From 958908e46d1ab3df59c2fd9867e3ef3fae8cbecf Mon Sep 17 00:00:00 2001 From: Long Lam <31355535+eemperor@users.noreply.github.com> Date: Fri, 16 Aug 2024 13:50:13 -0400 Subject: [PATCH] Updated stig.yml files with new banner text --- ash-windows/stig/Windows_11/stig.yml | 44 +++++++++++-------- .../stig/Windows_2022Server_DC/stig.yml | 42 +++++++++++------- .../stig/Windows_2022Server_MS/stig.yml | 42 +++++++++++------- 3 files changed, 76 insertions(+), 52 deletions(-) diff --git a/ash-windows/stig/Windows_11/stig.yml b/ash-windows/stig/Windows_11/stig.yml index 2d4c891..0cf51d4 100644 --- a/ash-windows/stig/Windows_11/stig.yml +++ b/ash-windows/stig/Windows_11/stig.yml @@ -96,7 +96,7 @@ vtype: DWORD - key: Computer\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002\EccCurves policy_type: regpol - value: NistP384 NistP256 + value: NistP384\0NistP256 vtype: MULTISZ - key: Computer\SOFTWARE\Policies\Microsoft\FVE\UseAdvancedStartup policy_type: regpol @@ -592,23 +592,31 @@ vtype: DWORD - key: MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText policy_type: regpol - value: You are accessing a U.S. Government (USG) Information System (IS) that is - provided for USG-authorized use only.By using this IS (which includes any device - attached to this IS) you consent to the following conditions:-The USG routinely - intercepts and monitors communications on this IS for purposes including but - not limited to penetration testing COMSEC monitoring network operations - and defense personnel misconduct (PM) law enforcement (LE) and counterintelligence - (CI) investigations.-At any time the USG may inspect and seize data stored on - this IS.-Communications using or data stored on this IS are not private - are subject to routine monitoring interception and search and may be disclosed - or used for any USG-authorized purpose.-This IS includes security measures (e.g. - authentication and access controls) to protect USG interests--not for your personal - benefit or privacy.-Notwithstanding the above using this IS does not constitute - consent to PM LE or CI investigative searching or monitoring of the content - of privileged communications or work product related to personal representation - or services by attorneys psychotherapists or clergy and their assistants. - Such communications and work product are private and confidential. See User Agreement - for details. + value: 'You are accessing a U.S. Government (USG) Information System (IS) that is + provided for USG-authorized use only. + + By using this IS (which includes any device attached to this IS), you consent + to the following conditions: + + -The USG routinely intercepts and monitors communications on this IS for purposes + including, but not limited to, penetration testing, COMSEC monitoring, network + operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence + (CI) investigations. + + -At any time, the USG may inspect and seize data stored on this IS. + + -Communications using, or data stored on, this IS are not private, are subject + to routine monitoring, interception, and search, and may be disclosed or used + for any USG-authorized purpose. + + -This IS includes security measures (e.g., authentication and access controls) + to protect USG interests--not for your personal benefit or privacy. + + -Notwithstanding the above, using this IS does not constitute consent to PM, LE + or CI investigative searching or monitoring of the content of privileged communications, + or work product, related to personal representation or services by attorneys, + psychotherapists, or clergy, and their assistants. Such communications and work + product are private and confidential. See User Agreement for details.' vtype: MULTISZ - key: MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption policy_type: regpol diff --git a/ash-windows/stig/Windows_2022Server_DC/stig.yml b/ash-windows/stig/Windows_2022Server_DC/stig.yml index 48afdc4..3a2b4f6 100644 --- a/ash-windows/stig/Windows_2022Server_DC/stig.yml +++ b/ash-windows/stig/Windows_2022Server_DC/stig.yml @@ -363,23 +363,31 @@ vtype: SZ - key: MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText policy_type: regpol - value: You are accessing a U.S. Government (USG) Information System (IS) that is - provided for USG-authorized use only.By using this IS (which includes any device - attached to this IS) you consent to the following conditions:-The USG routinely - intercepts and monitors communications on this IS for purposes including but - not limited to penetration testing COMSEC monitoring network operations - and defense personnel misconduct (PM) law enforcement (LE) and counterintelligence - (CI) investigations.-At any time the USG may inspect and seize data stored on - this IS.-Communications using or data stored on this IS are not private - are subject to routine monitoring interception and search and may be disclosed - or used for any USG-authorized purpose.