Each security check includes the following properties:
Specifies the type of information that the security check gathers based on the endpoint type, such as SQL Server or IIS. The following are examples of categories:
Audit/Auth Analysis
Data/Databases
Files/Directories
GPO
Internet/Network
Software/Apps
System
User/Groups
When you edit or create a custom security check in the Windows console, you can specify one of the available categories, create a new category, or leave the security check uncategorized.
Provides specific information about how the security check functions.
Describes the concept behind the security check to help you understand why you should run the security check and how the checked parameter or feature fits into the overall security scheme.
Describes the risks that you face by not mitigating the issues that the security check verifies.
Help you solve the risks to bring non-compliant endpoints into compliance with the selected security check.