Search - ScriptShare

Search Results

This script sets the registry to configure LSASS to run as a protected process and verifies the setting to ensure it meets the CIS benchmark requirement.

This script fixes the windows CIS Benchmark check 18.9.26.2: "Ensure 'Configures LSASS to run as a protected process' is set to 'Enabled: Enabled with UEFI Lock'."

The script modifies the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\RunAsPPL to a value of 1 (DWORD) to enable LSASS to run as a protected process. It then verifies that the value is correctly set. This addresses the CIS check for 'Ensure "Configures LSASS to run as a protected process" is set to "Enabled: Enabled with UEFI Lock"' by setting the required registry value. Note that this script directly modifies the registry and may not enforce the UEFI lock aspect, which is typically handled via Group Policy.

Parameters

None This script does not require any parameters.

Example(s)

.\FixCisLsassProtectedProcess.ps1

Notes

This script must be run with administrative privileges.
It is compatible with PowerShell 5.1 and later.
After running, check the output to confirm the CIS check passes.

XXeroSec

5mo ago

Search Results

ago