Defender Exploit GuardASR: Block all Office applications from creating child processesHighFailed to add ASR ruleFailed
1934Microsoft Defender Exploit GuardASR: Block all Office applications from creating child processes (Intune)PassedThis setting is not configured by HardeningKittyPassed
1903Microsoft Defender Exploit GuardASR: Block Office applications from creating executable content (Policy)PassedRegistry value created/modifiedPassed
1918Microsoft Defender Exploit GuardASR: Block Office applications from creating executable contentHighFailed to add ASR ruleFailed
1935Microsoft Defender Exploit GuardASR: Block Office applications from creating executable content (Intune)PassedThis setting is not configured by HardeningKittyPassed
1904Microsoft Defender Exploit GuardASR: Block Office applications from injecting code into other processes (Policy)PassedRegistry value created/modifiedPassed
1919Microsoft Defender Exploit GuardASR: Block Office applications from injecting code into other processesHighFailed to add ASR ruleFailed
1936Microsoft Defender Exploit GuardASR: Block Office applications from injecting code into other processes (Intune)PassedThis setting is not configured by HardeningKittyPassed
1905Microsoft Defender Exploit GuardASR: Block JavaScript or VBScript from launching downloaded executable content (Policy)PassedRegistry value created/modifiedPassed
1920Microsoft Defender Exploit GuardASR: Block JavaScript or VBScript from launching downloaded executable contentHighFailed to add ASR ruleFailed
1937Microsoft Defender Exploit GuardASR: Block JavaScript or VBScript from launching downloaded executable content (Intune)PassedThis setting is not configured by HardeningKittyPassed
1906Microsoft Defender Exploit GuardASR: Block execution of potentially obfuscated scripts (Policy)PassedRegistry value created/modifiedPassed
1921Microsoft Defender Exploit GuardASR: Block execution of potentially obfuscated scriptsHighFailed to add ASR ruleFailed
1938Microsoft Defender Exploit GuardASR: Block execution of potentially obfuscated scripts (Intune)PassedThis setting is not configured by HardeningKittyPassed
1907Microsoft Defender Exploit GuardASR: Block Win32 API calls from Office macros (Policy)PassedRegistry value created/modifiedPassed
1922Microsoft Defender Exploit GuardASR: Block Win32 API calls from Office macrosHighFailed to add ASR ruleFailed
1939Microsoft Defender Exploit GuardASR: Block Win32 API calls from Office macros (Intune)PassedThis setting is not configured by HardeningKittyPassed
1908Microsoft Defender Exploit GuardASR: Block executable files from running unless they meet a prevalence, age, or trusted list criterion (Policy)PassedRegistry value created/modifiedPassed
1923Microsoft Defender Exploit GuardASR: Block executable files from running unless they meet a prevalence, age, or trusted list criterionHighFailed to add ASR ruleFailed
1940Microsoft Defender Exploit GuardASR: Block executable files from running unless they meet a prevalence, age, or trusted list criterion (Intune)PassedThis setting is not configured by HardeningKittyPassed
1909Microsoft Defender Exploit GuardASR: Use advanced protection against ransomware (Policy)PassedRegistry value created/modifiedPassed
1924Microsoft Defender Exploit GuardASR: Use advanced protection against ransomwareHighFailed to add ASR ruleFailed
1941Microsoft Defender Exploit GuardASR: Use advanced protection against ransomware (Intune)PassedThis setting is not configured by HardeningKittyPassed
1910Microsoft Defender Exploit GuardASR: Block credential stealing from the Windows local security authority subsystem (lsass.exe) (Policy)PassedRegistry value created/modifiedPassed
1925Microsoft Defender Exploit GuardASR: Block credential stealing from the Windows local security authority subsystem (lsass.exe)HighFailed to add ASR ruleFailed
1942Microsoft Defender Exploit GuardASR: Block credential stealing from the Windows local security authority subsystem (lsass.exe) (Intune)PassedThis setting is not configured by HardeningKittyPassed
