CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

18.9.80.2 Microsoft Edge

This section contains recommendations for Microsoft Edge-related Windows Defender SmartScreen settings.

The Group Policy settings contained within this section are provided by the Group Policy template SmartScreen.admx/adml that is included with the Microsoft Windows 10 Release 1703 Administrative Templates (or newer). 18.9.80.2.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (Scored)

ProfileApplicability:

 Level 1 (L1) - Corporate/Enterprise Environment (general use)

Description:

This setting lets you decide whether to turn on SmartScreen Filter. SmartScreen Filter provides warning messages to help protect your employees frompotential phishing scams and malicious software.

The recommended state for this setting is: Enabled .

Rationale:

SmartScreen serves an important purpose as it helps to warn users of possible malicious sites and files. Allowing users to turn off this setting can make the browser become more vulnerable to compromise.

Audit:

Navigate to the UI Path articulated in the Remediation section and confirm it is set as prescribed. This group policy setting is backed by the following registry location:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter:E nabledV9

1124 | P a g e