7
2
9
0
This script fixes the windows CIS Benchmark check 18.9.5.5: "Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock'."
This script fixes the windows CIS Benchmark check 18.9.5.7: "Ensure 'Turn On Virtualization Based Security: Kernel-mode Hardware-enforced Stack Protection' is set to 'Enabled: Enabled in enforcement mode'."
This script fixes the windows CIS Benchmark check 18.9.7.1.1: "Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled'."
This script fixes the windows CIS Benchmark check 18.9.7.2: "Ensure 'Prevent device metadata retrieval from the Internet' is set to 'Enabled'."
This script fixes the windows CIS Benchmark check 18.9.13.1: "Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'."
This script fixes the windows CIS Benchmark check 18.9.19.2: "Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'."
This script fixes the windows CIS Benchmark check 18.9.19.3: "Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'."
This script fixes the windows CIS Benchmark check 18.9.19.4: "Ensure 'Configure security policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'."
This script fixes the windows CIS Benchmark check 18.9.19.5: "Ensure 'Configure security policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'."
The script ensures the registry key exists and sets the NoGPOListChanges value to 0 (DWORD) under the specified path. It includes error handling and automatic verification to confirm the CIS check passes.
None This script does not require any parameters.
This script fixes the windows CIS Benchmark check 18.9.19.6: "Ensure 'Continue experiences on this device' is set to 'Disabled'."