last sync: 2020-Dec-02 15:37:50 UTC

Azure Policy Initiative

[Deprecated]: Audit Windows VMs that do not match Azure security baseline settings

Name[Deprecated]: Audit Windows VMs that do not match Azure security baseline settings
Azure Portal
Idd618d658-b2d0-410e-9e2e-bfbfd04d09fa
Version1.0.0-deprecated
details on versioning
CategoryGuest Configuration
Microsoft docs
DescriptionThis initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
TypeBuiltIn
DeprecatedTrue
PreviewFalse
History
Date/Time (UTC ymd) (i) Changes
2020-08-21 13:50:30 Name change: 'Audit Windows VMs that do not match Azure security baseline settings' to '[Deprecated]: Audit Windows VMs that do not match Azure security baseline settings'
2020-06-11 19:46:04 Name change: '[Preview]: Audit Windows VMs that do not match Azure security baseline settings' to 'Audit Windows VMs that do not match Azure security baseline settings'
Policy count Total Policies: 58
Builtin Policies: 58
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect State
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - Control Panel' ec7ac234-2af5-4729-94d2-c557c071799d Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - MSS (Legacy)' f1f4825d-58fb-4257-8016-8c00e3c9ed9d Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - Network' 985285b7-b97a-419c-8d48-c88cc934c8d8 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - System' 40917425-69db-4018-8dae-2a0556cef899 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Accounts' e5b81f87-9185-4224-bf00-9f505e9f89f3 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Audit' 498b810c-59cd-4222-9338-352ba146ccf3 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Devices' 6481cc21-ed6e-4480-99dd-ea7c5222e897 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Interactive Logon' 3750712b-43d0-478e-9966-d2c26f6141b9 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Microsoft Network Client' bbcdd8fa-b600-4ee3-85b8-d184e3339652 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Microsoft Network Server' 86880e5c-df35-43c5-95ad-7e120635775e Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Network Access' f56a3ab2-89d1-44de-ac0d-2ada5962e22a Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Network Security' 36e17963-7202-494a-80c3-f508211c826b Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Recovery console' ddc0a4d5-5e08-43d5-9fd9-b586d8d7116b Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Shutdown' 1f8c20ce-3414-4496-8b26-0e902a1541da Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - System objects' 12ae2d24-3805-4b37-9fa9-465968bfbcfa Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - System settings' 437a1f8f-8552-47a8-8b12-a2fee3269dd5 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - User Account Control' e425e402-a050-45e5-b010-bd3f934589fc Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Settings - Account Policies' e3d95ab7-f47a-49d8-a347-784177b6c94c Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Account Logon' c1e289c0-ffad-475d-a924-adc058765d65 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Account Management' 0a9991e6-21be-49f9-8916-a06d934bcf29 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Detailed Tracking' 42a07bbf-ffcf-459a-b4b1-30ecd118a505 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Logon-Logoff' c04255ee-1b9f-42c1-abaa-bf1553f79930 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Object Access' 8e170edb-e0f5-497a-bb36-48b3280cec6a Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Policy Change' 97b595c8-fd10-400e-8543-28e2b9138b13 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Privilege Use' ce2370f6-0ac5-4d85-8ab4-10721cc640b0 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - System' f8b0158d-4766-490f-bea0-259e52dba473 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'User Rights Assignment' 815dcc9f-6662-43f2-9a03-1b83e9876f24 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Components' 7040a231-fb65-4412-8c0a-b365f4866c24 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties' 909c958d-1b99-4c74-b88f-46a5c5bc34f9 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Administrative Templates - Control Panel' 87b590fe-4a1d-4697-ae74-d4fe72ab786c Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Administrative Templates - MSS (Legacy)' 97646672-5efa-4622-9b54-740270ad60bf Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Administrative Templates - Network' 7229bd6a-693d-478a-87f0-1dc1af06f3b8 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Administrative Templates - System' a1e8dda3-9fd2-4835-aec3-0e55531fde33 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Accounts' b872a447-cc6f-43b9-bccf-45703cd81607 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Audit' 21e2995e-683e-497a-9e81-2f42ad07050a Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Devices' 3d7b154e-2700-4c8c-9e46-cb65ac1578c2 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Interactive Logon' c8abcef9-fc26-482f-b8db-5fa60ee4586d Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Microsoft Network Client' fcbc55c9-f25a-4e55-a6cb-33acb3be778b Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Microsoft Network Server' 6fe4ef56-7576-4dc4-8e9c-26bad4b087ce Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Network Access' 30040dab-4e75-4456-8273-14b8f75d91d9 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Network Security' 5c028d2a-1889-45f6-b821-31f42711ced8 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Recovery console' ba12366f-f9a6-42b8-9d98-157d0b1a837b Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - Shutdown' e3a77a94-cf41-4ee8-b45c-98be28841c03 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - System objects' 620e58b5-ac75-49b4-993f-a9d4f0459636 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - System settings' 8a39d1f1-5513-4628-b261-f469a5a3341b Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Options - User Account Control' 29829ec2-489d-4925-81b7-bda06b1718e0 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Security Settings - Account Policies' ddb53c61-9db4-41d4-a953-2abff5b66c12 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Account Logon' bc87d811-4a9b-47cc-ae54-0a41abda7768 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Account Management' 225e937e-d32e-4713-ab74-13ce95b3519a Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Detailed Tracking' a9a33475-481d-4b81-9116-0bf02ffe67e8 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Logon-Logoff' b3802d79-dd88-4bce-b81d-780218e48280 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Object Access' 60aeaf73-a074-417a-905f-7ce9df0ff77b Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Policy Change' dd4680ed-0559-4a6a-ad10-081d14cbb484 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - Privilege Use' 7f4e96d1-e4f3-4dbb-b767-33ca4df8df7c Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'System Audit Policies - System' 7066131b-61a6-4917-a7e4-72e8983f0aa6 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'User Rights Assignment' c961dac9-5916-42e8-8fb1-703148323994 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Windows Components' 9178b430-2295-406e-bb28-f6a7a2a2f897 Guest Configuration Fixed: auditIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs configurations in 'Windows Firewall Properties' 8bbd627e-4d25-4906-9a6e-3789780af3ec Guest Configuration Fixed: auditIfNotExists Deprecated
Json
{
  "properties": {
  "displayName": "[Deprecated]: Audit Windows VMs that do not match Azure security baseline settings",
    "policyType": "BuiltIn",
    "description": "This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
    "metadata": {
      "version": "1.0.0-deprecated",
      "category": "Guest Configuration",
      "deprecated": true
    },
    "parameters": {
      "EnableInsecureGuestLogons": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Enable insecure guest logons",
          "description": "Specifies whether the SMB client will allow insecure guest logons to an SMB server."
