packages/CIS-Hardening
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

aaa

Browse Source
This commit is contained in:
Gabriel Gendron
2024-03-18 16:33:29 +01:00
parent 6ed00b7d70
commit 061be9f547
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
setup.py
View File

@@ -136,11 +136,11 @@ def install():
#CIS - Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation #CIS - Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation
registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableInstallerDetection","1") registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableInstallerDetection","1")
#CIS - Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'. #CIS - Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'.
registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableSecureUIAPaths","1") registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableSecureUIAPaths","0")
#CIS - Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'. #CIS - Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'.
registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableLUA","1") registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableLUA","1")
#CIS - Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'. #CIS - Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'.
registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "PromptOnSecureDesktop","1") registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "PromptOnSecureDesktop","0")
#CIS - Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'. #CIS - Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'.
registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableVirtualization","1") registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableVirtualization","1")
#CIS - Ensure 'Bluetooth Audio Gateway Service (BTAGService)' is set to 'Disabled'. #CIS - Ensure 'Bluetooth Audio Gateway Service (BTAGService)' is set to 'Disabled'.