18.5.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled'
Info
This policy setting determines if the SMB client will allow insecure guest logons to an SMB server.
The recommended state for this setting is: 'Disabled'.
Rationale:
Insecure guest logons are used by file servers to allow unauthenticated access to shared folders.
Solution
To establish the recommended configuration via GP, set the following UI path to 'Disabled:'
Computer Configuration\Policies\Administrative Templates\Network\Lanman Workstation\Enable insecure guest logons
Note: This Group Policy path may not exist by default. It is provided by the Group Policy template 'LanmanWorkstation.admx/adml' that is included with the Microsoft Windows 10 Release 1511 Administrative Templates (or newer).
Impact:
The SMB client will reject insecure guest logons.
18.5.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled'
Info
Solution
See Enable insecure guest logons