chore: updated for ACSC hardening

2025-03-19 10:50:10 +10:00
parent 28f22c9be5
commit f4cf4c73fb
46 changed files with 11155 additions and 10862 deletions
--- a/policies/compliance/Win
+++ b/policies/compliance/Win
@ -1,43 +1,43 @@
-{
-    "@odata.type": "#microsoft.graph.windows10CompliancePolicy",
-    "displayName": "Win - Compliance - U - Defender for Endpoint",
-    "description": null,
-    "passwordRequired": false,
-    "passwordBlockSimple": false,
-    "passwordRequiredToUnlockFromIdle": false,
-    "passwordRequiredType": "deviceDefault",
-    "requireHealthyDeviceReport": false,
-    "earlyLaunchAntiMalwareDriverEnabled": false,
-    "bitLockerEnabled": false,
-    "secureBootEnabled": false,
-    "codeIntegrityEnabled": false,
-    "memoryIntegrityEnabled": false,
-    "kernelDmaProtectionEnabled": false,
-    "virtualizationBasedSecurityEnabled": false,
-    "firmwareProtectionEnabled": false,
-    "storageRequireEncryption": false,
-    "activeFirewallRequired": false,
-    "defenderEnabled": true,
-    "signatureOutOfDate": true,
-    "rtpEnabled": true,
-    "antivirusRequired": false,
-    "antiSpywareRequired": false,
-    "deviceThreatProtectionEnabled": false,
-    "deviceThreatProtectionRequiredSecurityLevel": "unavailable",
-    "configurationManagerComplianceRequired": false,
-    "tpmRequired": false,
-    "validOperatingSystemBuildRanges": [],
-    
-    // Scheduled Actions (MUST be included in the initial policy creation)
-    "scheduledActionsForRule": [
-        {
-            "ruleName": null,
-            "scheduledActionConfigurations": [
-                {
-                    "actionType": "block",
-                    "gracePeriodHours": 6
-                }
-            ]
-        }
-    ]
+{
+    "@odata.type": "#microsoft.graph.windows10CompliancePolicy",
+    "displayName": "Win - Compliance - U - Defender for Endpoint",
+    "description": null,
+    "passwordRequired": false,
+    "passwordBlockSimple": false,
+    "passwordRequiredToUnlockFromIdle": false,
+    "passwordRequiredType": "deviceDefault",
+    "requireHealthyDeviceReport": false,
+    "earlyLaunchAntiMalwareDriverEnabled": false,
+    "bitLockerEnabled": false,
+    "secureBootEnabled": false,
+    "codeIntegrityEnabled": false,
+    "memoryIntegrityEnabled": false,
+    "kernelDmaProtectionEnabled": false,
+    "virtualizationBasedSecurityEnabled": false,
+    "firmwareProtectionEnabled": false,
+    "storageRequireEncryption": false,
+    "activeFirewallRequired": false,
+    "defenderEnabled": true,
+    "signatureOutOfDate": true,
+    "rtpEnabled": true,
+    "antivirusRequired": false,
+    "antiSpywareRequired": false,
+    "deviceThreatProtectionEnabled": false,
+    "deviceThreatProtectionRequiredSecurityLevel": "unavailable",
+    "configurationManagerComplianceRequired": false,
+    "tpmRequired": false,
+    "validOperatingSystemBuildRanges": [],
+    
+    // Scheduled Actions (MUST be included in the initial policy creation)
+    "scheduledActionsForRule": [
+        {
+            "ruleName": null,
+            "scheduledActionConfigurations": [
+                {
+                    "actionType": "block",
+                    "gracePeriodHours": 6
+                }
+            ]
+        }
+    ]
 }