        },
        "defaultValue": "0"
      },
      "AllowSimultaneousConnectionsToTheInternetOrAWindowsDomain": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Allow simultaneous connections to the Internet or a Windows Domain",
          "description": "Specify whether to prevent computers from connecting to both a domain based network and a non-domain based network at the same time. A value of 0 allows simultaneous connections, and a value of 1 blocks them."
        },
        "defaultValue": "1"
      },
      "TurnOffMulticastNameResolution": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Turn off multicast name resolution",
          "description": "Specifies whether LLMNR, a secondary name resolution protocol that transmits using multicast over a local subnet link on a single subnet, is enabled."
        },
        "defaultValue": "1"
      },
      "AlwaysUseClassicLogon": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Always use classic logon",
          "description": "Specifies whether to force the user to log on to the computer using the classic logon screen. This setting only works when the computer is not on a domain."
        },
        "defaultValue": "0"
      },
      "BootStartDriverInitializationPolicy": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Boot-Start Driver Initialization Policy",
          "description": "Specifies which boot-start drivers are initialized based on a classification determined by an Early Launch Antimalware boot-start driver."
        },
        "defaultValue": "3"
      },
      "EnableWindowsNTPClient": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Enable Windows NTP Client",
          "description": "Specifies whether the Windows NTP Client is enabled. Enabling the Windows NTP Client allows your computer to synchronize its computer clock with other NTP servers."
        },
        "defaultValue": "1"
      },
      "TurnOnConveniencePINSignin": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Turn on convenience PIN sign-in",
          "description": "Specifies whether a domain user can sign in using a convenience PIN."
        },
        "defaultValue": "0"
      },
      "AccountsGuestAccountStatus": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Accounts: Guest account status",
          "description": "Specifies whether the local Guest account is disabled."
        },
        "defaultValue": "0"
      },
      "AuditShutDownSystemImmediatelyIfUnableToLogSecurityAudits": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit: Shut down system immediately if unable to log security audits",
          "description": "Audits if the system will shut down when unable to log Security events."
        },
        "defaultValue": "0"
      },
      "DevicesAllowedToFormatAndEjectRemovableMedia": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Devices: Allowed to format and eject removable media",
          "description": "Specifies who is allowed to format and eject removable NTFS media. You can use this policy setting to prevent unauthorized users from removing data on one computer to access it on another computer on which they have local administrator privileges."
        },
        "defaultValue": "0"
      },
      "MicrosoftNetworkClientDigitallySignCommunicationsAlways": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Microsoft network client: Digitally sign communications (always)",
          "description": "Specifies whether packet signing is required by the SMB client component."
        },
        "defaultValue": "1"
      },
      "MicrosoftNetworkClientSendUnencryptedPasswordToThirdpartySMBServers": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Microsoft network client: Send unencrypted password to third-party SMB servers",
          "description": "Specifies whether the SMB redirector will send plaintext passwords during authentication to third-party SMB servers that do not support password encryption. It is recommended that you disable this policy setting unless there is a strong business case to enable it."
        },
        "defaultValue": "0"
      },
      "MicrosoftNetworkServerAmountOfIdleTimeRequiredBeforeSuspendingSession": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Microsoft network server: Amount of idle time required before suspending session",
          "description": "Specifies the amount of continuous idle time that must pass in an SMB session before the session is suspended because of inactivity. The format of the value is two integers separated by a comma, denoting an inclusive range."
        },
        "defaultValue": "1,15"
      },
      "MicrosoftNetworkServerDigitallySignCommunicationsAlways": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Microsoft network server: Digitally sign communications (always)",
          "description": "Specifies whether packet signing is required by the SMB server component."
        },
        "defaultValue": "1"
      },
      "MicrosoftNetworkServerDisconnectClientsWhenLogonHoursExpire": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Microsoft network server: Disconnect clients when logon hours expire",
          "description": "Specifies whether to disconnect users who are connected to the local computer outside their user account's valid logon hours. This setting affects the Server Message Block (SMB) component. If you enable this policy setting you should also enable 'Network security: Force logoff when logon hours expire'"
        },
        "defaultValue": "1"
      },
      "NetworkAccessRemotelyAccessibleRegistryPaths": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network access: Remotely accessible registry paths",
          "description": "Specifies which registry paths will be accessible over the network, regardless of the users or groups listed in the access control list (ACL) of the `winreg` registry key."
        },
        "defaultValue": "System\\CurrentControlSet\\Control\\ProductOptions|#|System\\CurrentControlSet\\Control\\Server Applications|#|Software\\Microsoft\\Windows NT\\CurrentVersion"
      },
      "NetworkAccessRemotelyAccessibleRegistryPathsAndSubpaths": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network access: Remotely accessible registry paths and sub-paths",
          "description": "Specifies which registry paths and sub-paths will be accessible over the network, regardless of the users or groups listed in the access control list (ACL) of the `winreg` registry key."
        },
        "defaultValue": "System\\CurrentControlSet\\Control\\Print\\Printers|#|System\\CurrentControlSet\\Services\\Eventlog|#|Software\\Microsoft\\OLAP Server|#|Software\\Microsoft\\Windows NT\\CurrentVersion\\Print|#|Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows|#|System\\CurrentControlSet\\Control\\ContentIndex|#|System\\CurrentControlSet\\Control\\Terminal Server|#|System\\CurrentControlSet\\Control\\Terminal Server\\UserConfig|#|System\\CurrentControlSet\\Control\\Terminal Server\\DefaultUserConfiguration|#|Software\\Microsoft\\Windows NT\\CurrentVersion\\Perflib|#|System\\CurrentControlSet\\Services\\SysmonLog"
      },
      "NetworkAccessSharesThatCanBeAccessedAnonymously": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network access: Shares that can be accessed anonymously",
          "description": "Specifies which network shares can be accessed by anonymous users. The default configuration for this policy setting has little effect because all users have to be authenticated before they can access shared resources on the server."
        },
        "defaultValue": "0"
      },
      "NetworkSecurityConfigureEncryptionTypesAllowedForKerberos": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network Security: Configure encryption types allowed for Kerberos",
          "description": "Specifies the encryption types that Kerberos is allowed to use."
        },
        "defaultValue": "2147483644"
      },
      "NetworkSecurityLANManagerAuthenticationLevel": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network security: LAN Manager authentication level",
          "description": "Specify which challenge-response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers."
        },
        "defaultValue": "5"
      },
      "NetworkSecurityLDAPClientSigningRequirements": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network security: LDAP client signing requirements",
          "description": "Specify the level of data signing that is requested on behalf of clients that issue LDAP BIND requests."
        },
        "defaultValue": "1"
      },
      "NetworkSecurityMinimumSessionSecurityForNTLMSSPBasedIncludingSecureRPCClients": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network security: Minimum session security for NTLM SSP based (including secure RPC) clients",
          "description": "Specifies which behaviors are allowed by clients for applications using the NTLM Security Support Provider (SSP). The SSP Interface (SSPI) is used by applications that need authentication services. See https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers for more information."
