Regulatory Compliance remediation for CCE-37861-2 suggests opposite of the standard.

Occasional Visitor

I have run a PCI DSS compliance report, and one of the items is the opposite of what they should be, for example, I have fails on:

 

CCE-37861-2 Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'

 

The "Remediate security configurations" requires that I set it to "Yes", where as in my environment they are set to "No" as per both CCE-37861-2 and CIS 9.3.5 (Server 2012).

 

Is this just a simple mistake?

0 Replies