1911Microsoft Defender Exploit GuardASR: Block process creations originating from PSExec and WMI commands (Policy)PassedRegistry value created/modifiedPassed
1926Microsoft Defender Exploit GuardASR: Block process creations originating from PSExec and WMI commandsHighFailed to add ASR ruleFailed
1943Microsoft Defender Exploit GuardASR: Block process creations originating from PSExec and WMI commands (Intune)PassedThis setting is not configured by HardeningKittyPassed
1912Microsoft Defender Exploit GuardASR: Block untrusted and unsigned processes that run from USB (Policy)PassedRegistry value created/modifiedPassed
1927Microsoft Defender Exploit GuardASR: Block untrusted and unsigned processes that run from USBHighFailed to add ASR ruleFailed
1944Microsoft Defender Exploit GuardASR: Block untrusted and unsigned processes that run from USB (Intune)PassedThis setting is not configured by HardeningKittyPassed
1913Microsoft Defender Exploit GuardASR: Block Office communication application from creating child processes (Policy)PassedRegistry value created/modifiedPassed
1928Microsoft Defender Exploit GuardASR: Block Office communication application from creating child processesHighFailed to add ASR ruleFailed
1945Microsoft Defender Exploit GuardASR: Block Office communication application from creating child processes (Intune)PassedThis setting is not configured by HardeningKittyPassed
1914Microsoft Defender Exploit GuardASR: Block Adobe Reader from creating child processes (Policy)PassedRegistry value created/modifiedPassed
1929Microsoft Defender Exploit GuardASR: Block Adobe Reader from creating child processesHighFailed to add ASR ruleFailed
1946Microsoft Defender Exploit GuardASR: Block Adobe Reader from creating child processes (Intune)PassedThis setting is not configured by HardeningKittyPassed
1915Microsoft Defender Exploit GuardASR: Block persistence through WMI event subscription (Policy)PassedRegistry value created/modifiedPassed
1930Microsoft Defender Exploit GuardASR: Block persistence through WMI event subscriptionHighFailed to add ASR ruleFailed
1947Microsoft Defender Exploit GuardASR: Block persistence through WMI event subscription (Intune)PassedThis setting is not configured by HardeningKittyPassed
1931Microsoft Defender Exploit GuardASR: Block abuse of exploited vulnerable signed drivers (Policy)PassedRegistry value created/modifiedPassed
1932Microsoft Defender Exploit GuardASR: Block abuse of exploited vulnerable signed driversHighFailed to add ASR ruleFailed
1948Microsoft Defender Exploit GuardASR: Block abuse of exploited vulnerable signed drivers (Intune)PassedThis setting is not configured by HardeningKittyPassed
1966Microsoft Defender Exploit GuardASR: Exclude files and paths from Attack Surface Reduction Rules (Policy)PassedRegistry value created/modifiedPassed
1968Microsoft Defender Exploit GuardASR: Exclude files and paths from Attack Surface Reduction Rules (Intune)PassedThis setting is not configured by HardeningKittyPassed
1965Microsoft Defender Exploit GuardNetwork Protection: Prevent users and apps from accessing dangerous websitesPassedRegistry key createdPassed
1965Microsoft Defender Exploit GuardNetwork Protection: Prevent users and apps from accessing dangerous websitesPassedRegistry value created/modifiedPassed
1767Administrative Templates: Windows ComponentsNews and interests: Enable news and interests on the taskbarPassedRegistry key createdPassed
1767Administrative Templates: Windows ComponentsNews and interests: Enable news and interests on the taskbarPassedRegistry value created/modifiedPassed
1733Administrative Templates: Windows ComponentsOneDrive: Prevent the usage of OneDrive for file storagePassedRegistry key createdPassed
1733Administrative Templates: Windows ComponentsOneDrive: Prevent the usage of OneDrive for file storagePassedRegistry value created/modifiedPassed
1734Administrative Templates: Windows ComponentsRemote Desktop Connection Client: Do not allow passwords to be savedPassedRegistry value created/modifiedPassed
