Standalone Windows STIG Script Versions Save
Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.
1.0.2
9 months agoFull Changelog: https://github.com/simeononsecurity/Standalone-Windows-STIG-Script/compare/1.0.0...1.0.2
How to run the script:
Automated Install:
The script may be launched from the extracted GitHub download like this:
iex ((New-Object System.Net.WebClient).DownloadString('https://simeononsecurity.ch/scripts/standalonewindows.ps1'))
Manual Install:
If manually downloaded, the script must be launched from the directory containing all the other files from the GitHub Repository
All of the parameters in the "secure-standalone.ps1" script are optional, with a default value of $true. This means that if no value is specified for a parameter when the script is run, it will be treated as if it were set to $true.
The script takes the following parameters, all of which are optional and default to $true if not specified:
- cleargpos: (Boolean) Clear GPOs not being used
- installupdates: (Boolean) Install updates and reboot if necessary
- adobe: (Boolean) STIG Adobe Reader
- firefox: (Boolean) STIG Firefox
- chrome: (Boolean) STIG Chrome
- IE11: (Boolean) STIG Internet Explorer 11
- edge: (Boolean) STIG Edge
- dotnet: (Boolean) STIG .NET Framework
- office: (Boolean) STIG Office
- onedrive: (Boolean) STIG OneDrive
- java: (Boolean) STIG Java
- windows: (Boolean) STIG Windows
- defender: (Boolean) STIG Windows Defender
- firewall: (Boolean) STIG Windows Firewall
- mitigations: (Boolean) STIG Mitigations
- nessusPID: (Boolean) Resolve Unquoted Strings in Path
- horizon: (Boolean) STIG VMware Horizon
- sosoptional: (Boolean) Optional STIG/Hardening items
An example of how to run the script with all default parameters would be:
.\secure-standalone.ps1
If you want to specify a different value for one or more of the parameters, you can include them in the command along with their desired value. For example, if you wanted to run the script and set the $firefox parameter to $false, the command would be:
.\secure-standalone.ps1 -firefox $false
You can also specify multiple parameters in the command like this:
.\secure-standalone.ps1 -firefox $false -chrome $false
Note that in this example, both the Firefox and Chrome parameters are set to $false.
Explore the World of Cybersecurity
Links:
1.0.0
3 years agoThe script may be launched from the extracted GitHub download like this:
.\secure-standalone.ps1
The script we will be using must be launched from the directory containing all the other files from the GitHub Repository