CIS Microsoft Windows 10 Enterprise Release 1909 Benchmark

18.8.47.5 Microsoft Support DiagnosticTool

This section contains recommendations related to the Microsoft Support Diagnostic Tool.

This Group Policy section is provided by the Group Policy template MSDT.admx/adml that is included with all versions of the Microsoft Windows Administrative Templates.

18.8.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled' (Scored)

ProfileApplicability:

 Level 2 (L2) - High Security/Sensitive Data Environment (limited functionality)

Description:

This policy setting configures Microsoft Support Diagnostic Tool (MSDT) interactive communication with the support provider. MSDT gathers diagnostic data for analysis by support professionals.

The recommended state for this setting is: Disabled .

Rationale:

Due to privacy concerns, data should never be sent to any 3rd party since this data could contain sensitive information.

Audit:

Navigate to the UI Path articulated in the Remediation section and confirm it is set as prescribed. This group policy setting is backed by the following registry location:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnosticsPro vider\Policy:DisableQueryRemoteServer

746 | P a g e