CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

CIS Controls:

Version 6

8.1 Deploy Automated Endpoint Protection Tools Employ automated tools to continuously monitor workstations, servers, and mobile devices with anti-virus, anti-spyware, personal firewalls, and host-based IPS functionality. All malware detection events should be sent to enterprise anti-malware administration tools and event log servers.

Version 7

8.1 Utilize Centrally Managed Anti-malware Software Utilize centrally managed anti-malware software to continuously monitor and defend each of the organization's workstations and servers. 8.2 Ensure Anti-Malware Software and Signatures are Updated Ensure that the organization's anti-malware software updates its scanning engine and signature database on a regular basis. 8.6 Centralize Anti-malware Logging Send all malware detection events to enterprise anti-malware administration tools and event log servers for analysis and alerting.

18.9.77.8 Remediation

This section is intentionally blank and exists to ensure the structure of Windows benchmarks is consistent.

This Group Policy section is provided by the Group Policy template WindowsDefender.admx/adml that is included with the Microsoft Windows 8.1 & Server 2012 R2 Administrative Templates (or newer).

1082 | P a g e