-This IS includes security measures (e.g. - authentication and access controls) to protect USG interests--not for your personal - benefit or privacy.-Notwithstanding the above using this IS does not constitute - consent to PM LE or CI investigative searching or monitoring of the content - of privileged communications or work product related to personal representation - or services by attorneys psychotherapists or clergy and their assistants. - Such communications and work product are private and confidential. See User Agreement - for details. + value: 'You are accessing a U.S. Government (USG) Information System (IS) that is + provided for USG-authorized use only. + + By using this IS (which includes any device attached to this IS), you consent + to the following conditions: + + -The USG routinely intercepts and monitors communications on this IS for purposes + including, but not limited to, penetration testing, COMSEC monitoring, network + operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence + (CI) investigations. + + -At any time, the USG may inspect and seize data stored on this IS. + + -Communications using, or data stored on, this IS are not private, are subject + to routine monitoring, interception, and search, and may be disclosed or used + for any USG-authorized purpose. + + -This IS includes security measures (e.g., authentication and access controls) + to protect USG interests--not for your personal benefit or privacy. + + -Notwithstanding the above, using this IS does not constitute consent to PM, LE + or CI investigative searching or monitoring of the content of privileged communications, + or work product, related to personal representation or services by attorneys, + psychotherapists, or clergy, and their assistants. Such communications and work + product are private and confidential. See User Agreement for details.' vtype: MULTISZ - key: MACHINE\Software\Policies\Microsoft\Cryptography\ForceKeyProtection policy_type: regpol diff --git a/ash-windows/stig/Windows_2022Server_MS/stig.yml b/ash-windows/stig/Windows_2022Server_MS/stig.yml index 7927e5a..806d680 100644 --- a/ash-windows/stig/Windows_2022Server_MS/stig.yml +++ b/ash-windows/stig/Windows_2022Server_MS/stig.yml @@ -367,23 +367,31 @@ vtype: SZ - key: MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText policy_type: regpol - value: You are accessing a U.S. Government (USG) Information System (IS) that is - provided for USG-authorized use only.By using this IS (which includes any device - attached to this IS) you consent to the following conditions:-The USG routinely - intercepts and monitors communications on this IS for purposes including but - not limited to penetration testing COMSEC monitoring network operations - and defense personnel misconduct (PM) law enforcement (LE) and counterintelligence - (CI) investigations.-At any time the USG may inspect and seize data stored on - this IS.-Communications using or data stored on this IS are not private - are subject to routine monitoring interception and search and may be disclosed - or used for any USG-authorized purpose.-This IS includes security measures (e.g. - authentication and access controls) to protect USG interests--not for your personal - benefit or privacy.-Notwithstanding the above using this IS does not constitute - consent to PM LE or CI investigative searching or monitoring of the content - of privileged communications or work product related to personal representation - or services by attorneys psychotherapists or clergy and their assistants. - Such communications and work product are private and confidential. See User Agreement - for details. + value: 'You are accessing a U.S. Government (USG) Information System (IS) that is + provided for USG-authorized use only. + + By using this IS (which includes any device attached to this IS), you consent + to the following conditions: + + -The USG routinely intercepts and monitors communications on this IS for purposes + including, but not limited to, penetration testing, COMSEC monitoring, network + operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence + (CI) investigations. + + -At any time, the USG may inspect and seize data stored on this IS. + + -Communications using, or data stored on, this IS are not private, are subject + to routine monitoring, interception, and search, and may be disclosed or used + for any USG-authorized purpose. + + -This IS includes security measures (e.g., authentication and access controls) + to protect USG interests--not for your personal benefit or privacy. + + -Notwithstanding the above, using this IS does not constitute consent to PM, LE + or CI investigative searching or monitoring of the content of privileged communications, + or work product, related to personal representation or services by attorneys, + psychotherapists, or clergy, and their assistants. Such communications and work + product are private and confidential. See User Agreement for details.' vtype: MULTISZ - key: MACHINE\Software\Policies\Microsoft\Cryptography\ForceKeyProtection policy_type: regpol