I am looking at the best way to configure the DISA STIG group policy settings for Windows 10 Enterprise. Ideally DISA would provide a official group policy backup /template file with all the settings configured in their STIG files, allowing administrators to easily import the complete set of settings directly into an actual GPO for testing / deployment.
Unfortunately I have checked with DISA and they indicated they do not provide an actual GPO backup, they indicated that administrators must configure the settings themselves based on their guidance in the STIG. So this appears to mean the only way to get the STIG settings into a actual GPO is to manually configure each of the 200+ settings in the GPO.
I am wondering if anyone is aware of a better or easier way to configure/import DISA STIG settings into a GPO. I see other threads on this regarding using the Microsoft Security Compliance Manager to somehow accomplish this but I have yet to find a solution that would actually work in this scenerio.
DISA provides a Manual-xccdf.xml file which contains all the STIG settings and that is able to be imported into STIG view application as well as other compliance tools. Unfortunately this file can't be imported into the Microsoft SCM to allow a backup to be created.
Is anyone aware of a way to import this xccdf content into the Microsoft SCM?