File Explorer shell protocol must run in protected mode

Hello,

In the current Lab Challenge one of the tasks is to ensure that “File Explorer shell protocol must run in protected mode.”

The instructions on how to fix the issue don’t work in the challenge. I have tried setting both Local Policy and Domain Group Policy to Disabled and Not Configured, as the instructions say to do, but it doesn’t count it as right. The only way to fix this has been through directly changing the regedit key. Looking at the investigation portion of the instructional page, if I directly set the REGEDIT key to what is Not A Finding, it is only then that I pass that task.
Should this task be taken care of by doing a REGEDIT key change in the GPO?
File Explorer shell protocol must run in protected mode. (stigviewer.com)

1 Like

Hi @matthew.stricker15

Check the nondescript GPO.

Ricardo

All vulnerabilities can be solved via GPO. If check RSOP.msc to see what is configuring that setting to not be fixed. Most likely I suspect another GPO is configuring it and is taking precedence over your configured settings.

Would it be possible to have this lab still available after the lab challenge is over? This would be so I can look at it some more l, even after the deadline?

1 Like

Hi @matthew.stricker15

This lab will be available for 28 more days. If you need more time than that let us know to arrange something for you.

Ricardo

1 Like

@matthew.stricker15 like @ricardo.p said I decided to extend the this lab challenge since it had issues in the beginning.

Also I am working on setting up a page where you can at least view archived lab challenges. I will think about adding the ability to launch them as well.

1 Like

Oh wow. Haha. After you said that I didn’t realize that it was literally what you meant.

1 Like

Thanks, I had forgotten about that tool. I did that and found the issue.
I do appreciate these challenges. They are a great learning experience.

3 Likes

Awesome! I am glad to hear it! If you have any ideas for future challenges please let us know.

Have you thought about adding course material for a print server or email server? I know one thing that would be useful for me to learn is how to setup a good email server to relay out alarms from different servers on my network.
Our network is, generally, disconnected from the outside world. So having a central email server that hosts and other servers can send alarms and notifications to would be beneficial. And then that server setup to forwarding those notifications to our business network.
But I do know that whole task involves many parts. Servers, relays, firewall configuration, etc. Any individual concepts learned about that brings me that much closer to my goals.

1 Like

Very interesting idea. What tools are you using to generate alarms and alerts? At Server Academy we use Graylog to send webhook notifications to our internal discord server. Obviously this won’t work in disconnected environments.

I think installing the SMTP server role on a server could work - what do you think? Appendix D: Create the SMTP Server - BizTalk Server | Microsoft Docs

I think it would be great to create some training on this subject.

We use vSphere for server administration. But our antivirus, and other server types, have the option to also send emails notifications.

1 Like