Allow only USB root hub connected Enhanced Storage devicesID: oval:org.secpod.oval:def:19054 | Date: (C)2014-05-29 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
The Allow only USB root hub connected Enhanced Storage devices machine setting should be configured correctly.
This policy setting configures whether or not only USB root hub connected Enhanced Storage devices are allowed. Allowing only root hub connected Enhanced Storage devices minimizes the risk of an unauthorized USB device reading data on an Enhanced Storage device. If you enable this policy setting, only USB root hub connected Enhanced Storage devices are allowed. If you disable or do not configure this policy setting, USB Enhanced Storage devices connected to both USB root hubs and non-root hubs will be allowed.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\System\Enhanced Storage Access\Allow only USB root hub connected Enhanced Storage devices
(2) KEY: HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices\RootHubConnectedEnStorDevices
Platform: |
Microsoft Windows Server 2008 R2 |