Skip to content

Commit

Permalink
Merge pull request #508 from fbprogmbh/ticket_507
Browse files Browse the repository at this point in the history 
Add missing Splits for Windows 10/11 CIS 2.0.0 (RefId 18.6.20.1)
  • Loading branch information
@TuemmlerKelch
TuemmlerKelch authored Jan 29, 2024
2 parents 10d76ad + 4990789 commit 1e6d4a5
Show file tree
Hide file tree
Showing 2 changed files with 292 additions and 4 deletions.
148 changes: 146 additions & 2 deletions ATAPAuditor/AuditGroups/Microsoft Windows 10-CIS-2.0.0#RegistrySettings.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6107,12 +6107,12 @@ $windefrunning = CheckWindefRunning
}
}
[AuditTest] @{
Id = "18.6.20.1"
Id = "18.6.20.1 A"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (EnableRegistrars)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WCN\Registrars" `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "EnableRegistrars" `
| Select-Object -ExpandProperty "EnableRegistrars"

Expand Down Expand Up @@ -6142,6 +6142,150 @@ $windefrunning = CheckWindefRunning
}
}
}
[AuditTest] @{
Id = "18.6.20.1 B"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableUPnPRegistrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableUPnPRegistrar" `
| Select-Object -ExpandProperty "DisableUPnPRegistrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.1 C"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableInBand802DOT11Registrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableInBand802DOT11Registrar" `
| Select-Object -ExpandProperty "DisableInBand802DOT11Registrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.1 D"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableFlashConfigRegistrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableFlashConfigRegistrar" `
| Select-Object -ExpandProperty "DisableFlashConfigRegistrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.1 E"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableWPDRegistrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableWPDRegistrar" `
| Select-Object -ExpandProperty "DisableWPDRegistrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.2"
Task = "(L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'"
Expand Down
148 changes: 146 additions & 2 deletions ATAPAuditor/AuditGroups/Microsoft Windows 11-CIS-2.0.0#RegistrySettings.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6107,12 +6107,12 @@ $windefrunning = CheckWindefRunning
}
}
[AuditTest] @{
Id = "18.6.20.1"
Id = "18.6.20.1 A"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (EnableRegistrars)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WCN\Registrars" `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "EnableRegistrars" `
| Select-Object -ExpandProperty "EnableRegistrars"

Expand Down Expand Up @@ -6142,6 +6142,150 @@ $windefrunning = CheckWindefRunning
}
}
}
[AuditTest] @{
Id = "18.6.20.1 B"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableUPnPRegistrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableUPnPRegistrar" `
| Select-Object -ExpandProperty "DisableUPnPRegistrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.1 C"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableInBand802DOT11Registrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableInBand802DOT11Registrar" `
| Select-Object -ExpandProperty "DisableInBand802DOT11Registrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.1 D"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableFlashConfigRegistrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableFlashConfigRegistrar" `
| Select-Object -ExpandProperty "DisableFlashConfigRegistrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.1 E"
Task = "(L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' (DisableWPDRegistrar)"
Test = {
try {
$regValue = Get-ItemProperty -ErrorAction Stop `
-Path "Registry::HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars" `
-Name "DisableWPDRegistrar" `
| Select-Object -ExpandProperty "DisableWPDRegistrar"

if ($regValue -ne 0) {
return @{
Message = "Registry value is '$regValue'. Expected: 0"
Status = "False"
}
}
}
catch [System.Management.Automation.PSArgumentException] {
return @{
Message = "Registry value not found."
Status = "False"
}
}
catch [System.Management.Automation.ItemNotFoundException] {
return @{
Message = "Registry key not found."
Status = "False"
}
}

return @{
Message = "Compliant"
Status = "True"
}
}
}
[AuditTest] @{
Id = "18.6.20.2"
Task = "(L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'"
Expand Down

0 comments on commit 1e6d4a5

Please sign in to comment.