SMB Version 1
The Windows machine basic compliance benchmark provides a simple way to check that the dated and vulnerable SMB version protocol has been disabled.
This setting can be evaluated in a number of ways.
Windows Server 2012 R2 and above
The "FS-SMB1" server feature is evaluated, if the feature is disabled the test passes.
If the server feature is enabled, or not available, the registry checks described below are performed.
Windows 8.1 and above
The "SMB1Protocol-Server" is first evaluated if available, otherwise the "SMB1Protocol" feature is evaluated. If the optional feature is disabled the test passes.
If the optional feature is enabled, or not available, the registry checks described below are performed.