How to check the Kernel DMA protection status with Powershell or CMD

IT 26 Reputation points
2022-11-03T17:50:17.853+00:00

Good Afternoon guys,

I trust this messages finds you very well.

I need to user a script to identify the devices that are compatible with Kernel DMA Protection so that i could use another script to activate this fonctionality.

I am noob with powershell/cmd, and I havent been able to get the DMA status with Powershell even if it is possible to see it with the System Information tool:

Kernel DMA Protection in System Info

256914-image.png

Nevertheless, when I use powershell to check the status:

Get-ComputerInfo | Select-Object -ExpandProperty DeviceGuardAvailableSecurityProperties

BaseVirtualizationSupport DMAProtection SecureMemoryOverwrite 5 6 7 8

I just cant find the property right value so that i could verify if Kernel DMA PRotection is available or not.

Can you please help me with this guys?

Thank you and best regards,

Peace.

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
4,898 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Michael Taylor 41,631 Reputation points
    2022-11-03T18:09:03.233+00:00

    It's possible but not simple. Refer to this Github link that provides the PS code you need to do it. Read the remarks to ensure you understand what the differences are between what you might see in the UI and what you get via the script.

    2 people found this answer helpful.
    0 comments