Windows 10: Windows Defender disabled features after installing the Security Compliance Toolkit and...

Hello,When trying to secure my computer, I found an article suggesting to install the Windows security baseline found here: https://www.microsoft.com/en-us/download/details.aspx?id=55319Now, this is one of the worst things anyone can do to their personal computer. Most of the Settings are now greyed out, I cannot use any aps on localhost or even run PowerShell scripts.Is there any easy way to reverse all the changes done by the Security Baseline?Thanks.

:)

 

Microsoft Security Compliance Toolkit for windows Server 2016

Hi,

I'm trying to make my winServer2016 compliance with the CIS benchmark (CIS Benchmarks™), I have installed Microsoft Security Compliance Toolkit for Windows Server 2016 and run the Script in this path
.....\Windows-10-RS1-and-Server-2016-Security-Baseline\Local_Script\Member_Server_Install.cmd, which will get group Policy configuration template from the
GPOs Folder in the same path and apply it to the local policy as a member server.

After that what I'm expecting is to have all the points of CIS Benchmark being configured on the server as Microsoft claims here
(https://docs.microsoft.com/en-us/microsoft-365/compliance/offering-cis-benchmark?view=o365-worldwide) that the
Microsoft Security Compliance Toolkit is covering CIS Benchmark. for checking what points of CIS Benchmark V1.1.0 have been pointed or not, I used an auditing framework called Inspect
(Install Chef InSpec) which will do automated audit check on my windows server. Inspec needs Control auditing files to check against and validated the implemented points from those are not. for that, you can clone the following
repository (GitHub - dev-sec/windows-baseline: DevSec Windows Baseline - InSpec Profile) and use it with Inspec to make the auditing process
(CISv1.1.0 same as one used by Security Compliance Toolkit for Windows Server 2016), and the command can be run as follows :

inspec exec Path\To\Windows\Base\Line\Auditing\repo

It will show you Results as follows :





as seen the audit shows only 194 successful controls while there are 149 failures!

I tried to figure what is the problem and why the Security Compliance Toolkit did not apply all Secure configurations, noting that the logs of the Security Compliance toolkit did not show any error !!

so what is behind this, and how to make sure that the Security Compliance Toolkit works as expected with configuring most of the failed points from the audit output?

 

Microsoft Security Compliance Toolkit for windows Server 2016

Thank you,

Posted here : https://social.technet.microsoft.co...-toolkit-for-windows-server-2016?forum=ws2016

 

Microsoft Security Compliance Toolkit | Security Baseline | Challenge Question

Thanks. Here's the link for same:

https://social.technet.microsoft.co...curity-baseline-challenge-question?forum=MBSA