        },
        "defaultValue": "537395200"
      },
      "NetworkSecurityMinimumSessionSecurityForNTLMSSPBasedIncludingSecureRPCServers": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Network security: Minimum session security for NTLM SSP based (including secure RPC) servers",
          "description": "Specifies which behaviors are allowed by servers for applications using the NTLM Security Support Provider (SSP). The SSP Interface (SSPI) is used by applications that need authentication services."
        },
        "defaultValue": "537395200"
      },
      "RecoveryConsoleAllowFloppyCopyAndAccessToAllDrivesAndAllFolders": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Recovery console: Allow floppy copy and access to all drives and all folders",
          "description": "Specifies whether to make the Recovery Console SET command available, which allows setting of recovery console environment variables."
        },
        "defaultValue": "0"
      },
      "ShutdownAllowSystemToBeShutDownWithoutHavingToLogOn": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Shutdown: Allow system to be shut down without having to log on",
          "description": "Specifies whether a computer can be shut down when a user is not logged on. If this policy setting is enabled, the shutdown command is available on the Windows logon screen."
        },
        "defaultValue": "0"
      },
      "ShutdownClearVirtualMemoryPagefile": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Shutdown: Clear virtual memory pagefile",
          "description": "Specifies whether the virtual memory pagefile is cleared when the system is shut down. When this policy setting is enabled, the system pagefile is cleared each time that the system shuts down properly. For systems with large amounts of RAM, this could result in substantial time needed to complete the shutdown."
        },
        "defaultValue": "0"
      },
      "SystemSettingsUseCertificateRulesOnWindowsExecutablesForSoftwareRestrictionPolicies": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies",
          "description": "Specifies whether digital certificates are processed when software restriction policies are enabled and a user or process attempts to run software with an .exe file name extension. It enables or disables certificate rules (a type of software restriction policies rule). For certificate rules to take effect in software restriction policies, you must enable this policy setting."
        },
        "defaultValue": "1"
      },
      "UACAdminApprovalModeForTheBuiltinAdministratorAccount": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: UAC: Admin Approval Mode for the Built-in Administrator account",
          "description": "Specifies the behavior of Admin Approval Mode for the built-in Administrator account."
        },
        "defaultValue": "1"
      },
      "UACBehaviorOfTheElevationPromptForAdministratorsInAdminApprovalMode": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: UAC: Behavior of the elevation prompt for administrators in Admin Approval Mode",
          "description": "Specifies the behavior of the elevation prompt for administrators."
        },
        "defaultValue": "2"
      },
      "UACDetectApplicationInstallationsAndPromptForElevation": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: UAC: Detect application installations and prompt for elevation",
          "description": "Specifies the behavior of application installation detection for the computer."
        },
        "defaultValue": "1"
      },
      "UACRunAllAdministratorsInAdminApprovalMode": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: UAC: Run all administrators in Admin Approval Mode",
          "description": "Specifies the behavior of all User Account Control (UAC) policy settings for the computer."
        },
        "defaultValue": "1"
      },
      "EnforcePasswordHistory": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Enforce password history",
          "description": "Specifies limits on password reuse - how many times a new password must be created for a user account before the password can be repeated."
        },
        "defaultValue": "24"
      },
      "MaximumPasswordAge": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Maximum password age",
          "description": "Specifies the maximum number of days that may elapse before a user account password must be changed. The format of the value is two integers separated by a comma, denoting an inclusive range."
        },
        "defaultValue": "1,70"
      },
      "MinimumPasswordAge": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Minimum password age",
          "description": "Specifies the minimum number of days that must elapse before a user account password can be changed."
        },
        "defaultValue": "1"
      },
      "MinimumPasswordLength": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Minimum password length",
          "description": "Specifies the minimum number of characters that a user account password may contain."
        },
        "defaultValue": "14"
      },
      "PasswordMustMeetComplexityRequirements": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Password must meet complexity requirements",
          "description": "Specifies whether a user account password must be complex. If required, a complex password must not contain part of  user's account name or full name; be at least 6 characters long; contain a mix of uppercase, lowercase, number, and non-alphabetic characters."
        },
        "defaultValue": "1"
      },
      "AuditCredentialValidation": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Credential Validation",
          "description": "Specifies whether audit events are generated when credentials are submitted for a user account logon request.  This setting is especially useful for monitoring unsuccessful attempts, to find brute-force attacks, account enumeration, and potential account compromise events on domain controllers."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "Success and Failure"
      },
      "AuditProcessTermination": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Process Termination",
          "description": "Specifies whether audit events are generated when a process has exited. Recommended for monitoring termination of critical processes."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "No Auditing"
      },
      "AuditGroupMembership": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Group Membership",
          "description": "Specifies whether audit events are generated when group memberships are enumerated on the client computer."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "Success"
      },
      "AuditDetailedFileShare": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Detailed File Share",
          "description": "If this policy setting is enabled, access to all shared files and folders on the system is audited. Auditing for Success can lead to very high volumes of events."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "No Auditing"
      },
      "AuditFileShare": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit File Share",
          "description": "Specifies whether to audit events related to file shares: creation, deletion, modification, and access attempts. Also, it shows failed SMB SPN checks. Event volumes can be high on DCs and File Servers."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "No Auditing"
      },
      "AuditFileSystem": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit File System",
          "description": "Specifies whether audit events are generated when users attempt to access file system objects. Audit events are generated only for objects that have configured system access control lists (SACLs)."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "No Auditing"
      },
      "AuditAuthenticationPolicyChange": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Authentication Policy Change",
          "description": "Specifies whether audit events are generated when changes are made to authentication policy. This setting is useful for tracking changes in domain-level and forest-level trust and privileges that are granted to user accounts or groups."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "Success"
      },
      "AuditAuthorizationPolicyChange": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Authorization Policy Change",
          "description": "Specifies whether audit events are generated for assignment and removal of user rights in user right policies, changes in security token object permission, resource attributes changes and Central Access Policy changes for file system objects."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "No Auditing"
      },
      "AuditOtherSystemEvents": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Audit Other System Events",
          "description": "Specifies whether audit events are generated for Windows Firewall Service and Windows Firewall driver start and stop events, failure events for these services and Windows Firewall Service policy processing failures."
        },
        "allowedValues": [
          "No Auditing",
          "Success",
          "Failure",
          "Success and Failure"
        ],
        "defaultValue": "No Auditing"
      },
      "UsersOrGroupsThatMayAccessThisComputerFromTheNetwork": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may access this computer from the network",
          "description": "Specifies which remote users on the network are permitted to connect to the computer. This does not include Remote Desktop Connection."
        },
        "defaultValue": "Administrators, Authenticated Users"
      },
      "UsersOrGroupsThatMayLogOnLocally": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may log on locally",
          "description": "Specifies which users or groups can interactively log on to the computer. Users who attempt to log on via Remote Desktop Connection or IIS also require this user right."
