Helpers/SecurityOptionData.psd1
|
@{ "Accounts_Administrator_account_status" = @{ Value = 'EnableAdminAccount' Section = 'System Access' Option = @{ "Enabled" = '1' "Disabled" = '0' } } "Accounts_Block_Microsoft_accounts" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoConnectedUser" Section = 'Registry Values' Option = @{ "This policy is disabled" = '4,0' "Users cant add Microsoft accounts" = '4,1' "Users cant add or log on with Microsoft accounts" = '4,3' } } "Accounts_Guest_account_status" = @{ Value = 'EnableGuestAccount' Section = 'System Access' Option = @{ "Enabled" = '1' "Disabled" = '0' } } "Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Accounts_Rename_administrator_account" = @{ Value = 'NewAdministratorName' Section = 'System Access' Option = @{ String = '' # supply name of administrator account } } "Accounts_Rename_guest_account" = @{ Value = 'NewGuestName' Section = 'System Access' Option = @{ String = '' # supply name of guest account } } "Audit_Audit_the_access_of_global_system_objects" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Audit_Audit_the_use_of_Backup_and_Restore_privilege" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing" Section = 'Registry Values' Option = @{ Enabled = '3,1' Disabled = '3,0' } } "Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\SCENoApplyLegacyAuditPolicy" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Audit_Shut_down_system_immediately_if_unable_to_log_security_audits" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "DCOM_Machine_Access_Restrictions_in_Security_Descriptor_Definition_Language_SDDL_syntax" = @{ Value = "MACHINE\Software\Policies\Microsoft\Windows NT\DCOM\MachineAccessRestriction" Section = 'Registry Values' Option = @{ String = '1,' # + <SecurityDescriptorString(same format as icacls)> } } "DCOM_Machine_Launch_Restrictions_in_Security_Descriptor_Definition_Language_SDDL_syntax" = @{ Value = "MACHINE\Software\Policies\Microsoft\Windows NT\DCOM\MachineLaunchRestriction" Section = 'Registry Values' Option = @{ String = '1,' # + <SecurityDescriptorString(same format as icacls)> } } "Devices_Allow_undock_without_having_to_log_on" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Devices_Allowed_to_format_and_eject_removable_media" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD" Section = 'Registry Values' Option = @{ 'Administrators' = '1,"0"' 'Administrators and Power Users' = '1,"1"' 'Administrators and Interactive Users' = '1,"2"' } } "Devices_Prevent_users_from_installing_printer_drivers" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDrivers" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Devices_Restrict_CD_ROM_access_to_locally_logged_on_user_only" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms" Section = 'Registry Values' Option = @{ Enabled = '1,"1"' Disabled = '1,"0"' } } "Devices_Restrict_floppy_access_to_locally_logged_on_user_only" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies" Section = 'Registry Values' Option = @{ Enabled = '1,"1"' Disabled = '1,"0"' } } "Domain_controller_Allow_server_operators_to_schedule_tasks" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Domain_controller_LDAP_server_signing_requirements" = @{ Value = "MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\LDAPServerIntegrity" Section = 'Registry Values' Option = @{ 'None' = '4,1' 'Require Signing' = '4,2' } } "Domain_controller_Refuse_machine_account_password_changes" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RefusePasswordChange" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Domain_member_Digitally_encrypt_secure_channel_data_when_possible" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Domain_member_Digitally_sign_secure_channel_data_when_possible" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Domain_member_Disable_machine_account_password_changes" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChange" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Domain_member_Maximum_machine_account_password_age" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAge" Section = 'Registry Values' Option = @{ String = "4," # + <NumberOfDays> } } "Domain_member_Require_strong_Windows_2000_or_later_session_key" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Interactive_logon_Display_user_information_when_the_session_is_locked" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLockedUserId" Section = 'Registry Values' Option = @{ 'User displayname, domain and user names' = '4,1' 'User display name only' = '4,2' 'Do not display user information' = '4,3' } } "Interactive_logon_Do_not_display_last_user_name" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserName" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Interactive_logon_Do_not_require_CTRL_ALT_DEL" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCAD" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Interactive_logon_Machine_account_lockout_threshold" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\MaxDevicePasswordFailedAttempts" Section = 'Registry Values' Option = @{ String = "4," # + <NumberOfAttempts> } } "Interactive_logon_Machine_inactivity_limit" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\InactivityTimeoutSecs" Section = 'Registry Values' Option = @{ String = "4," # + <NumberOfSeconds> } } "Interactive_logon_Message_text_for_users_attempting_to_log_on" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText" Section = 'Registry Values' Option = @{ String = "7," # + <Message> } } "Interactive_logon_Message_title_for_users_attempting_to_log_on" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption" Section = 'Registry Values' Option = @{ String = "1," # + <Message> } } "Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount" Section = 'Registry Values' Option = @{ String = "1," # + <NumberOfFailedAttempts> } } "Interactive_logon_Prompt_user_to_change_password_before_expiration" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\PasswordExpiryWarning" Section = 'Registry Values' Option = @{ String = "4," # + <NumberOfDays> } } "Interactive_logon_Require_Domain_Controller_authentication_to_unlock_workstation" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogon" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Interactive_logon_Require_smart_card" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ScForceOption" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Interactive_logon_Smart_card_removal_behavior" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOption" Section = 'Registry Values' Option = @{ 'No Action' = '1,"0"' 'Lock workstation' = '1,"1"' 'Force logoff' = '1,"2"' 'Disconnect if a remote Remote Desktop Services session' = '1,"3"' } } "Microsoft_network_client_Digitally_sign_communications_always" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignature" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Microsoft_network_client_Digitally_sign_communications_if_server_agrees" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignature" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Microsoft_network_client_Send_unencrypted_password_to_third_party_SMB_servers" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPassword" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Microsoft_network_server_Amount_of_idle_time_required_before_suspending_session" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect" Section = 'Registry Values' Option = @{ String = '4,' # + <Minutes> } } "Microsoft_network_server_Attempt_S4U2Self_to_obtain_claim_information" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableS4U2SelfForClaims" Section = 'Registry Values' Option = @{ Default = '4,0' Enabled = '4,1' Disabled = '4,2' } } "Microsoft_network_server_Digitally_sign_communications_always" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Microsoft_network_server_Digitally_sign_communications_if_client_agrees" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Microsoft_network_server_Disconnect_clients_when_logon_hours_expire" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Microsoft_network_server_Server_SPN_target_name_validation_level" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\SmbServerNameHardeningLevel" Section = 'Registry Values' Option = @{ 'Off' = '4,0' 'Accept if provided by client' = '4,1' 'Required from client' = '4,2' } } "Network_access_Allow_anonymous_SID_Name_translation" = @{ Value = 'LSAAnonymousNameLookup' Section = 'System Access' Option = @{ Enabled = '1' Disabled = '0' } } "Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_access_Do_not_allow_storage_of_passwords_and_credentials_for_network_authentication" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_access_Let_Everyone_permissions_apply_to_anonymous_users" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_access_Named_Pipes_that_can_be_accessed_anonymously" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionPipes" Section = 'Registry Values' Option = @{ String = '7,' # + accounts (Identities seperated by commas) } } "Network_access_Remotely_accessible_registry_paths" = @{ Value = "MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedExactPaths\Machine" Section = 'Registry Values' Option = @{ String = '7,' # + accounts (Identities seperated by commas) } } "Network_access_Remotely_accessible_registry_paths_and_subpaths" = @{ Value = "MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\Machine" Section = 'Registry Values' Option = @{ String = '7,' # + accounts (Identities seperated by commas) } } "Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RestrictNullSessAccess" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_access_Restrict_clients_allowed_to_make_remote_calls_to_SAM" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\RestrictRemoteSAM" Section = 'Registry Values' Option = @{ String = '1,' } } "Network_access_Shares_that_can_be_accessed_anonymously" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionShares" Section = 'Registry Values' Option = @{ String = '7,' # + accounts (Identities seperated by commas) } } "Network_access_Sharing_and_security_model_for_local_accounts" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest" Section = 'Registry Values' Option = @{ 'Classic - Local users authenticate as themselves' = '4,0' 'Guest only - Local users authenticate as Guest' = '4,1' } } "Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\UseMachineId" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_security_Allow_LocalSystem_NULL_session_fallback" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\allownullsessionfallback" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_Security_Allow_PKU2U_authentication_requests_to_this_computer_to_use_online_identities" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\pku2u\AllowOnlineID" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_security_Configure_encryption_types_allowed_for_Kerberos" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\SupportedEncryptionTypes" Section = 'Registry Values' Option = @{ DES_CBC_CRC = '4,1' DES_CBC_MD5 = '4,2' RC4_HMAC_MD5 = '4,4' AES128_HMAC_SHA1 = '4,8' AES256_HMAC_SHA1 = '4,16' FUTURE = '4,2147483616' } } "Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Network_security_Force_logoff_when_logon_hours_expire" = @{ Value = "ForceLogoffWhenHourExpire" Section = 'System Access' Option = @{ Enabled = '1' Disabled = '0' } } "Network_security_LAN_Manager_authentication_level" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel" Section = 'Registry Values' Option = @{ 'Send LM & NTLM responses' = '4,0' 'Send LM & NTLM - use NTLMv2 session security if negotiated' = '4,1' 'Send NTLM responses only' = '4,2' 'Send NTLMv2 responses only' = '4,3' 'Send NTLMv2 responses only. Refuse LM' = '4,4' 'Send NTLMv2 responses only. Refuse LM & NTLM' = '4,5' } } "Network_security_LDAP_client_signing_requirements" = @{ Value = "MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity" Section = 'Registry Values' Option = @{ 'None' = '4,0' 'Negotiate Signing' = '4,1' 'Require Signing' = '4,2' } } "Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec" Section = 'Registry