| V-272882 | | Microsoft Defender for Endpoint (MDE) must alert administrators on policy violations defined for endpoints. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-272886 | | Roles for use with Microsoft Defender for Endpoint (MDE) must be configured within Entra ID. | Application management functionality includes functions necessary for administration and requires privileged user access. Allowing nonprivileged users... |
| V-272887 | | Microsoft Defender for Endpoint (MDE) must be configured for a least privilege model by implementing Unified Role-Based Access Control (RBAC). | When first accessing the Microsoft Defender portal, either full access or read only access is granted. Full access rights are granted to users with th... |
| V-272888 | | Microsoft Defender for Endpoint (MDE) must enable Endpoint Detection and Response (EDR) in block mode. | Denial of service (DoS) is a condition in which a resource is not available for legitimate users. When this occurs, the organization either cannot acc... |
| V-275979 | | Microsoft Defender for Endpoint (MDE) must enable Automatically Resolve Alerts. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275980 | | Microsoft Defender for Endpoint (MDE) must enable Allow or block file. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275981 | | Microsoft Defender for Endpoint (MDE) must enable Hide potential duplicate device records. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275982 | | Microsoft Defender for Endpoint (MDE) must enable Custom network indicators. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275983 | | Microsoft Defender for Endpoint (MDE) must enable Tamper protection. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275984 | | Microsoft Defender for Endpoint (MDE) must enable Show user details. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275985 | | Microsoft Defender for Endpoint (MDE) must enable Microsoft Defender for Cloud Apps. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275986 | | Microsoft Defender for Endpoint (MDE) must enable Web content filtering. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275987 | | Microsoft Defender for Endpoint (MDE) must enable Device discovery. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275988 | | Microsoft Defender for Endpoint (MDE) must enable Download quarantined files. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275989 | | Microsoft Defender for Endpoint (MDE) must enable Live Response. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275990 | | Microsoft Defender for Endpoint (MDE) must enable Live Response for Servers. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275991 | | Microsoft Defender for Endpoint (MDE) must enable Share endpoint alerts with Microsoft Compliance Center. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275992 | | Microsoft Defender for Endpoint (MDE) must enable Microsoft Intune connection. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275993 | | Microsoft Defender for Endpoint (MDE) must enable Authenticated telemetry. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275994 | | Microsoft Defender for Endpoint (MDE) must enable File Content Analysis. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275995 | | Microsoft Defender for Endpoint (MDE) must enable Memory Content Analysis. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275996 | | Microsoft Defender for Endpoint (MDE) Discovery Mode must enable Log4j2 detection. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275997 | | Microsoft Defender for Endpoint (MDE) Discovery Mode must be set to All Devices. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-275998 | | Microsoft Defender for Endpoint (MDE) must enable Full remediation for Device groups. | Malicious code protection mechanisms include, but are not limited to, antivirus and malware detection software. To minimize potential negative impact ... |
| V-272889 | | Microsoft Defender for Endpoint (MDE) must be connected to a central log server. | Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
Off-loading is a common process in information s... |