        },
        "defaultValue": "Administrators"
      },
      "UsersOrGroupsThatMayLogOnThroughRemoteDesktopServices": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may log on through Remote Desktop Services",
          "description": "Specifies which users or groups are permitted to log on as a Terminal Services client, Remote Desktop, or for Remote Assistance."
        },
        "defaultValue": "Administrators, Remote Desktop Users"
      },
      "UsersAndGroupsThatAreDeniedAccessToThisComputerFromTheNetwork": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that are denied access to this computer from the network",
          "description": "Specifies which users or groups are explicitly prohibited from connecting to the computer across the network."
        },
        "defaultValue": "Guests"
      },
      "UsersOrGroupsThatMayManageAuditingAndSecurityLog": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may manage auditing and security log",
          "description": "Specifies users and groups permitted to change the auditing options for files and directories and clear the Security log."
        },
        "defaultValue": "Administrators"
      },
      "UsersOrGroupsThatMayBackUpFilesAndDirectories": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may back up files and directories",
          "description": "Specifies users and groups allowed to circumvent file and directory permissions to back up the system."
        },
        "defaultValue": "Administrators, Backup Operators"
      },
      "UsersOrGroupsThatMayChangeTheSystemTime": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may change the system time",
          "description": "Specifies which users and groups are permitted to change the time and date on the internal clock of the computer."
        },
        "defaultValue": "Administrators, LOCAL SERVICE"
      },
      "UsersOrGroupsThatMayChangeTheTimeZone": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may change the time zone",
          "description": "Specifies which users and groups are permitted to change the time zone of the computer."
        },
        "defaultValue": "Administrators, LOCAL SERVICE"
      },
      "UsersOrGroupsThatMayCreateATokenObject": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may create a token object",
          "description": "Specifies which users and groups are permitted to create an access token, which may provide elevated rights to access sensitive data."
        },
        "defaultValue": "No One"
      },
      "UsersAndGroupsThatAreDeniedLoggingOnAsABatchJob": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that are denied logging on as a batch job",
          "description": "Specifies which users and groups are explicitly not permitted to log on to the computer as a batch job (i.e. scheduled task)."
        },
        "defaultValue": "Guests"
      },
      "UsersAndGroupsThatAreDeniedLoggingOnAsAService": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that are denied logging on as a service",
          "description": "Specifies which service accounts are explicitly not permitted to register a process as a service."
        },
        "defaultValue": "Guests"
      },
      "UsersAndGroupsThatAreDeniedLocalLogon": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that are denied local logon",
          "description": "Specifies which users and groups are explicitly not permitted to log on to the computer."
        },
        "defaultValue": "Guests"
      },
      "UsersAndGroupsThatAreDeniedLogOnThroughRemoteDesktopServices": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that are denied log on through Remote Desktop Services",
          "description": "Specifies which users and groups are explicitly not permitted to log on to the computer via Terminal Services/Remote Desktop Client."
        },
        "defaultValue": "Guests"
      },
      "UserAndGroupsThatMayForceShutdownFromARemoteSystem": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: User and groups that may force shutdown from a remote system",
          "description": "Specifies which users and groups are permitted to shut down the computer from a remote location on the network."
        },
        "defaultValue": "Administrators"
      },
      "UsersAndGroupsThatMayRestoreFilesAndDirectories": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that may restore files and directories",
          "description": "Specifies which users and groups are permitted to bypass file, directory, registry, and other persistent object permissions when restoring backed up files and directories."
        },
        "defaultValue": "Administrators, Backup Operators"
      },
      "UsersAndGroupsThatMayShutDownTheSystem": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users and groups that may shut down the system",
          "description": "Specifies which users and groups who are logged on locally to the computers in your environment are permitted to shut down the operating system with the Shut Down command."
        },
        "defaultValue": "Administrators"
      },
      "UsersOrGroupsThatMayTakeOwnershipOfFilesOrOtherObjects": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Users or groups that may take ownership of files or other objects",
          "description": "Specifies which users and groups are permitted to take ownership of files, folders, registry keys, processes, or threads. This user right bypasses any permissions that are in place to protect objects to give ownership to the specified user."
        },
        "defaultValue": "Administrators"
      },
      "SendFileSamplesWhenFurtherAnalysisIsRequired": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Send file samples when further analysis is required",
          "description": "Specifies whether and how Windows Defender will submit samples of suspected malware  to Microsoft for further analysis when opt-in for MAPS telemetry is set."
        },
        "defaultValue": "1"
      },
      "AllowIndexingOfEncryptedFiles": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Allow indexing of encrypted files",
          "description": "Specifies whether encrypted items are allowed to be indexed."
        },
        "defaultValue": "0"
      },
      "AllowTelemetry": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Allow Telemetry",
          "description": "Specifies configuration of the amount of diagnostic and usage data reported to Microsoft. The data is transmitted securely and sensitive data is not sent."
        },
        "defaultValue": "2"
      },
      "AllowUnencryptedTraffic": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Allow unencrypted traffic",
          "description": "Specifies whether the Windows Remote Management (WinRM) service sends and receives unencrypted messages over the network."
        },
        "defaultValue": "0"
      },
      "AlwaysInstallWithElevatedPrivileges": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Always install with elevated privileges",
          "description": "Specifies whether Windows Installer should use system permissions when it installs any program on the system."
        },
        "defaultValue": "0"
      },
      "AlwaysPromptForPasswordUponConnection": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Always prompt for password upon connection",
          "description": "Specifies whether Terminal Services/Remote Desktop Connection always prompts the client computer for a password upon connection."
        },
        "defaultValue": "1"
      },
      "ApplicationSpecifyTheMaximumLogFileSizeKB": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Application: Specify the maximum log file size (KB)",
          "description": "Specifies the maximum size for the Application event log in kilobytes."
        },
        "defaultValue": "32768"
      },
      "AutomaticallySendMemoryDumpsForOSgeneratedErrorReports": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Automatically send memory dumps for OS-generated error reports",
          "description": "Specifies if memory dumps in support of OS-generated error reports can be sent to Microsoft automatically."
        },
        "defaultValue": "1"
      },
      "ConfigureDefaultConsent": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Configure Default consent",
          "description": "Specifies setting of the default consent handling for error reports sent to Microsoft."
        },
        "defaultValue": "4"
      },
      "ConfigureWindowsSmartScreen": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Configure Windows SmartScreen",
          "description": "Specifies how to manage the behavior of Windows SmartScreen. Windows SmartScreen helps keep PCs safer by warning users before running unrecognized programs downloaded from the Internet. Some information is sent to Microsoft about files and programs run on PCs with this feature enabled."
        },
        "defaultValue": "1"
      },
      "DisallowDigestAuthentication": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Disallow Digest authentication",
          "description": "Specifies whether the Windows Remote Management (WinRM) client will not use Digest authentication."
