Forum Discussion

Copper Contributor

Jul 09, 2020

Securing Group Policy Template and importing it to windows server 2016 Group Policy

Hi, I'm working on the Security Hardening of windows server 2016 according to [CIS Benchmark V 1.2.0][1], for this I found a Security Compliance project from Microsoft which is [Microsoft Security C...

Deleted

Jul 17, 2020

muradmomani -

Are you applying the "Level 1" or "Level 2" CIS benchmark? The L2 benchmark shouldn't be used.

Also, why are you trying to mix the CIS and Microsoft baselines? Just pick one.

FWIW, the Microsoft one is more manageable and streamlined - see Microsoft's "Baseline criteria" as documented here:

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-draft-windows-10-and-windows-server-version/ba-p/1419213

The DISA STIGs generally also follow that model.