inspec/test/integration/cookbooks/os_prepare/recipes/registry_key.rb

# encoding: utf-8
# author: Alex Pop
#
# change a few Windows registry keys for testing purposes

if node['platform_family'] == 'windows'

  # create test key
  registry_key 'HKLM\System\Test' do
    values [{
      :name => '',
      :type => :string,
      :data => 'test'
    },{
      :name => 'string value',
      :type => :string,
      :data => nil
    },{
      :name => 'binary value',
      :type => :binary,
      :data => 'dfa0f066'
    },{
      :name => 'dword value',
      :type => :dword,
      :data => 0
    },{
      :name => 'qword value',
      :type => :qword,
      :data => 0
    },{
      :name => 'multistring value',
      :type => :multi_string,
      :data => ['test', 'multi','string','data']
    }]
    recursive true
    action :create
  end

  # rule 'windows-audit-103'
  # title 'Configure System Event Log (System)'
  registry_key 'HKLM\Software\Policies\Microsoft\Windows\EventLog\System' do
    values [{ name: 'MaxSize', type: :dword, data: 67_108_864 }]
    recursive true
    action :create
  end

  # rule 'windows-base-101'
  # title 'Safe DLL Search Mode is Enabled'
  registry_key 'HKLM\System\CurrentControlSet\Control\Session Manager' do
    values [{ name: 'SafeDllSearchMode', type: :dword, data: 1 }]
    recursive true
    action :create
  end

  # rule 'windows-base-103'
  # title 'All Shares are Configured to Prevent Anonymous Access'
  registry_key 'HKLM\System\CurrentControlSet\Services\LanManServer\Parameters' do
    values [{ name: 'NullSessionShares', type: :multi_string, data: [] }]
    recursive true
    action :create
  end

  # rule 'windows-ie-101'
  # title 'IE 64-bit tab'
  registry_key 'HKLM\Software\Policies\Microsoft\Internet Explorer\Main' do
    values [{ name: 'Isolation64Bit', type: :dword, data: 1 }]
    recursive true
    action :create
  end

  # rule 'windows-rdp-101'
  # title 'Strong Encryption for Windows Remote Desktop Required'
  registry_key 'HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' do
    values [{ name: 'MinEncryptionLevel', type: :dword, data: 3 }]
    recursive true
    action :create
  end

end
add registry_key recipe and spec tests 2015-11-12 17:56:08 +00:00			`# encoding: utf-8`
			`# author: Alex Pop`
			`#`
			`# change a few Windows registry keys for testing purposes`

add integration test for registry key 2015-11-17 21:12:19 +00:00			`if node['platform_family'] == 'windows'`
add registry_key recipe and spec tests 2015-11-12 17:56:08 +00:00
add integration test for registry key 2015-11-17 21:12:19 +00:00			`# create test key`
			`registry_key 'HKLM\System\Test' do`
			`values [{`
			`:name => '',`
			`:type => :string,`
			`:data => 'test'`
			`},{`
			`:name => 'string value',`
			`:type => :string,`
			`:data => nil`
			`},{`
			`:name => 'binary value',`
			`:type => :binary,`
			`:data => 'dfa0f066'`
			`},{`
			`:name => 'dword value',`
			`:type => :dword,`
			`:data => 0`
			`},{`
			`:name => 'qword value',`
			`:type => :qword,`
			`:data => 0`
			`},{`
			`:name => 'multistring value',`
			`:type => :multi_string,`
			`:data => ['test', 'multi','string','data']`
			`}]`
			`recursive true`
			`action :create`
			`end`
add registry_key recipe and spec tests 2015-11-12 17:56:08 +00:00
add integration test for registry key 2015-11-17 21:12:19 +00:00			`# rule 'windows-audit-103'`
			`# title 'Configure System Event Log (System)'`
			`registry_key 'HKLM\Software\Policies\Microsoft\Windows\EventLog\System' do`
			`values [{ name: 'MaxSize', type: :dword, data: 67_108_864 }]`
			`recursive true`
			`action :create`
			`end`
add registry_key recipe and spec tests 2015-11-12 17:56:08 +00:00
add integration test for registry key 2015-11-17 21:12:19 +00:00			`# rule 'windows-base-101'`
			`# title 'Safe DLL Search Mode is Enabled'`
			`registry_key 'HKLM\System\CurrentControlSet\Control\Session Manager' do`
			`values [{ name: 'SafeDllSearchMode', type: :dword, data: 1 }]`
			`recursive true`
			`action :create`
			`end`

			`# rule 'windows-base-103'`
			`# title 'All Shares are Configured to Prevent Anonymous Access'`
			`registry_key 'HKLM\System\CurrentControlSet\Services\LanManServer\Parameters' do`
			`values [{ name: 'NullSessionShares', type: :multi_string, data: [] }]`
			`recursive true`
			`action :create`
			`end`

			`# rule 'windows-ie-101'`
			`# title 'IE 64-bit tab'`
			`registry_key 'HKLM\Software\Policies\Microsoft\Internet Explorer\Main' do`
			`values [{ name: 'Isolation64Bit', type: :dword, data: 1 }]`
			`recursive true`
			`action :create`
			`end`

			`# rule 'windows-rdp-101'`
			`# title 'Strong Encryption for Windows Remote Desktop Required'`
			`registry_key 'HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' do`
			`values [{ name: 'MinEncryptionLevel', type: :dword, data: 3 }]`
			`recursive true`
			`action :create`
			`end`
add registry_key recipe and spec tests 2015-11-12 17:56:08 +00:00
			`end`