        },
        "defaultValue": "0"
      },
      "DisallowWinRMFromStoringRunAsCredentials": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Disallow WinRM from storing RunAs credentials",
          "description": "Specifies whether the Windows Remote Management (WinRM) service will not allow RunAs credentials to be stored for any plug-ins."
        },
        "defaultValue": "1"
      },
      "DoNotAllowPasswordsToBeSaved": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Do not allow passwords to be saved",
          "description": "Specifies whether to prevent Remote Desktop Services - Terminal Services clients from saving passwords on a computer."
        },
        "defaultValue": "1"
      },
      "SecuritySpecifyTheMaximumLogFileSizeKB": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Security: Specify the maximum log file size (KB)",
          "description": "Specifies the maximum size for the Security event log in kilobytes."
        },
        "defaultValue": "196608"
      },
      "SetClientConnectionEncryptionLevel": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Set client connection encryption level",
          "description": "Specifies whether to require the use of a specific encryption level to secure communications between client computers and RD Session Host servers during Remote Desktop Protocol (RDP) connections. This policy only applies when you are using native RDP encryption."
        },
        "defaultValue": "3"
      },
      "SetTheDefaultBehaviorForAutoRun": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Set the default behavior for AutoRun",
          "description": "Specifies the default behavior for Autorun commands. Autorun commands are generally stored in autorun.inf files. They often launch the installation program or other routines."
        },
        "defaultValue": "1"
      },
      "SetupSpecifyTheMaximumLogFileSizeKB": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Setup: Specify the maximum log file size (KB)",
          "description": "Specifies the maximum size for the Setup event log in kilobytes."
        },
        "defaultValue": "32768"
      },
      "SystemSpecifyTheMaximumLogFileSizeKB": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: System: Specify the maximum log file size (KB)",
          "description": "Specifies the maximum size for the System event log in kilobytes."
        },
        "defaultValue": "32768"
      },
      "TurnOffDataExecutionPreventionForExplorer": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Turn off Data Execution Prevention for Explorer",
          "description": "Specifies whether to turn off Data Execution Prevention for Windows File Explorer. Disabling data execution prevention can allow certain legacy plug-in applications to function without terminating Explorer."
        },
        "defaultValue": "0"
      },
      "SpecifyTheIntervalToCheckForDefinitionUpdates": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Specify the interval to check for definition updates",
          "description": "Specifies an interval at which to check for Windows Defender definition updates. The time value is represented as the number of hours between update checks."
        },
        "defaultValue": "8"
      },
      "WindowsFirewallDomainUseProfileSettings": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Use profile settings",
          "description": "Specifies whether Windows Firewall with Advanced Security uses the settings for the Domain profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainBehaviorForOutboundConnections": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Behavior for outbound connections",
          "description": "Specifies the behavior for outbound connections for the Domain profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallDomainApplyLocalConnectionSecurityRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Apply local connection security rules",
          "description": "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Domain profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainApplyLocalFirewallRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Apply local firewall rules",
          "description": "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Domain profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainDisplayNotifications": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Display notifications",
          "description": "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Domain profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateUseProfileSettings": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Use profile settings",
          "description": "Specifies whether Windows Firewall with Advanced Security uses the settings for the Private profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateBehaviorForOutboundConnections": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Behavior for outbound connections",
          "description": "Specifies the behavior for outbound connections for the Private profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPrivateApplyLocalConnectionSecurityRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Apply local connection security rules",
          "description": "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Private profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateApplyLocalFirewallRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Apply local firewall rules",
          "description": "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Private profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateDisplayNotifications": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Display notifications",
          "description": "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Private profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicUseProfileSettings": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Use profile settings",
          "description": "Specifies whether Windows Firewall with Advanced Security uses the settings for the Public profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicBehaviorForOutboundConnections": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Behavior for outbound connections",
          "description": "Specifies the behavior for outbound connections for the Public profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPublicApplyLocalConnectionSecurityRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Apply local connection security rules",
          "description": "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Public profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicApplyLocalFirewallRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Apply local firewall rules",
          "description": "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Public profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicDisplayNotifications": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Display notifications",
          "description": "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Public profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainAllowUnicastResponse": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall: Domain: Allow unicast response",
          "description": "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Domain profile."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPrivateAllowUnicastResponse": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall: Private: Allow unicast response",
          "description": "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Private profile."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPublicAllowUnicastResponse": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall: Public: Allow unicast response",
          "description": "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Public profile."
        },
        "defaultValue": "1"
      }
    },
    "policyDefinitions": [
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_AdministrativeTemplatesControlPanel",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ec7ac234-2af5-4729-94d2-c557c071799d"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_AdministrativeTemplatesNetwork",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/985285b7-b97a-419c-8d48-c88cc934c8d8",
