[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-42600-7

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Select the 'Enforce drive encryption type on operating system drives' to allow_user_to_choose This policy setting allows you to configure the encryption type used by BitLocker Drive Encryption. This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose full encryption to require that the entire drive be encrypted when BitLocker is turned on. Choose used space only encryption to require that only the portion of the drive used to store data is encrypted when BitLocker is turned on. If you enable this policy setting the encryption type that BitLocker will use to encrypt drives is defined by this policy and the encryption type option will not be presented in the BitLocker setup wizard. If you disable or do not configure this policy setting, the BitLocker setup wizard will ask the user to select the encryption type before turning on BitLocker. Counter Measure: Choose full encryption to require that the entire drive be encrypted when BitLocker is turned on. Choose used space only encryption to require that only the portion of the drive used to store data is encrypted when BitLocker is turned on. Potential Impact: If you choose to only encrypt used space the initial encryption of the drive will proceed much more quickly.


Parameter:

[allow user to choose (default)/full encryption/user space only encryption]


Technical Mechanism:

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsBitLocker Drive EncryptionOperating System DrivesEnforce drive encryption type on operating system drives (2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftFVEOSEncryptionType

CCSS Severity:CCSS Metrics:
CCSS Score : 8.1Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35158


OVAL    1
oval:org.secpod.oval:def:35158
XCCDF    3
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10

© SecPod Technologies