Preventions
- ID: PV035
- Created: 31st July 2024
- Updated: 31st July 2024
- Platform: Windows
- Contributor: Khaled A. Mohamed
Restrict Disc Media Mounting, Group Policy
Using Group Policy on Windows it is possible to block execute, read, and write operations related to a CD/DVD drive.
In the Group Policy Editor, navigate to:Computer Configuration -> Administrative Templates -> System -> Removable Storage Access
Open the following policies and set them all to Enabled:
CD and DVD: Deny execute access,
CD and DVD: Deny read access,
CD and DVD: Deny write access
Sections
| ID | Name | Description |
|---|---|---|
| IF002.009 | Exfiltration via Disk Media | A subject exfiltrates data using writeable disk media. |