1735Administrative Templates: Windows ComponentsRemote Desktop Session Host: Allow users to connect remotely by using Remote Desktop ServicesPassedRegistry value created/modifiedPassed
1736Administrative Templates: Windows ComponentsRemote Desktop Session Host: Device and Resource Redirection: Do not allow drive redirectionPassedRegistry value created/modifiedPassed
1737Administrative Templates: Windows ComponentsRemote Desktop Session Host: Security: Always prompt for password upon connectionPassedRegistry value created/modifiedPassed
1738Administrative Templates: Windows ComponentsRemote Desktop Session Host: Security: Require secure RPC communicationPassedRegistry value created/modifiedPassed
1739Administrative Templates: Windows ComponentsRemote Desktop Session Host: Security: Set client connection encryption levelPassedRegistry value created/modifiedPassed
1740Administrative Templates: Windows ComponentsSearch: Allow Cloud SearchPassedRegistry value created/modifiedPassed
1741Administrative Templates: Windows ComponentsSearch: Allow CortanaPassedRegistry value created/modifiedPassed
1742Administrative Templates: Windows ComponentsSearch: Allow Cortana above lock screenPassedRegistry value created/modifiedPassed
1743Administrative Templates: Windows ComponentsSearch: Allow indexing of encrypted filesPassedRegistry value created/modifiedPassed
1744Administrative Templates: Windows ComponentsSearch: Allow search and Cortana to use locationPassedRegistry value created/modifiedPassed
1745Administrative Templates: Windows ComponentsSearch: Set what information is shared in SearchPassedRegistry value created/modifiedPassed
1746Administrative Templates: Windows ComponentsWindows Error Reporting: Disable Windows Error ReportingPassedRegistry value created/modifiedPassed
1747Administrative Templates: Windows ComponentsWindows Game Recording and Broadcasting: Enables or disables Windows Game Recording and BroadcastingPassedRegistry key createdPassed
1747Administrative Templates: Windows ComponentsWindows Game Recording and Broadcasting: Enables or disables Windows Game Recording and BroadcastingPassedRegistry value created/modifiedPassed
1748Administrative Templates: Windows ComponentsWindows Ink Workspace: Allow Windows Ink WorkspacePassedRegistry value created/modifiedPassed
1749Administrative Templates: Windows ComponentsWindows Installer: Always install with elevated privilegesPassedRegistry key createdPassed
1749Administrative Templates: Windows ComponentsWindows Installer: Always install with elevated privilegesPassedRegistry value created/modifiedPassed
1750Administrative Templates: Windows ComponentsWindows Installer: Allow user control over installsPassedRegistry value created/modifiedPassed
1751Administrative Templates: Windows ComponentsWindows Installer: Prevent Internet Explorer security prompt for Windows Installer scriptsPassedRegistry value created/modifiedPassed
1752Administrative Templates: Windows ComponentsWindows Logon Options: Sign-in and lock last interactive user automatically after a restartPassedRegistry value created/modifiedPassed
1770Administrative Templates: Windows ComponentsWindows Installer: Disable Co-Installer (USB AutoInstall)PassedRegistry value created/modifiedPassed
1753Administrative Templates: Windows ComponentsWinRM Client: Allow Basic authenticationPassedRegistry key createdPassed
1753Administrative Templates: Windows ComponentsWinRM Client: Allow Basic authenticationPassedRegistry value created/modifiedPassed
1754Administrative Templates: Windows ComponentsWinRM Client: Allow unencrypted trafficPassedRegistry value created/modifiedPassed
1755Administrative Templates: Windows ComponentsWinRM Client: Disallow Digest authenticationPassedRegistry value created/modifiedPassed
1756Administrative Templates: Windows ComponentsWinRM Service: Allow remote server management through WinRMPassedRegistry key createdPassed
1756Administrative Templates: Windows ComponentsWinRM Service: Allow remote server management through WinRMPassedRegistry value created/modifiedPassed
