CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

Default Value:

Disabled. (The Microsoft Store application will offer updates to the latest version of Windows.)

References:

1. CCE-35809-3

CIS Controls:

Version 6

3.1 Establish Standard Secure Configurations For OS And Software Establish standard secure configurations of operating systems and software applications. Standardized images should represent hardened versions of the underlying operating system and the applications installed on the system. These images should be validated and refreshed on a regular basis to update their security configuration in light of recent vulnerabilities and attack vectors. 4.5 Use Automated Patch Management And Software Update Tools Deploy automated patch management tools and software update tools for operating system and software/applications on all systems for which such tools are available and safe. Patches should be applied to all systems, even systems that are properly air gapped. 3.4 Deploy Automated Operating System Patch Management Tools Deploy automated software update tools in order to ensure that the operating systems are running the most recent security updates provided by the software vendor. 3.5 Deploy Automated Software Patch Management Tools Deploy automated software update tools in order to ensure that third-party software on all systems is running the most recent security updates provided by the software vendor. 5.1 Establish Secure Configurations Maintain documented, standard security configuration standards for all authorized operating systems and software. Version 7

1070 | P a g e