CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

CIS Controls:

Version 6

3.4 Use Only Secure Channels For Remote System Administration Perform all remote administration of servers, workstation, network devices, and similar equipment over secure channels. Protocols such as telnet, VNC, RDP, or others that do not actively support strong encryption should only be used if they are performed over a secondary encryption channel, such as SSL, TLS or IPSEC.

Version 7

4.5 Use Multifactor Authentication For All Administrative Access Use multi-factor authentication and encrypted channels for all administrative account access. 9.2 Ensure Only Approved Ports, Protocols and Services Are Running Ensure that only network ports, protocols, and services listening on a system with validated business needs, are running on each system. 9.3 Perform Regular Automated Port Scans Perform automated port scans on a regular basis against all systems and alert if unauthorized ports are detected on a system.

1169 | P a g e