Domain Member: Domain-joined systems must have a Trusted Platform

Domain Member: Domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use

b7074672-cbee-4409-a64a-9b03894fcf2f

Credential Guard uses virtualization-based security to protect data that could be used in credential theft attacks if compromised. A number of system requirements must be met in order for Credential Guard to be configured and enabled properly. Without a TPM enabled and ready for use, Credential Guard keys are stored in a less secure method using software.

Remediation

Ensure domain-joined systems have a TPM that is configured for use. (Versions 2.0 or 1.2 support Credential Guard.)

The TPM must be enabled in the firmware.

Run "tpm.msc" for configuration options in Windows.

STIG:
Server
2022: https://system32.eventsentry.com/stig/viewer/V-254246
2019: https://system32.eventsentry.com/stig/viewer/V-205848

Desktop:
W11: https://system32.eventsentry.com/stig/viewer/V-253255
W10: https://system32.eventsentry.com/stig/viewer/V-220698

Nist 800-53: SI-16
Nist 800-171 Rev2: NFO - SI-16
CSCv7: 5.1

Domain Member: Domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use

Remediation

Tags

Your Privacy Choices