STIGQter STIGQter: STIG Summary: Microsoft Windows Defender Antivirus Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:

Windows Defender AV must be configured to join Microsoft MAPS.

DISA Rule

SV-213434r569189_rule

Vulnerability Number

V-213434

Group Title

SRG-APP-000210

Rule Version

WNDF-AV-000010

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

This is applicable to unclassified systems, for other systems this is NA.

Set the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender Antivirus >> MAPS >> "Join Microsoft MAPS" to "Enabled" and select "Advanced MAPS" from the drop down box.

Check Contents

This is applicable to unclassified systems, for other systems this is NA.

Verify the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender Antivirus >> MAPS >> "Join Microsoft MAPS" is set to "Enabled" and "Advanced MAPS" selected from the drop down box.

Procedure: Use the Windows Registry Editor to navigate to the following key:
HKLM\Software\Policies\Microsoft\Windows Defender\Spynet

Criteria: If the value "SpynetReporting" is REG_DWORD = 2, this is not a finding.

Vulnerability Number

V-213434

Documentable

False

Rule Version

WNDF-AV-000010

Severity Override Guidance

This is applicable to unclassified systems, for other systems this is NA.

Verify the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender Antivirus >> MAPS >> "Join Microsoft MAPS" is set to "Enabled" and "Advanced MAPS" selected from the drop down box.

Procedure: Use the Windows Registry Editor to navigate to the following key:
HKLM\Software\Policies\Microsoft\Windows Defender\Spynet

Criteria: If the value "SpynetReporting" is REG_DWORD = 2, this is not a finding.

Check Content Reference

M

Target Key

3985

Comments