Search - ScriptShare

Search Results

Fix Ensure 'Configure RPC listener settings: Authentication protocol to use for incoming RPC connections:' is set to 'Enabled: Negotiate' or higher.

This script fixes the windows CIS Benchmark check 18.7.5: "Ensure 'Configure RPC listener settings: Authentication protocol to use for incoming RPC connections:' is set to 'Enabled: Negotiate' or higher."

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.7.7

This script fixes the CIS benchmark check for "Ensure 'Configure RPC over TCP port' is set to 'Enabled: 0'". It sets the required registry value and verifies the change.

This script fixes the windows CIS Benchmark check 18.7.7: "Ensure 'Configure RPC over TCP port' is set to 'Enabled: 0'."

The script checks if it is running with administrative privileges, creates the necessary registry key if it does not exist, sets the RpcTcpPort value to 0 (as a DWORD), and then verifies that the value is correctly set. This addresses the CIS check by modifying the registry directly.

Notes

This script must be run as an Administrator.
Modifying the registry directly may be overridden by Group Policy. If Group Policy is in use, consider configuring it via the Group Policy Editor instead.
The script is compatible with PowerShell 5.1 and later.

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.7.9

Fix Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'.

This script fixes the windows CIS Benchmark check 18.7.9: "Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'."

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.7.11

This script fixes the CIS check for 'Point and Print Restrictions: When updating drivers for an existing connection' by setting the registry key to the required state.

This script fixes the windows CIS Benchmark check 18.7.11: "Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'."

The script checks the current registry setting, updates it if necessary to 'Enabled: Show warning and elevation prompt' (UpdatePromptSettings = 0), and verifies the change. It follows the principle of least privilege by requiring administrator rights.

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.8.1.1

Fix Ensure 'Turn off notifications network usage' is set to 'Enabled'.

This script fixes the windows CIS Benchmark check 18.8.1.1: "Ensure 'Turn off notifications network usage' is set to 'Enabled'."

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.8.2

Checks if the current user is running with administrator privileges. Sets the registry key to enable removal of personalized website recommendations in the Start Menu and verifies the change.

This script fixes the windows CIS Benchmark check 18.8.2: "Ensure 'Remove Personalized Website Recommendations from the Recommended section in the Start Menu' is set to 'Enabled'."

This function modifies the registry to comply with the CIS benchmark by setting the 'HideRecommendedPersonalizedSites' key to 1 (Enabled). It then verifies that the key is set correctly and outputs the result.

Example(s)

Set-CisStartMenuRecommendationFix

Notes

This function must be run with administrative privileges.

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.9.3.1

This script fixes the CIS benchmark check for 'Include command line in process creation events' by setting the required registry key and verifies the result.

This script fixes the windows CIS Benchmark check 18.9.3.1: "Ensure 'Include command line in process creation events' is set to 'Enabled'."

The script ensures that the registry key 'ProcessCreationIncludeCmdLine_Enabled' is set to 1 under the path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit'. It first checks for necessary prerequisites, sets the registry value, and then verifies that the setting is correct.

Parameters

None This script does not require any parameters. It performs the fix and verification automatically.

Notes

This script must be run with administrative privileges.
It is compatible with Windows 8.1 and later.
Use with caution as it modifies the system registry.

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.9.4.1

Fix Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients'.

This script fixes the windows CIS Benchmark check 18.9.4.1: "Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients'."

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.9.4.2

Fix Ensure 'Remote host allows delegation of non- exportable credentials' is set to 'Enabled'.

This script fixes the windows CIS Benchmark check 18.9.4.2: "Ensure 'Remote host allows delegation of non- exportable credentials' is set to 'Enabled'."

XXeroSec

5mo ago

v1PowerShell Windows

cis_win11_enterprise 18.9.5.1

Fix Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'.

This script fixes the windows CIS Benchmark check 18.9.5.1: "Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'."

XXeroSec

5mo ago

Search Results

ago