        "parameters": {
          "EnableInsecureGuestLogons": {
          "value": "[parameters('EnableInsecureGuestLogons')]"
          },
          "AllowSimultaneousConnectionsToTheInternetOrAWindowsDomain": {
          "value": "[parameters('AllowSimultaneousConnectionsToTheInternetOrAWindowsDomain')]"
          },
          "TurnOffMulticastNameResolution": {
          "value": "[parameters('TurnOffMulticastNameResolution')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_AdministrativeTemplatesSystem",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/40917425-69db-4018-8dae-2a0556cef899",
        "parameters": {
          "AlwaysUseClassicLogon": {
          "value": "[parameters('AlwaysUseClassicLogon')]"
          },
          "BootStartDriverInitializationPolicy": {
          "value": "[parameters('BootStartDriverInitializationPolicy')]"
          },
          "EnableWindowsNTPClient": {
          "value": "[parameters('EnableWindowsNTPClient')]"
          },
          "TurnOnConveniencePINSignin": {
          "value": "[parameters('TurnOnConveniencePINSignin')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_AdminstrativeTemplatesMSSLegacy",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f1f4825d-58fb-4257-8016-8c00e3c9ed9d"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsAccounts",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e5b81f87-9185-4224-bf00-9f505e9f89f3",
        "parameters": {
          "AccountsGuestAccountStatus": {
          "value": "[parameters('AccountsGuestAccountStatus')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsAudit",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/498b810c-59cd-4222-9338-352ba146ccf3",
        "parameters": {
          "AuditShutDownSystemImmediatelyIfUnableToLogSecurityAudits": {
          "value": "[parameters('AuditShutDownSystemImmediatelyIfUnableToLogSecurityAudits')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsDevices",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6481cc21-ed6e-4480-99dd-ea7c5222e897",
        "parameters": {
          "DevicesAllowedToFormatAndEjectRemovableMedia": {
          "value": "[parameters('DevicesAllowedToFormatAndEjectRemovableMedia')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsInteractiveLogon",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3750712b-43d0-478e-9966-d2c26f6141b9"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsMicrosoftNetworkClient",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bbcdd8fa-b600-4ee3-85b8-d184e3339652",
        "parameters": {
          "MicrosoftNetworkClientDigitallySignCommunicationsAlways": {
          "value": "[parameters('MicrosoftNetworkClientDigitallySignCommunicationsAlways')]"
          },
          "MicrosoftNetworkClientSendUnencryptedPasswordToThirdpartySMBServers": {
          "value": "[parameters('MicrosoftNetworkClientSendUnencryptedPasswordToThirdpartySMBServers')]"
          },
          "MicrosoftNetworkServerAmountOfIdleTimeRequiredBeforeSuspendingSession": {
          "value": "[parameters('MicrosoftNetworkServerAmountOfIdleTimeRequiredBeforeSuspendingSession')]"
          },
          "MicrosoftNetworkServerDigitallySignCommunicationsAlways": {
          "value": "[parameters('MicrosoftNetworkServerDigitallySignCommunicationsAlways')]"
          },
          "MicrosoftNetworkServerDisconnectClientsWhenLogonHoursExpire": {
          "value": "[parameters('MicrosoftNetworkServerDisconnectClientsWhenLogonHoursExpire')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsMicrosoftNetworkServer",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86880e5c-df35-43c5-95ad-7e120635775e"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsNetworkAccess",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f56a3ab2-89d1-44de-ac0d-2ada5962e22a",
        "parameters": {
          "NetworkAccessRemotelyAccessibleRegistryPaths": {
          "value": "[parameters('NetworkAccessRemotelyAccessibleRegistryPaths')]"
          },
          "NetworkAccessRemotelyAccessibleRegistryPathsAndSubpaths": {
          "value": "[parameters('NetworkAccessRemotelyAccessibleRegistryPathsAndSubpaths')]"
          },
          "NetworkAccessSharesThatCanBeAccessedAnonymously": {
          "value": "[parameters('NetworkAccessSharesThatCanBeAccessedAnonymously')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsNetworkSecurity",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/36e17963-7202-494a-80c3-f508211c826b",
        "parameters": {
          "NetworkSecurityConfigureEncryptionTypesAllowedForKerberos": {
          "value": "[parameters('NetworkSecurityConfigureEncryptionTypesAllowedForKerberos')]"
          },
          "NetworkSecurityLANManagerAuthenticationLevel": {
          "value": "[parameters('NetworkSecurityLANManagerAuthenticationLevel')]"
          },
          "NetworkSecurityLDAPClientSigningRequirements": {
          "value": "[parameters('NetworkSecurityLDAPClientSigningRequirements')]"
          },
          "NetworkSecurityMinimumSessionSecurityForNTLMSSPBasedIncludingSecureRPCClients": {
          "value": "[parameters('NetworkSecurityMinimumSessionSecurityForNTLMSSPBasedIncludingSecureRPCClients')]"
          },
          "NetworkSecurityMinimumSessionSecurityForNTLMSSPBasedIncludingSecureRPCServers": {
          "value": "[parameters('NetworkSecurityMinimumSessionSecurityForNTLMSSPBasedIncludingSecureRPCServers')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsRecoveryconsole",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ddc0a4d5-5e08-43d5-9fd9-b586d8d7116b",
        "parameters": {
          "RecoveryConsoleAllowFloppyCopyAndAccessToAllDrivesAndAllFolders": {
          "value": "[parameters('RecoveryConsoleAllowFloppyCopyAndAccessToAllDrivesAndAllFolders')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsShutdown",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1f8c20ce-3414-4496-8b26-0e902a1541da",
        "parameters": {
          "ShutdownAllowSystemToBeShutDownWithoutHavingToLogOn": {
          "value": "[parameters('ShutdownAllowSystemToBeShutDownWithoutHavingToLogOn')]"
          },
          "ShutdownClearVirtualMemoryPagefile": {
          "value": "[parameters('ShutdownClearVirtualMemoryPagefile')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsSystemobjects",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/12ae2d24-3805-4b37-9fa9-465968bfbcfa"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsSystemsettings",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/437a1f8f-8552-47a8-8b12-a2fee3269dd5",
        "parameters": {
          "SystemSettingsUseCertificateRulesOnWindowsExecutablesForSoftwareRestrictionPolicies": {
          "value": "[parameters('SystemSettingsUseCertificateRulesOnWindowsExecutablesForSoftwareRestrictionPolicies')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecurityOptionsUserAccountControl",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e425e402-a050-45e5-b010-bd3f934589fc",
        "parameters": {
          "UACAdminApprovalModeForTheBuiltinAdministratorAccount": {
          "value": "[parameters('UACAdminApprovalModeForTheBuiltinAdministratorAccount')]"
          },
          "UACBehaviorOfTheElevationPromptForAdministratorsInAdminApprovalMode": {
          "value": "[parameters('UACBehaviorOfTheElevationPromptForAdministratorsInAdminApprovalMode')]"
          },
          "UACDetectApplicationInstallationsAndPromptForElevation": {
          "value": "[parameters('UACDetectApplicationInstallationsAndPromptForElevation')]"
          },
          "UACRunAllAdministratorsInAdminApprovalMode": {
          "value": "[parameters('UACRunAllAdministratorsInAdminApprovalMode')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SecuritySettingsAccountPolicies",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e3d95ab7-f47a-49d8-a347-784177b6c94c",
        "parameters": {
          "EnforcePasswordHistory": {
          "value": "[parameters('EnforcePasswordHistory')]"
          },
          "MaximumPasswordAge": {
          "value": "[parameters('MaximumPasswordAge')]"
