CCE-43412-6Platform: win10 | Date: (C)2016-09-23 (M)2022-10-10 |
Disable: 'Process Exclusions for outbound traffic' for Nis_Consumers_IPS_Exclusions_Processes_executable_Path_and_Name
This policy setting defines processes from which outbound network traffic will not be inspected. Process names should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a process path and name. As an example, a process might be defined as: "C:\Windows\System32\App.exe" . The value is not used and it is recommended that this be set to 0.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
The processes will be inspected and could impact performance.
Parameter:
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Network Inspection System Exclusions\Process Exclusions for outbound traffic
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS\Exclusions\Processes\Nis_Consumers_IPS_Exclusions_Processes_executable_Path_and_Name
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35268 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35268 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35268 |