1757Administrative Templates: Windows ComponentsWinRM Service: Allow Basic authenticationPassedRegistry value created/modifiedPassed
1758Administrative Templates: Windows ComponentsWinRM Service: Allow unencrypted trafficPassedRegistry value created/modifiedPassed
1759Administrative Templates: Windows ComponentsWinRM Service: Disallow WinRM from storing RunAs credentialsPassedRegistry value created/modifiedPassed
1760Administrative Templates: Windows ComponentsWindows Remote Shell: Allow Remote Shell AccessPassedRegistry key createdPassed
1760Administrative Templates: Windows ComponentsWindows Remote Shell: Allow Remote Shell AccessPassedRegistry value created/modifiedPassed
2000Administrative Templates: Windows ComponentsFile Explorer: Configure Windows Defender SmartScreenPassedRegistry value created/modifiedPassed
2001Administrative Templates: Windows ComponentsFile Explorer: Configure Windows Defender SmartScreen to warn and prevent bypassPassedRegistry value created/modifiedPassed
2105PowerShellTurn on PowerShell Module LoggingPassedRegistry key createdPassed
2105PowerShellTurn on PowerShell Module LoggingPassedRegistry value created/modifiedPassed
2106PowerShellTurn on PowerShell Module Logging - Module NamesPassedRegistry key createdPassed
2106PowerShellTurn on PowerShell Module Logging - Module NamesPassedRegistry value created/modifiedPassed
2100PowerShellTurn on PowerShell Script Block LoggingPassedRegistry key createdPassed
2100PowerShellTurn on PowerShell Script Block LoggingPassedRegistry value created/modifiedPassed
2101PowerShellTurn on PowerShell Script Block Logging (Invocation)PassedRegistry value created/modifiedPassed
2102PowerShellTurn on PowerShell TranscriptionPassedRegistry key createdPassed
2102PowerShellTurn on PowerShell TranscriptionPassedRegistry value created/modifiedPassed
2107PowerShellTurn on PowerShell Transcription (Invocation)PassedRegistry value created/modifiedPassed
2103PowerShellDisable PowerShell version 2PassedFeature removedPassed
2104PowerShellDisable PowerShell version 2 (root)PassedFeature removedPassed
2200MS Security GuideLSA ProtectionPassedRegistry value created/modifiedPassed
2201MS Security GuideLsass.exe audit modePassedRegistry key createdPassed
2201MS Security GuideLsass.exe audit modePassedRegistry value created/modifiedPassed
2202MS Security GuideNetBT NodeType configurationPassedRegistry value created/modifiedPassed
2203MS Security GuideWDigest AuthenticationPassedRegistry value created/modifiedPassed
2209MS Security GuideEnable Structured Exception Handling Overwrite Protection (SEHOP)PassedRegistry value created/modifiedPassed
2210MS Security GuideLimits print driver installation to AdministratorsPassedRegistry value created/modifiedPassed
2211MS Security GuideConfigure RPC packet level privacy setting for incoming connectionsPassedRegistry value created/modifiedPassed
2212MS Security GuideManage processing of Queue-specific filesPassedRegistry value created/modifiedPassed
2204MSS (Legacy)MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)PassedRegistry value created/modifiedPassed
2205MSS (Legacy)MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)PassedRegistry value created/modifiedPassed
2206MSS (Legacy)MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)PassedRegistry value created/modifiedPassed
2207MSS (Legacy)MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesPassedRegistry value created/modifiedPassed
2208MSS (Legacy)MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversPassedRegistry value created/modifiedPassed
2400Scheduled TaskXblGameSave Standby TaskPassedScheduled Task was disabledPassed
2411System ServicesDisable mDNS in Dnscache servicePassedRegistry value created/modifiedPassed
2401System ServicesPrint Spooler (Spooler)PassedRegistry value created/modifiedPassed
2412System ServicesWebClient (WebClient)PassedRegistry value created/modifiedPassed
2403System ServicesXbox Accessory Management Service (XboxGipSvc)PassedRegistry value created/modifiedPassed