Values' Option = @{ 'Require NTLMv2 session security' = '4,524288' 'Require 128-bit encryption' = '4,536870912' 'Both options checked' = '4,537395200' } } "Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec" Section = 'Registry Values' Option = @{ 'Require NTLMv2 session security' = '4,524288' 'Require 128-bit encryption' = '4,536870912' 'Both options checked' = '4,537395200' } } "Network_security_Restrict_NTLM_Add_remote_server_exceptions_for_NTLM_authentication" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\ClientAllowedNTLMServers" Section = 'Registry Values' Option = @{ String = '7,' # <Option> } } "Network_security_Restrict_NTLM_Add_server_exceptions_in_this_domain" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DCAllowedNTLMServers" Section = 'Registry Values' Option = @{ String = '7,' # <Options> } } "Network_Security_Restrict_NTLM_Audit_Incoming_NTLM_Traffic" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\AuditReceivingNTLMTraffic" Section = 'Registry Values' Option = @{ 'Disabled' = '4,0' 'Enable auditing for domain accounts' = '4,1' 'Enable auditing for all accounts' = '4,2' } } "Network_Security_Restrict_NTLM_Audit_NTLM_authentication_in_this_domain" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\AuditNTLMInDomain" Section = 'Registry Values' Option = @{ 'Disable' = '4,0' 'Enable for domain accounts to domain servers' = '4,1' 'Enable for domain accounts' = '4,3' 'Enable for domain servers' = '4,5' 'Enable all' = '4,7' } } "Network_Security_Restrict_NTLM_Incoming_NTLM_Traffic" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\RestrictReceivingNTLMTraffic" Section = 'Registry Values' Option = @{ 'Allow all' = '4,0' 'Deny all domain accounts' = '4,1' 'Deny all accounts' = '4,2' } } "Network_Security_Restrict_NTLM_NTLM_authentication_in_this_domain" = @{ Value = "MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RestrictNTLMInDomain" Section = 'Registry Values' Option = @{ 'Disable' = '4,0' 'Deny for domain accounts to domain servers' = '4,1' 'Deny for domain accounts' = '4,3' 'Deny for domain servers' = '4,5' 'Deny all' = '4,7' } } "Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\RestrictSendingNTLMTraffic" Section = 'Registry Values' Option = @{ 'Allow all' = '4,0' 'Audit all' = '4,1' 'Deny all' = '4,2' } } "Recovery_console_Allow_automatic_administrative_logon" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Recovery_console_Allow_floppy_copy_and_access_to_all_drives_and_folders" = @{ Value = "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommand" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Shutdown_Allow_system_to_be_shut_down_without_having_to_log_on" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "Shutdown_Clear_virtual_memory_pagefile" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer" = @{ Value = "MACHINE\Software\Policies\Microsoft\Cryptography\ForceKeyProtection" Section = 'Registry Values' Option = @{ 'User input is not required when new keys are stored and used' = '4,0' 'User is prompted when the key is first used' = '4,1' 'User must enter a password each time they use a key' = '4,2' } } "System_cryptography_Use_FIPS_compliant_algorithms_for_encryption_hashing_and_signing" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "System_objects_Require_case_insensitivity_for_non_Windows_subsystems" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitive" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "System_settings_Optional_subsystems" = @{ Value = "MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems\optional" Section = 'Registry Values' Option = @{ String = '7,' # + Posix } } "System_settings_Use_Certificate_Rules_on_Windows_Executables_for_Software_Restriction_Policies" = @{ Value = "MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\AuthenticodeEnabled" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\FilterAdministratorToken" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Allow_UIAccess_applications_to_prompt_for_elevation_without_using_the_secure_desktop" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableUIADesktopToggle" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" Section = 'Registry Values' Option = @{ 'Elevate without prompting' = '4,0' 'Prompt for credentials on the secure desktop' = '4,1' 'Prompt for consent on the secure desktop' = '4,2' 'Prompt for credentials' = '4,3' 'Prompt for consent' = '4,4' 'Prompt for consent for non-Windows binaries' = '4,5' } } "User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorUser" Section = 'Registry Values' Option = @{ 'Automatically deny elevation request' = '4,0' 'Prompt for credentials on the secure desktop' = '4,1' 'Prompt for credentials' = '4,3' } } "User_Account_Control_Detect_application_installations_and_prompt_for_elevation" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableInstallerDetection" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Only_elevate_executables_that_are_signed_and_validated" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ValidateAdminCodeSignatures" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Only_elevate_UIAccess_applications_that_are_installed_in_secure_locations" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableSecureUIAPaths" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Switch_to_the_secure_desktop_when_prompting_for_elevation" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } "User_Account_Control_Virtualize_file_and_registry_write_failures_to_per_user_locations" = @{ Value = "MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableVirtualization" Section = 'Registry Values' Option = @{ Enabled = '4,1' Disabled = '4,0' } } } # SIG # Begin signature block # MIIjkAYJKoZIhvcNAQcCoIIjgTCCI30CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAg8NDupyEQFLEw # TJ5ZUEZdGB5IVhvtiQCDnLDUkBle7KCCDYEwggX/MIID56ADAgECAhMzAAABh3IX # chVZQMcJAAAAAAGHMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjAwMzA0MTgzOTQ3WhcNMjEwMzAzMTgzOTQ3WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDOt8kLc7P3T7MKIhouYHewMFmnq8Ayu7FOhZCQabVwBp2VS4WyB2Qe4TQBT8aB # znANDEPjHKNdPT8Xz5cNali6XHefS8i/WXtF0vSsP8NEv6mBHuA2p1fw2wB/F0dH # sJ3GfZ5c0sPJjklsiYqPw59xJ54kM91IOgiO2OUzjNAljPibjCWfH7UzQ1TPHc4d # weils8GEIrbBRb7IWwiObL12jWT4Yh71NQgvJ9Fn6+UhD9x2uk3dLj84vwt1NuFQ # itKJxIV0fVsRNR3abQVOLqpDugbr0SzNL6o8xzOHL5OXiGGwg6ekiXA1/2XXY7yV # Fc39tledDtZjSjNbex1zzwSXAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUhov4ZyO96axkJdMjpzu2zVXOJcsw # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDU4Mzg1MB8GA1UdIwQYMBaAFEhu # ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w # Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx # MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAixmy # S6E6vprWD9KFNIB9G5zyMuIjZAOuUJ1EK/Vlg6Fb3ZHXjjUwATKIcXbFuFC6Wr4K # NrU4DY/sBVqmab5AC/je3bpUpjtxpEyqUqtPc30wEg/rO9vmKmqKoLPT37svc2NV # BmGNl+85qO4fV/w7Cx7J0Bbqk19KcRNdjt6eKoTnTPHBHlVHQIHZpMxacbFOAkJr # qAVkYZdz7ikNXTxV+GRb36tC4ByMNxE2DF7vFdvaiZP0CVZ5ByJ2gAhXMdK9+usx # zVk913qKde1OAuWdv+rndqkAIm8fUlRnr4saSCg7cIbUwCCf116wUJ7EuJDg0vHe # yhnCeHnBbyH3RZkHEi2ofmfgnFISJZDdMAeVZGVOh20Jp50XBzqokpPzeZ6zc1/g # yILNyiVgE+RPkjnUQshd1f1PMgn3tns2Cz7bJiVUaqEO3n9qRFgy5JuLae6UweGf # AeOo3dgLZxikKzYs3hDMaEtJq8IP71cX7QXe6lnMmXU/Hdfz2p897Zd+kU+vZvKI # 3cwLfuVQgK2RZ2z+Kc3K3dRPz2rXycK5XCuRZmvGab/WbrZiC7wJQapgBodltMI5 # GMdFrBg9IeF7/rP4EqVQXeKtevTlZXjpuNhhjuR+2DMt/dWufjXpiW91bo3aH6Ea # jOALXmoxgltCp1K7hrS6gmsvj94cLRf50QQ4U8Qwggd6MIIFYqADAgECAgphDpDS # AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla # MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT # H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG # OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S # 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz # y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7 # 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u # M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33 # X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl # XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP # 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB # l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF # RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM # CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ # BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud # DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO # 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw # cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA # XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY # 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj # 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd # d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ # Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf # wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ # aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j # NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B # xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96 # eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7 # r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I # RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIVZTCCFWECAQEwgZUwfjELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z # b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAYdyF3IVWUDHCQAAAAABhzAN # BglghkgBZQMEAgEFAKCBrjAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgGk+MuNYI # hMSAI/kZjMPjDuxR24QRf1crgCj75G6cBiIwQgYKKwYBBAGCNwIBDDE0MDKgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRqAGGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbTAN # BgkqhkiG9w0BAQEFAASCAQBSfT2/Odf1m6472HJGWDqeFiQM5nXbnzLWmcvbqKsM # bOsyap2MAJjuf7yfmRc3PjpEOxKhIPyPfgKHASMP/t3odYg61hdDz0bdxe7QJog2 # rPXFHuh3Kgkn04X0oCgXJnKrImRTMVU9v7+4UtS9eNWoBRBFt1DWJtWWrry4WQSE # x1/GHD9SNRRBQjBcx8N40Ddneovvmn/rn7N8lP8XRJypSxz79m5X+IsBztUrrgJ8 # CrsPgVY0+O6vwh2y7Xj73xpo+0zoJ5/uMrxZyyXPJMSKR0M9PBLVlIZ85UszzAC7 # G3aTpbMS8M4ViLvFGGmzaEUcwkx5cnYU/cLpE2ckiltuoYIS7zCCEusGCisGAQQB # gjcDAwExghLbMIIS1wYJKoZIhvcNAQcCoIISyDCCEsQCAQMxDzANBglghkgBZQME # AgEFADCCAVMGCyqGSIb3DQEJEAEEoIIBQgSCAT4wggE6AgEBBgorBgEEAYRZCgMB # MDEwDQYJYIZIAWUDBAIBBQAEIHu6VSIYhA/naw+f7UUDYO4/JdnsGTuEEI8r7Ywg # DBh/AgZfu9S2/aEYETIwMjEwMTA1MjM1NjAwLjVaMASAAgH0oIHUpIHRMIHOMQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQLEyBNaWNy # b3NvZnQgT3BlcmF0aW9ucyBQdWVydG8gUmljbzEmMCQGA1UECxMdVGhhbGVzIFRT # UyBFU046Nzg4MC1FMzkwLTgwMTQxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0 # YW1wIFNlcnZpY2Wggg5EMIIE9TCCA92gAwIBAgITMwAAASigDoHhNtVPwgAAAAAB # KDANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAe # Fw0xOTEyMTkwMTE1MDBaFw0yMTAzMTcwMTE1MDBaMIHOMQswCQYDVQQGEwJVUzET # MBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMV # TWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQLEyBNaWNyb3NvZnQgT3BlcmF0 # aW9ucyBQdWVydG8gUmljbzEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046Nzg4MC1F # MzkwLTgwMTQxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Uw # ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdkbHW91Tbhj7Nvw4KXPYL # e+yxtCT5A+FVk5RCS5Ks50yZfkaGX4jsDeolnz7uJP5I/J8GO6by7NTrAcuPeMrr # IOKxy8BzVCT7cNU3OeDDi4HXKLAODcZIu93w8qlsA7YznZOh+5DXMwT6gAw+gffK # Le+/8EgAgSSMZvagFLnarkuX3MwhdPvmllGrw7uOlN3L+hxIyHVdmXSU1CoOFlCH # U2DEFyNPNvqkrOOVgWY3CvfP7SH8fLqvKvJLFhffs1IxkxYjGih4Z+3EgqBI+xNb # VZltPCEqUuu/FhT9vgNDkMGlnCSjQAivifi2uy89mxrqQonThs+Vw3sHNZQ/Zyz3 # AgMBAAGjggEbMIIBFzAdBgNVHQ4EFgQUhOLyg/F+tTeb1AHDTnR/UATLpvIwHwYD # VR0jBBgwFoAU1WM6XIoxkPNDe3xGG8UzaFqFbVUwVgYDVR0fBE8wTTBLoEmgR4ZF # aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljVGlt # U3RhUENBXzIwMTAtMDctMDEuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcw # AoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNUaW1TdGFQ # Q0FfMjAxMC0wNy0wMS5jcnQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEF # BQcDCDANBgkqhkiG9w0BAQsFAAOCAQEAi19mRxiFC4A5P4nHB1lMsIw8gLAR5YZJ # rZgaeJZXcC93TaNG12WR4kmQfnNis7z6mOuAZRAo0vz6rq9pvVGk9TdAXlKMER0E # /PMHc3feIGKil5iw21UfMnlYAZHD/yYlVm13UM3M9REx4Fq4frswPAcFIAGhycPp # 12HHCLg4DyTNVE3jZfUeTr3/us0dhOWSOA6yKr0uIx+ELKDD059uwIze1WbeGpqE # cTCxHEAEu7z09SVFGkRaRR5pFGFZZ9WDLMP//+vevGkb8t3JgpUuOLsZJGiC24Yd # YdPXo2Yx4axJ/pPTHFZFormO9uIyf+e7cpTOwP48yFjY9RfFZYZMsjCCBnEwggRZ # oAMCAQICCmEJgSoAAAAAAAIwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBSb290 # IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTEwMDcwMTIxMzY1NVoXDTI1 # MDcwMTIxNDY1NVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggEiMA0G # CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHQ28dxGKOiDs/BOX9fp/aZRrdFQQ # 1aUKAIKF++18aEssX8XD5WHCdrc+Zitb8BVTJwQxH0EbGpUdzgkTjnxhMFmxMEQP # 8WCIhFRDDNdNuDgIs0Ldk6zWczBXJoKjRQ3Q6vVHgc2/JGAyWGBG8lhHhjKEHnRh # Z5FfgVSxz5NMksHEpl3RYRNuKMYa+YaAu99h/EbBJx0kZxJyGiGKr0tkiVBisV39 # dx898Fd1rL2KQk1AUdEPnAY+Z3/1ZsADlkR+79BL/W7lmsqxqPJ6Kgox8NpOBpG2 # iAg16HgcsOmZzTznL0S6p/TcZL2kAcEgCZN4zfy8wMlEXV4WnAEFTyJNAgMBAAGj # ggHmMIIB4jAQBgkrBgEEAYI3FQEEAwIBADAdBgNVHQ4EFgQU1WM6XIoxkPNDe3xG # G8UzaFqFbVUwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGG # MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186a # GMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3Br # aS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsG # AQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwgaAGA1UdIAEB # /wSBlTCBkjCBjwYJKwYBBAGCNy4DMIGBMD0GCCsGAQUFBwIBFjFodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vUEtJL2RvY3MvQ1BTL2RlZmF1bHQuaHRtMEAGCCsGAQUF # BwICMDQeMiAdAEwAZQBnAGEAbABfAFAAbwBsAGkAYwB5AF8AUwB0AGEAdABlAG0A # ZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQAH5ohRDeLG4Jg/gXEDPZ2joSFv # s+umzPUxvs8F4qn++ldtGTCzwsVmyWrf9efweL3HqJ4l4/m87WtUVwgrUYJEEvu5 # U4zM9GASinbMQEBBm9xcF/9c+V4XNZgkVkt070IQyK+/f8Z/8jd9Wj8c8pl5SpFS # AK84Dxf1L3mBZdmptWvkx872ynoAb0swRCQiPM/tA6WWj1kpvLb9BOFwnzJKJ/1V # ry/+tuWOM7tiX5rbV0Dp8c6ZZpCM/2pif93FSguRJuI57BlKcWOdeyFtw5yjojz6 # f32WapB4pm3S4Zz5Hfw42JT0xqUKloakvZ4argRCg7i1gJsiOCC1JeVk7Pf0v35j # WSUPei45V3aicaoGig+JFrphpxHLmtgOR5qAxdDNp9DvfYPw4TtxCd9ddJgiCGHa # sFAeb73x4QDf5zEHpJM692VHeOj4qEir995yfmFrb3epgcunCaw5u+zGy9iCtHLN # HfS4hQEegPsbiSpUObJb2sgNVZl6h3M7COaYLeqN4DMuEin1wC9UJyH3yKxO2ii4 # sanblrKnQqLJzxlBTeCG+SqaoxFmMNO7dDJL32N79ZmKLxvHIa9Zta7cRDyXUHHX # odLFVeNp3lfB0d4wwP3M5k37Db9dT+mdHhk4L7zPWAUu7w2gUDXa7wknHNWzfjUe # CLraNtvTX4/edIhJEqGCAtIwggI7AgEBMIH8oYHUpIHRMIHOMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQLEyBNaWNyb3NvZnQgT3Bl # cmF0aW9ucyBQdWVydG8gUmljbzEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046Nzg4 # MC1FMzkwLTgwMTQxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZp # Y2WiIwoBATAHBgUrDgMCGgMVADE9SxvygBI9F7Ii/Z+5sZl9Wn2boIGDMIGApH4w # fDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMd # TWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJKoZIhvcNAQEFBQACBQDj # nwEjMCIYDzIwMjEwMTA1MTkxNTQ3WhgPMjAyMTAxMDYxOTE1NDdaMHcwPQYKKwYB # BAGEWQoEATEvMC0wCgIFAOOfASMCAQAwCgIBAAICLA4CAf8wBwIBAAICEcMwCgIF # AOOgUqMCAQAwNgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYBBAGEWQoDAqAKMAgCAQAC # AwehIKEKMAgCAQACAwGGoDANBgkqhkiG9w0BAQUFAAOBgQAsFYO4rIDxqjqt5sIH # hVqxRIr1I47djX/ocICBWmmJprFfeDun8JB7qhVW00M/6p0Em6dDRXtGjof8iXMp # yX5dBZeqrNO7hAPvcr9N4Ybfd+oNhGeAOjDBVDFonnKtp7AWVVP7QUV2TER6yGBr # 5fb806wVgvpQ/vP4w4Puu95YvDGCAw0wggMJAgEBMIGTMHwxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1l # LVN0YW1wIFBDQSAyMDEwAhMzAAABKKAOgeE21U/CAAAAAAEoMA0GCWCGSAFlAwQC # AQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwLwYJKoZIhvcNAQkE # MSIEIEX3vXiDtmRWtTrXlR8ZcZlE2nOC1R9lp58RBIRTFM4wMIH6BgsqhkiG9w0B # CRACLzGB6jCB5zCB5DCBvQQgvEVqi68FUnfv3BsQ3wakuG9bT14aDxawuteb1dbo # FNowgZgwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQ # MA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u # MSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAASig # DoHhNtVPwgAAAAABKDAiBCCJ+5XqIuzDeryoH/zUu2QI6680oYdArH+wXi/l/mfF # STANBgkqhkiG9w0BAQsFAASCAQCP4/BlrYpCcLL96q/zStY3kdsnterGbAIToMjI # KONNHcsjLMJ0jtRNFxEpf1cjV8Jp1kAZVcsuLwvCk8HPQK6fJwJpfpTSmaj40oLJ # S0S02Vyo3oJx3GhE5c6JZ8+kDIOlQ2eW1HFTJU0fh2pNhhEERE2DQx5gjbPf5Rwy # GjU2KrX1IDNhiltkIKIZqJhYycCAHPmmckhpyyqZiVRBUyl0IBGgICNfZ2/uG/Sc # AXq7eUeqlRNM6d0lzJKA+puo6C+N4s4+uN5PKZl4XBdczSLLqTpoBnMTlXn4HjZA # QjfNP0YRSAF8ty8nGf/uRXvJ7IuA4TesfJNUeRXTexAXcL4p # SIG # End signature block |