ScriptShare

This script fixes the windows CIS Benchmark check 17.1.1: "Ensure 'Audit Credential Validation' is set to 'Success and Failure'."

The script checks the current audit policy setting for 'Credential Validation'. If it is not set to 'Success and Failure', it applies the necessary change using auditpol.exe and verifies the result.

This script fixes the windows CIS Benchmark check 9.3.8: "Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'."

This script fixes the windows CIS Benchmark check 9.3.5: "Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'."

This script fixes the windows CIS Benchmark check 9.3.3: "Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No'."

This script fixes the windows CIS Benchmark check 9.2.7: "Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'."

This script fixes the windows CIS Benchmark check 9.2.6: "Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'."

The script ensures that the registry key for logging dropped packets in the Private profile of the Windows Firewall is set to 'Yes' (value 1). It also verifies the setting after remediation and reports the result.

Notes

• This script must be run with administrative privileges.
• Compatible with PowerShell 5.1 and later.

This script fixes the windows CIS Benchmark check 9.2.5: "Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'."

This script fixes the windows CIS Benchmark check 9.2.4: "Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'."

This script fixes the windows CIS Benchmark check 9.2.3: "Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No'."

This script fixes the windows CIS Benchmark check 9.1.7: "Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'."