Last active
April 9, 2017 19:59
-
-
Save chris-rock/7269ebfbff4f2500e59f922aa9d598fa to your computer and use it in GitHub Desktop.
Security checks for Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author: Christoph Hartmann | |
| # Target OS: Windows 2012+ | |
| # verify registry key entries | |
| describe registry_key('HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging') do | |
| it { should exist } | |
| its('EnableScriptBlockLogging') { should eq 0 } | |
| end | |
| # verify security policy configuration | |
| describe security_policy do | |
| its('SeNetworkLogonRight') { should include 'S-1-5-11' } | |
| end | |
| # verify audit policy settings | |
| describe audit_policy do | |
| its('Computer Account Management') { should eq 'Success and Failure' } | |
| # its('Computer Account Management') { should eq 'Success' } | |
| # its('Computer Account Management') { should eq 'Failure' } | |
| # its('Computer Account Management') { should eq 'No Auditing' } | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment