[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-42686-6

Platform: win10Date: (C)2016-09-23   (M)2022-10-10



Disable: 'Use enhanced Boot Configuration Data validation profile' This policy setting allows you to choose specific Boot Configuration Data (BCD) settings to verify during platform validation. If you enable this policy setting, you will be able to add additional settings, remove the default settings, or both. If you disable this policy setting, the computer will revert to a BCD profile similar to the default BCD profile used by Windows 7. If you do not configure this policy setting, the computer will verify the default Windows BCD settings. Note: When BitLocker is using Secured Boot for platform and Boot Configuration Data (BCD) integrity validation, as defined by the "Allow Secured Boot for integrity validation" group policy, the "Use enhanced Boot Configuration Data validation profile" group policy is ignored. The setting that controls boot debugging (0x16000010) will always be validated and will have no effect if it is included in the provided fields. Counter Measure: If you want to customize the list of BCD settings that are verified during platform validation enable this setting and specify the list of which settings are will be verified and which will be excluded. Only implement this setting if you fully understand how the BCD settings work, for most organizations the default behavior of BitLocker will be sufficient. For more information about BCD see http://technet.microsoft.com/en-us/library/cc721886(v=WS.10).aspx. Potential Impact: If you enable this policy setting, you will be able to add additional settings, remove the default settings, or both.


Parameter:


Technical Mechanism:

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\Use enhanced Boot Configuration Data validation profile (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE\OSUseEnhancedBcdProfile

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35168
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35168
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35168


OVAL    1
oval:org.secpod.oval:def:35168
XCCDF    2
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10

© SecPod Technologies