OpenControls Logo

STIG Viewer

Microsoft Windows Defender Firewall with Advanced Security Security Technical Implementation Guide

Overview

VersionDateFinding Count (21)Downloads
22023-08-23CAT I (High): 3CAT II (Medium): 9CAT III (Low): 9
Excel ↓JSON ↓XML ↓
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
ClassifiedPublicSensitive
I - Mission Critical ClassifiedI - Mission Critical PublicI - Mission Critical Sensitive
II - Mission Support ClassifiedII - Mission Support PublicII - Mission Support Sensitive
III - Administrative ClassifiedIII - Administrative PublicIII - Administrative Sensitive

Findings - MAC II - Mission Support Classified

Finding IDSeverityTitleDescription
V-241989
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must be enabled when connected to a domain.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. This setting enables the firewall w...
V-241990
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must be enabled when connected to a private network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. This setting enables the firewall w...
V-241991
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must be enabled when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. This setting enables the firewall w...
V-241993
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a domain.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Outbound connections are allowed in...
V-241998
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a private network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Outbound connections are allowed on...
V-242003
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Outbound connections are allowed on...
V-242004
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security local firewall rules must not be merged with Group Policy settings when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Local firewall rules will not be me...
V-242005
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security local connection rules must not be merged with Group Policy settings when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Local connection rules will not be ...
V-242009
LOWMEDIUMHIGH
Inbound exceptions to the firewall on domain workstations must only allow authorized remote management hosts.Allowing inbound access to domain workstations from other systems may allow lateral movement across systems if credentials are compromised. Limiting i...
V-241994
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security log size must be configured for domain connections.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. The firewall log file size for a do...
V-241995
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must log dropped packets when connected to a domain.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Logging of dropped packets for a do...
V-241996
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must log successful connections when connected to a domain.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Logging of successful connections f...
V-241999
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security log size must be configured for private network connections.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. The firewall log file size for a pr...
V-242000
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must log dropped packets when connected to a private network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Logging of dropped packets for a pr...
V-242001
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must log successful connections when connected to a private network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Logging of successful connections f...
V-242006
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security log size must be configured for public network connections.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. The firewall log file size for a pu...
V-242007
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must log dropped packets when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Logging of dropped packets for a pu...
V-242008
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must log successful connections when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Logging of successful connections f...
V-241992
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must block unsolicited inbound connections when connected to a domain.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Unsolicited inbound connections may...
V-241997
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must block unsolicited inbound connections when connected to a private network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Unsolicited inbound connections may...
V-242002
LOWMEDIUMHIGH
Windows Defender Firewall with Advanced Security must block unsolicited inbound connections when connected to a public network.A firewall provides a line of defense against attack. To be effective, it must be enabled and properly configured. Unsolicited inbound connections may...