Accounts: Administrator accounts must not be enumerated during elevation
f3afb7e7-d38a-42f2-8290-56da3b445913Accounts: Must have the built-in Windows password complexity policy enabled
be6a2756-21d7-452c-b0a1-e6032f14f422Accounts: Must require passwords
00279417-0255-4ff4-8b5c-dbb7866085e2Accounts: Users must be required to enter a password to access private keys stored on the computer
c9946229-3c27-4eb5-ae8f-6f777a9ad637Autoplay: Should be disabled for all drives
2cb75d59-8ef3-4fa3-90e1-8bec9e51c703Autorun: behavior must be configured to prevent Autorun commands
746184bf-3f96-4365-8bb4-c7abf8a772acCompliance: System must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing
330f6517-5c88-4086-b456-d3026307c001Domain Member: Maximum age for machine account passwords must be configured to 30 days or less
ad52728e-be9b-4ab7-b329-5b11001e42deDomain Member: must be configured to at least negotiate signing for LDAP client signing
5c9b1fb7-3d92-4d13-be5f-13d7894e50d0File System: Local volumes must be formatted with NTFS
b6493fb9-ad83-494c-93e3-3dbfaeb9b303General: Windows firewall status
1f229f09-4c15-4bfe-b9f7-ed63d03cd70eNetwork: Internet Protocol version 6 (IPv6) source routing must use highest protection level to prevent IP source routing
d5030382-fcd1-4d7c-88e3-f1defebc7cf0Network: Simple TCP/IP Services must not be installed on the system
d0f0e951-4cca-4ca9-9b9e-e9e13e39ca99Network: Source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing
655d213f-bed4-43aa-9bbf-f4bf77a2defdRemote Management: Windows Remote Management (WinRM) service must not store RunAs credentials
84308839-5335-424f-bd4b-79b1c463e4d6