2405System ServicesXbox Live Auth Manager (XblAuthManager)PassedRegistry value created/modifiedPassed
2407System ServicesXbox Live Game Save (XblGameSave)PassedRegistry value created/modifiedPassed
2409System ServicesXbox Live Networking Service (XboxNetApiSvc)PassedRegistry value created/modifiedPassed
1950Microsoft Defender Exploit GuardExploit protection: Control flow guard (CFG)Passedsetting added to listPassed
1951Microsoft Defender Exploit GuardExploit protection: Data Execution Prevention (DEP)Passedsetting added to listPassed
1952Microsoft Defender Exploit GuardExploit protection: Override Data Execution Prevention (DEP)Passedsetting added to listPassed
1954Microsoft Defender Exploit GuardExploit protection: Force randomization for images (Mandatory ASLR)Passedsetting added to listPassed
1955Microsoft Defender Exploit GuardExploit protection: Override force randomization for images (Mandatory ASLR)Passedsetting added to listPassed
1956Microsoft Defender Exploit GuardExploit protection: Randomize memory allocations (Bottom-up ASLR)Passedsetting added to listPassed
1957Microsoft Defender Exploit GuardExploit protection: Override randomize memory allocations (Bottom-up ASLR)Passedsetting added to listPassed
1958Microsoft Defender Exploit GuardExploit protection: High-entropy ASLRPassedsetting added to listPassed
1959Microsoft Defender Exploit GuardExploit protection: Override high-entropy ASLRPassedsetting added to listPassed
1960Microsoft Defender Exploit GuardExploit protection: Validate exception chains (SEHOP)Passedsetting added to listPassed
1961Microsoft Defender Exploit GuardExploit protection: Validate exception chains (SEHOP (Telemetry only)Passedsetting added to listPassed
1962Microsoft Defender Exploit GuardExploit protection: Override validate exception chains (SEHOP)Passedsetting added to listPassed
1963Microsoft Defender Exploit GuardExploit protection: Validate heap integrityPassedsetting added to listPassed
1964Microsoft Defender Exploit GuardExploit protection: Override validate heap integrityPassedsetting added to listPassed
1953Microsoft Defender Exploit GuardForce use of Data Execution Prevention (DEP)PassedSetting enabled. Please restart the system to activate itPassed
2300Windows FirewallHardeningKitty-Block-TCP-NetBIOSPassedRule createdPassed
2301Windows FirewallHardeningKitty-Block-TCP-RDPPassedRule createdPassed
2302Windows FirewallHardeningKitty-Block-TCP-RPCPassedRule createdPassed
2303Windows FirewallHardeningKitty-Block-TCP-SMBPassedRule createdPassed
2304Windows FirewallHardeningKitty-Block-TCP-WinRMPassedRule createdPassed
2305Windows FirewallHardeningKitty-Block-UDP-NetBIOSPassedRule createdPassed
2306Windows FirewallHardeningKitty-Block-UDP-RPCPassedRule createdPassed
2307Windows FirewallHardeningKitty-Block-calc-x64PassedRule createdPassed
2308Windows FirewallHardeningKitty-Block-calc-x86PassedRule createdPassed
2309Windows FirewallHardeningKitty-Block-certutil-x64PassedRule createdPassed
2310Windows FirewallHardeningKitty-Block-certutil-x86PassedRule createdPassed
2311Windows FirewallHardeningKitty-Block-conhost-x64PassedRule createdPassed
2312Windows FirewallHardeningKitty-Block-conhost-x86PassedRule createdPassed
2313Windows FirewallHardeningKitty-Block-cscript-x64PassedRule createdPassed
2314Windows FirewallHardeningKitty-Block-cscript-x86PassedRule createdPassed
2315Windows FirewallHardeningKitty-Block-mshta-x64PassedRule createdPassed
2316Windows FirewallHardeningKitty-Block-mshta-x86PassedRule createdPassed
2317Windows FirewallHardeningKitty-Block-notepad-x64PassedRule createdPassed
2318Windows FirewallHardeningKitty-Block-notepad-x86PassedRule createdPassed
2319Windows FirewallHardeningKitty-Block-RunScriptHelper-x64PassedRule createdPassed
2320Windows FirewallHardeningKitty-Block-RunScriptHelper-x86PassedRule createdPassed
2321Windows FirewallHardeningKitty-Block-wscript-x64PassedRule createdPassed
2322Windows FirewallHardeningKitty-Block-wscript-x86PassedRule createdPassed
2322Windows FirewallHardeningKitty-Block-wscript-x86PassedProcess mitigation settings setPassed