CCE-43842-4Platform: win10 | Date: (C)2016-09-23 (M)2022-10-10 |
Disable: 'Turn on raw volume write notifications'
This policy setting controls whether raw volume write notifications are sent to behavior monitoring.
If you enable or do not configure this setting, raw write notifications will be enabled.
If you disable this setting, raw write notifications be disabled.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Raw volume write notifications can impact performance.
Parameter:
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Real-time Protection\Turn on raw volume write notifications
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableRawWriteNotification
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35333 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35333 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35333 |