          },
          "MinimumPasswordAge": {
          "value": "[parameters('MinimumPasswordAge')]"
          },
          "MinimumPasswordLength": {
          "value": "[parameters('MinimumPasswordLength')]"
          },
          "PasswordMustMeetComplexityRequirements": {
          "value": "[parameters('PasswordMustMeetComplexityRequirements')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesAccountLogon",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c1e289c0-ffad-475d-a924-adc058765d65",
        "parameters": {
          "AuditCredentialValidation": {
          "value": "[parameters('AuditCredentialValidation')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesAccountManagement",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0a9991e6-21be-49f9-8916-a06d934bcf29"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesDetailedTracking",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/42a07bbf-ffcf-459a-b4b1-30ecd118a505",
        "parameters": {
          "AuditProcessTermination": {
          "value": "[parameters('AuditProcessTermination')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesLogonLogoff",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c04255ee-1b9f-42c1-abaa-bf1553f79930",
        "parameters": {
          "AuditGroupMembership": {
          "value": "[parameters('AuditGroupMembership')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesObjectAccess",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8e170edb-e0f5-497a-bb36-48b3280cec6a",
        "parameters": {
          "AuditDetailedFileShare": {
          "value": "[parameters('AuditDetailedFileShare')]"
          },
          "AuditFileShare": {
          "value": "[parameters('AuditFileShare')]"
          },
          "AuditFileSystem": {
          "value": "[parameters('AuditFileSystem')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesPolicyChange",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/97b595c8-fd10-400e-8543-28e2b9138b13",
        "parameters": {
          "AuditAuthenticationPolicyChange": {
          "value": "[parameters('AuditAuthenticationPolicyChange')]"
          },
          "AuditAuthorizationPolicyChange": {
          "value": "[parameters('AuditAuthorizationPolicyChange')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesPrivilegeUse",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ce2370f6-0ac5-4d85-8ab4-10721cc640b0"
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_SystemAuditPoliciesSystem",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f8b0158d-4766-490f-bea0-259e52dba473",
        "parameters": {
          "AuditOtherSystemEvents": {
          "value": "[parameters('AuditOtherSystemEvents')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_UserRightsAssignment",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/815dcc9f-6662-43f2-9a03-1b83e9876f24",
        "parameters": {
          "UsersOrGroupsThatMayAccessThisComputerFromTheNetwork": {
          "value": "[parameters('UsersOrGroupsThatMayAccessThisComputerFromTheNetwork')]"
          },
          "UsersOrGroupsThatMayLogOnLocally": {
          "value": "[parameters('UsersOrGroupsThatMayLogOnLocally')]"
          },
          "UsersOrGroupsThatMayLogOnThroughRemoteDesktopServices": {
          "value": "[parameters('UsersOrGroupsThatMayLogOnThroughRemoteDesktopServices')]"
          },
          "UsersAndGroupsThatAreDeniedAccessToThisComputerFromTheNetwork": {
          "value": "[parameters('UsersAndGroupsThatAreDeniedAccessToThisComputerFromTheNetwork')]"
          },
          "UsersOrGroupsThatMayManageAuditingAndSecurityLog": {
          "value": "[parameters('UsersOrGroupsThatMayManageAuditingAndSecurityLog')]"
          },
          "UsersOrGroupsThatMayBackUpFilesAndDirectories": {
          "value": "[parameters('UsersOrGroupsThatMayBackUpFilesAndDirectories')]"
          },
          "UsersOrGroupsThatMayChangeTheSystemTime": {
          "value": "[parameters('UsersOrGroupsThatMayChangeTheSystemTime')]"
          },
          "UsersOrGroupsThatMayChangeTheTimeZone": {
          "value": "[parameters('UsersOrGroupsThatMayChangeTheTimeZone')]"
          },
          "UsersOrGroupsThatMayCreateATokenObject": {
          "value": "[parameters('UsersOrGroupsThatMayCreateATokenObject')]"
          },
          "UsersAndGroupsThatAreDeniedLoggingOnAsABatchJob": {
          "value": "[parameters('UsersAndGroupsThatAreDeniedLoggingOnAsABatchJob')]"
          },
          "UsersAndGroupsThatAreDeniedLoggingOnAsAService": {
          "value": "[parameters('UsersAndGroupsThatAreDeniedLoggingOnAsAService')]"
          },
          "UsersAndGroupsThatAreDeniedLocalLogon": {
          "value": "[parameters('UsersAndGroupsThatAreDeniedLocalLogon')]"
          },
          "UsersAndGroupsThatAreDeniedLogOnThroughRemoteDesktopServices": {
          "value": "[parameters('UsersAndGroupsThatAreDeniedLogOnThroughRemoteDesktopServices')]"
          },
          "UserAndGroupsThatMayForceShutdownFromARemoteSystem": {
          "value": "[parameters('UserAndGroupsThatMayForceShutdownFromARemoteSystem')]"
          },
          "UsersAndGroupsThatMayRestoreFilesAndDirectories": {
          "value": "[parameters('UsersAndGroupsThatMayRestoreFilesAndDirectories')]"
          },
          "UsersAndGroupsThatMayShutDownTheSystem": {
          "value": "[parameters('UsersAndGroupsThatMayShutDownTheSystem')]"
          },
          "UsersOrGroupsThatMayTakeOwnershipOfFilesOrOtherObjects": {
          "value": "[parameters('UsersOrGroupsThatMayTakeOwnershipOfFilesOrOtherObjects')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_WindowsComponents",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7040a231-fb65-4412-8c0a-b365f4866c24",
        "parameters": {
          "SendFileSamplesWhenFurtherAnalysisIsRequired": {
          "value": "[parameters('SendFileSamplesWhenFurtherAnalysisIsRequired')]"
          },
          "AllowIndexingOfEncryptedFiles": {
          "value": "[parameters('AllowIndexingOfEncryptedFiles')]"
          },
          "AllowTelemetry": {
          "value": "[parameters('AllowTelemetry')]"
          },
          "AllowUnencryptedTraffic": {
          "value": "[parameters('AllowUnencryptedTraffic')]"
          },
          "AlwaysInstallWithElevatedPrivileges": {
          "value": "[parameters('AlwaysInstallWithElevatedPrivileges')]"
          },
          "AlwaysPromptForPasswordUponConnection": {
          "value": "[parameters('AlwaysPromptForPasswordUponConnection')]"
          },
          "ApplicationSpecifyTheMaximumLogFileSizeKB": {
          "value": "[parameters('ApplicationSpecifyTheMaximumLogFileSizeKB')]"
          },
          "AutomaticallySendMemoryDumpsForOSgeneratedErrorReports": {
          "value": "[parameters('AutomaticallySendMemoryDumpsForOSgeneratedErrorReports')]"
          },
          "ConfigureDefaultConsent": {
          "value": "[parameters('ConfigureDefaultConsent')]"
          },
          "ConfigureWindowsSmartScreen": {
          "value": "[parameters('ConfigureWindowsSmartScreen')]"
          },
          "DisallowDigestAuthentication": {
          "value": "[parameters('DisallowDigestAuthentication')]"
          },
          "DisallowWinRMFromStoringRunAsCredentials": {
          "value": "[parameters('DisallowWinRMFromStoringRunAsCredentials')]"
          },
          "DoNotAllowPasswordsToBeSaved": {
          "value": "[parameters('DoNotAllowPasswordsToBeSaved')]"
          },
          "SecuritySpecifyTheMaximumLogFileSizeKB": {
          "value": "[parameters('SecuritySpecifyTheMaximumLogFileSizeKB')]"
          },
          "SetClientConnectionEncryptionLevel": {
          "value": "[parameters('SetClientConnectionEncryptionLevel')]"
          },
          "SetTheDefaultBehaviorForAutoRun": {
          "value": "[parameters('SetTheDefaultBehaviorForAutoRun')]"
          },
          "SetupSpecifyTheMaximumLogFileSizeKB": {
          "value": "[parameters('SetupSpecifyTheMaximumLogFileSizeKB')]"
          },
          "SystemSpecifyTheMaximumLogFileSizeKB": {
          "value": "[parameters('SystemSpecifyTheMaximumLogFileSizeKB')]"
          },
          "TurnOffDataExecutionPreventionForExplorer": {
