Copilot Recommended Changes

Author: MrAutomater

source/StigData/Processed/WindowsServer-2019-MS-3.6.xml

@@ -2667,7 +2667,7 @@ Inherited from - "None" for all
 Principal - Access - Applies to
 SYSTEM - Full Control - This key and subkeys
 Administrators - Special - This key and subkeys
-Server Operators – Read – This Key and subkeys    (Domain controllers only)
+Server Operators - Read - This Key and subkeys    (Domain controllers only)
 Other examples under the noted keys may also be sampled. There may be some instances where non-privileged groups have greater than Read permission.
 Microsoft has given Read permission to the SOFTWARE and SYSTEM registry keys in Windows Server 2019 to the following SID, this is currently not a finding.
 S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681
@@ -5564,15 +5564,15 @@ Verify if Windows Defender is in use or enabled:
 
 Open "PowerShell".
 
-Enter “get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName”
+Enter "get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName"
 
 Verify if third-party anti-virus is in use or enabled:
 
 Open "PowerShell".
 
-Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName”
+Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName"
 
-Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName”
+Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName"
 </RawString>
       <ServiceName>
       </ServiceName>

source/StigData/Processed/WindowsServer-2022-DC-2.6.org.default.xml

@@ -79,7 +79,7 @@ By using this IS (which includes any device attached to this IS), you consent to
   <!-- Ensure ''V-254290'' -ne '0'-->
   <OrganizationalSetting id="V-254290" PolicyValue="1" />
   <!-- Ensure ''V-254291'' -ge '14'-->
-  <OrganizationalSetting id="V-254291" PolicyValue="14 " />
+  <OrganizationalSetting id="V-254291" PolicyValue="14" />
   <!-- Ensure ''V-254447'' -ne 'Administrator'-->
   <OrganizationalSetting id="V-254447" OptionValue="" />
   <!-- Ensure ''V-254448'' -ne 'Guest'-->

source/StigData/Processed/WindowsServer-2022-MS-2.6.org.default.xml

@@ -23,7 +23,7 @@
   <!-- Ensure ''V-254360'' -ge '32768'-->
   <OrganizationalSetting id="V-254360" ValueData="32768" />
   <!-- Ensure ''V-254432'' -le '4'-->
-  <OrganizationalSetting id="V-254432" ValueData=" 4" />
+  <OrganizationalSetting id="V-254432" ValueData="4" />
   <!-- Ensure location for DoD Root CA 3 certificate is present-->
   <OrganizationalSetting id="V-254442.a" Location="" />
   <!-- Ensure location for DoD Root CA 4 certificate is present-->

source/StigData/Processed/WindowsServer-2022-MS-2.6.xml

@@ -1141,7 +1141,7 @@ Select "Disk Management" under "Storage".
 For each local volume, if the file system does not indicate "NTFS", this is a finding.
 
 "ReFS" (resilient file system) is also acceptable and is not a finding.
-CSV ( Cluster Shared Volumes) is not a finding.
+CSV (Cluster Shared Volumes) is not a finding.
 
 This does not apply to system partitions such the Recovery and EFI System Partition.</RawString>
     </Rule>
@@ -1308,7 +1308,7 @@ Navigate to Local Computer Policy &gt;&gt; Computer Configuration &gt;&gt; Admin
 
 Verify LAPS Operational logs &gt;&gt; Event Viewer &gt;&gt; Applications and Services Logs &gt;&gt; Microsoft &gt;&gt; Windows &gt;&gt; LAPS &gt;&gt; Operational. Verify LAPS policy process is completing. If it is not, this is a finding.
 
-If the server is not a member of a domain this not applicable.</RawString>
+If the server is not a member of a domain, this not applicable.</RawString>
     </Rule>
     <Rule id="V-254240" severity="high" conversionstatus="pass" title="SRG-OS-000480-GPOS-00227" dscresource="None">
       <Description>&lt;VulnDiscussion&gt;Using applications that access the internet or have potential internet sources using administrative privileges exposes a system to compromise. If a flaw in an application is exploited while running as a privileged user, the entire system could be compromised. Web browsers and email are common attack vectors for introducing malicious code and must not be run with an administrative account.