Skip to content

Latest commit

 

History

History
142 lines (127 loc) · 4.03 KB

3_BL696-0227.md

File metadata and controls

142 lines (127 loc) · 4.03 KB
Raw
scapolite id id_namespace title rule rationale description applicability implementations checks crossrefs history
class version
rule
0.51
BL696-0227
com.siemens.seg.policy_framework.rule
Use NTFS File System
<see below>
<see below>
<see below>
system c i a
com.siemens.cert.acp
123
123
123
system roles
com.siemens.cert.scapolite.target_audience
asset_manager
relative_id description automations
01
<see below>
system caveat nature description
org.scapolite.implementation.caveats
automation_issue
no_automation
No automation of implementation possible
relative_id title description automations
01
Checking the file system of all your volumes
<see below>
system automatibility relative_id type caption identifier script context expected
org.scapolite.automation.script
Full
01
ps1
BL696-0227_C01_01
BL696-0227_C01_01
Get-Volume | Select Size, FileSystemType | Where {$_.Size -gt 1GB}
user
output_processor each_item option
Format-List
key equal_to
FileSystemType
NTFS
case_insensitive
system idref relation
com.siemens.seg.policy_framework.rule
12.1.1-05
based_on
version date action description internal_comment
2.5
2020-01-16
modified
Modified command to only return the file system type as return value. No other content changed; no need to set EVAL flag.
version date action description internal_comment
2.4
2019-07-05
revised
Corrected a minor typo in the rule. No need to set an EVAL flag.
version date action hide description internal_comment
1.11
2017-08-01
revised
true
Converted rule into Scapolite format.
version date eval action description internal_comment
1.0
2017-02-28
true
modified
Measure published as v1.0.
version date action hide description internal_comment
0.9
2016-12-15
modified
true
Version number increased to 0.9.
version action hide description internal_comment
0.4
modified
true
Minor rewording to all sections; renamed title of the Measure.
version action hide description internal_comment
0.2
modified
true
Added the statement “Converting a FAT file system to NTFS is not permitted” to the *Measure* section as well as some small cosmetic changes.
version action hide description internal_comment
0.1
created
true
Measure created based on latest Windows 8.x measures and incorporating changes from Windows 7 release 2015-11-30.

/rule

a. Use the NTFS file system for all partitions (i.e., where the operating system resides, and any other partition used to store data). b. Do not convert an actual and running FAT disk or partition to NTFS. Format the disk or partition.

/rationale

Although Microsoft offers a command-line tool to convert a FAT file system to NTFS, not all security enhancements of NTFS are available after a conversion and some software or applications might stop working.

/description

Windows supports several file system types: FAT, FAT32, and NTFS. NTFS is the preferred file system of Windows and offers improvements compared to FAT or FAT32, in terms of performance, reliability, security ACLs, or auditing. File security auditing and system access control on directory and file level can only be enforced using NTFS.

/implementations/0/description

When formatting a volume, select the NTFS type.

/checks/0/description

Run the following PowerShell command to get the file system of all your volumes:

::::: {.scapolite .AUTOGENERATED path='auto:01'}

(Get-Volume).FileSystem

:::::