          "value": "[parameters('TurnOffDataExecutionPreventionForExplorer')]"
          },
          "SpecifyTheIntervalToCheckForDefinitionUpdates": {
          "value": "[parameters('SpecifyTheIntervalToCheckForDefinitionUpdates')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Deploy_AzureBaseline_WindowsFirewallProperties",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/909c958d-1b99-4c74-b88f-46a5c5bc34f9",
        "parameters": {
          "WindowsFirewallDomainUseProfileSettings": {
          "value": "[parameters('WindowsFirewallDomainUseProfileSettings')]"
          },
          "WindowsFirewallDomainBehaviorForOutboundConnections": {
          "value": "[parameters('WindowsFirewallDomainBehaviorForOutboundConnections')]"
          },
          "WindowsFirewallDomainApplyLocalConnectionSecurityRules": {
          "value": "[parameters('WindowsFirewallDomainApplyLocalConnectionSecurityRules')]"
          },
          "WindowsFirewallDomainApplyLocalFirewallRules": {
          "value": "[parameters('WindowsFirewallDomainApplyLocalFirewallRules')]"
          },
          "WindowsFirewallDomainDisplayNotifications": {
          "value": "[parameters('WindowsFirewallDomainDisplayNotifications')]"
          },
          "WindowsFirewallPrivateUseProfileSettings": {
          "value": "[parameters('WindowsFirewallPrivateUseProfileSettings')]"
          },
          "WindowsFirewallPrivateBehaviorForOutboundConnections": {
          "value": "[parameters('WindowsFirewallPrivateBehaviorForOutboundConnections')]"
          },
          "WindowsFirewallPrivateApplyLocalConnectionSecurityRules": {
          "value": "[parameters('WindowsFirewallPrivateApplyLocalConnectionSecurityRules')]"
          },
          "WindowsFirewallPrivateApplyLocalFirewallRules": {
          "value": "[parameters('WindowsFirewallPrivateApplyLocalFirewallRules')]"
          },
          "WindowsFirewallPrivateDisplayNotifications": {
          "value": "[parameters('WindowsFirewallPrivateDisplayNotifications')]"
          },
          "WindowsFirewallPublicUseProfileSettings": {
          "value": "[parameters('WindowsFirewallPublicUseProfileSettings')]"
          },
          "WindowsFirewallPublicBehaviorForOutboundConnections": {
          "value": "[parameters('WindowsFirewallPublicBehaviorForOutboundConnections')]"
          },
          "WindowsFirewallPublicApplyLocalConnectionSecurityRules": {
          "value": "[parameters('WindowsFirewallPublicApplyLocalConnectionSecurityRules')]"
          },
          "WindowsFirewallPublicApplyLocalFirewallRules": {
          "value": "[parameters('WindowsFirewallPublicApplyLocalFirewallRules')]"
          },
          "WindowsFirewallPublicDisplayNotifications": {
          "value": "[parameters('WindowsFirewallPublicDisplayNotifications')]"
          },
          "WindowsFirewallDomainAllowUnicastResponse": {
          "value": "[parameters('WindowsFirewallDomainAllowUnicastResponse')]"
          },
          "WindowsFirewallPrivateAllowUnicastResponse": {
          "value": "[parameters('WindowsFirewallPrivateAllowUnicastResponse')]"
          },
          "WindowsFirewallPublicAllowUnicastResponse": {
          "value": "[parameters('WindowsFirewallPublicAllowUnicastResponse')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_AdministrativeTemplatesControlPanel",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/87b590fe-4a1d-4697-ae74-d4fe72ab786c"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_AdministrativeTemplatesNetwork",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7229bd6a-693d-478a-87f0-1dc1af06f3b8"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_AdministrativeTemplatesSystem",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a1e8dda3-9fd2-4835-aec3-0e55531fde33"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_AdminstrativeTemplatesMSSLegacy",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/97646672-5efa-4622-9b54-740270ad60bf"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsAccounts",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b872a447-cc6f-43b9-bccf-45703cd81607"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsAudit",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/21e2995e-683e-497a-9e81-2f42ad07050a"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsDevices",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3d7b154e-2700-4c8c-9e46-cb65ac1578c2"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsInteractiveLogon",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c8abcef9-fc26-482f-b8db-5fa60ee4586d"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsMicrosoftNetworkClient",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fcbc55c9-f25a-4e55-a6cb-33acb3be778b"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsMicrosoftNetworkServer",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6fe4ef56-7576-4dc4-8e9c-26bad4b087ce"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsNetworkAccess",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/30040dab-4e75-4456-8273-14b8f75d91d9"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsNetworkSecurity",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5c028d2a-1889-45f6-b821-31f42711ced8"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsRecoveryconsole",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ba12366f-f9a6-42b8-9d98-157d0b1a837b"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsShutdown",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e3a77a94-cf41-4ee8-b45c-98be28841c03"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsSystemobjects",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/620e58b5-ac75-49b4-993f-a9d4f0459636"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsSystemsettings",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8a39d1f1-5513-4628-b261-f469a5a3341b"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecurityOptionsUserAccountControl",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/29829ec2-489d-4925-81b7-bda06b1718e0"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SecuritySettingsAccountPolicies",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ddb53c61-9db4-41d4-a953-2abff5b66c12"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesAccountLogon",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bc87d811-4a9b-47cc-ae54-0a41abda7768"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesAccountManagement",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/225e937e-d32e-4713-ab74-13ce95b3519a"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesDetailedTracking",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a9a33475-481d-4b81-9116-0bf02ffe67e8"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesLogonLogoff",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b3802d79-dd88-4bce-b81d-780218e48280"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesObjectAccess",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/60aeaf73-a074-417a-905f-7ce9df0ff77b"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesPolicyChange",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/dd4680ed-0559-4a6a-ad10-081d14cbb484"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesPrivilegeUse",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7f4e96d1-e4f3-4dbb-b767-33ca4df8df7c"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_SystemAuditPoliciesSystem",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7066131b-61a6-4917-a7e4-72e8983f0aa6"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_UserRightsAssignment",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c961dac9-5916-42e8-8fb1-703148323994"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_WindowsComponents",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9178b430-2295-406e-bb28-f6a7a2a2f897"
      },
      {
        "policyDefinitionReferenceId": "Audit_AzureBaseline_WindowsFirewallProperties",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8bbd627e-4d25-4906-9a6e-3789780af3ec"
      }
    ]
  },
  "id": "/providers/Microsoft.Authorization/policySetDefinitions/d618d658-b2d0-410e-9e2e-bfbfd04d09fa",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "d618d658-b2d0-410e-9e2e-bfbfd04d09fa"
}