[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*


CCE-18796-3
Security: The setting to configure dual monitor emulation should be configured as appropriate.

CCE-4036-0
The "Turn on the Internet Connection Wizard Auto Detect" setting should be configured correctly.

CCE-4412-3
Do not preserve zone information in file attachments should be set correcly.

CCE-3043-7
The startup type of the Terminal Services service should be correct.

CCE-18870-6
The Windows XP 'Internet Information Services' component should be installed or not installed as appropriate.

CCE-5200-1
Turn off downloading of print drivers over HTTP

CCE-2713-6
The startup type of the ClipBook service should be correct.

CCE-8400-4
The "Do not display 'Install Updates and Shut Down' option in the Shut Down Windows dialog box" setting should be configured correctly.

CCE-4641-7
The "Turn Off Registration if URL Connection is Referring to Microsoft.com" setting should be configured correctly.

CCE-5136-7
The "Display Error Notification" setting should be configured correctly.

CCE-2910-8
The startup type of the Indexing service should be correct.

CCE-2826-6
The "Disable Media Player for automatic updates" policy should be set correctly.

CCE-2849-8
The startup type of the Fax service should be correct.

CCE-4707-6
The "Turn Off Internet Connection Wizard if URL Connection is Referring to Microsoft.com" setting should be configured correctly.

CCE-2880-3
The startup type of the Computer Browser service should be correct.

CCE-4224-2
Turn off the Windows Messenger Customer Experience Improvement Program

CCE-5121-9
The "Turn Off Internet File Association Service" setting should be configured correctly.

CCE-3122-9
The Network DDE DDE Share Database Manager (DSDM) service should be enabled or disabled as appropriate.

CCE-4513-8
Turn off printing over HTTP

CCE-3035-3
The startup type of the Routing and Remote Access service should be correct.

CCE-3265-6
The WMI Performance Adapter service should be enabled or disabled as appropriate.

CCE-4887-6
The "Turn off the 'Publish to Web' task for files and folders" setting should be configured correctly.

CCE-2661-7
The startup type of the SSDP Discovery service should be correct.

CCE-3034-6
The startup type of the Alerter service should be correct.

CCE-5022-9
The "Prohibit use of Internet Connection Firewall on your DNS domain network" setting should be configured correctly.

CCE-2915-7
The startup type of the Messenger service should be correct.

CCE-8406-1
The "Reschedule Automatic Updates scheduled installations" setting should be enabled or disabled as appropriate.

CCE-3131-0
The Network Dynamic Data Exchange (DDE) service should be enabled or disabled as appropriate.

CCE-2818-3
The startup type of the Background Intelligent Transfer Service (BITS) service should be correct.

CCE-18782-3
The 'Allow users to connect remotely using Terminal Services' setting should be configured correctly.

CCE-2326-7
The startup type of the Telnet service should be correct.

CCE-5055-9
Turn off Search Companion content file updates

CCE-3005-6
The "Strengthen Default Permissions of Global System Objects" policy should be set correctly.

CCE-3236-7
The Error Reporting Service should be enabled or disabled as appropriate.

CCE-2173-3
Installation and Configuration of Network Bridge on the DNS Domain Network should be properly configured.

CCE-18307-9
The Windows XP 'SimpleTCP Services' component should be installed or not installed as appropriate.

CCE-3038-7
The "Enable Error Reporting" policy should be set correctly.

CCE-3026-2
The startup type of the Internet Connection Sharing service should be correct.

CCE-8375-8
The "No auto-restart for scheduled Automatic Updates installations" policy should be set correctly.

CCE-5053-4
Group Policy - Registry policy processing

CCE-5099-7
Turn off Internet download for Web publishing and online ordering wizards

CCE-5042-7
Hide mechanisms to remove zone information should be set correcly.

CCE-2950-4
The startup type of the Fast User Switching service should be correct.

CCE-3100-5
Use Classic Logon should be properly configured.

CCE-4953-6
The "Turn Off Event Views 'Events.asp' Links" setting should be configured correctly.

CCE-3048-6
The startup type of the Universal Plug and Play Device Host (UPnP) service should be correct.

CCE-5194-6
The startup type of Microsoft Peer-to-Peer Networking Services should be configured correctly.

CCE-2888-6
The startup type of the FTP Publishing service should be correct.

CCE-18099-2
DEPRECATED. [Was: "The 'Configure Windows NTP Client' setting should be configured correctly." The enabled/disabled/not configured status of this GPO (see CCE Technical Mechanisms) does not itself affect the configuration of aspects of the Windows NTP Client; it only controls whether Group Policy ...

CCE-2830-8
The "Set Safe for Scripting" policy should be set correctly.

CCE-2942-1
The startup type of the World Wide Web Publishing service should be correct.

CCE-4791-0
The "Do Not Show First Use Dialog Boxes" setting for Windows Media Player should be configured correctly.

CCE-3291-2
The WebClient service should be enabled or disabled as appropriate.

CCE-3007-2
The "Allow Solicited Remote Assistance" policy should be set correctly for Terminal Services.

CCE-2494-3
The Wireless Zero Configuration service should be enabled or disabled as appropriate.

CCE-5072-4
The "Turn Off the 'Order Prints' Picture Task" setting should be configured correctly.

CCE-3116-1
The "Set Client connection Encryption Level" policy should be set correctly for Terminal Services.

CCE-2692-2
The "Disconnect clients when logon hours expire" policy should be set correctly.

CCE-2726-8
The required permissions for the file %SystemRoot%\System32\cacls.exe should be assigned.

CCE-2955-3
The "Audit the use of backup and restore privilege" policy should be set correctly.

CCE-1937-2
The required permissions for the file %SystemRoot%\System32\tlntsvr.exe should be assigned.

CCE-2759-9
Auditing of "policy change" events on failure should be enabled or disabled as appropriate..

CCE-4270-5
The "Turn off shell protocol protected mode" setting should be configured correctly.

CCE-2824-1
ICMP Redirects should be properly configured.

CCE-3088-2
The "Do not allow storage of credentials or .NET Passports" policy should be set correctly.

CCE-2147-7
The behavior surrounding Anonymous users' abiliity to display lists of SAM accounts should be correct.

CCE-3053-6
The "Digitally Sign Server Communication (Always)" policy should be set correctly.

CCE-2178-2
The required permissions for the file %SystemRoot%\System32\net.exe should be assigned.

CCE-2802-7
The "Digitally Sign Client Communication (When Possible)" policy should be set correctly.

CCE-2957-9
The "Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders" policy should be set correctly.

CCE-3162-5
The "Audit the access of global system objects" policy should be set correctly.

CCE-2683-1
The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate.

CCE-2901-7
The screen saver should be enabled or disabled as appropriate for the default user.

CCE-3150-0
The "Named Pipes that can be accessed anonymously" policy should be set correctly.

CCE-2935-5
The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly.

CCE-2145-1
The required permissions for the file %SystemRoot%\System32\eventcreate.exe should be assigned.

CCE-2220-2
The required permissions for the file %SystemRoot%\System32\reg.exe should be assigned.

CCE-2213-7
MSS:(TCPMaxConnectResponseRetransmission) SYN-ACK retansmissions when a connection request is not acknowledged

CCE-3036-1
The "Shares that can be accessed anonymously" policy should be set correctly.

CCE-2718-5
TCP/IP Dead Gateway Detection should be properly configured.

CCE-2902-5
Auditing of "account management" events on success should be enabled or disabled as appropriate..

CCE-3111-2
The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly.

CCE-2804-3
The behavior surrounding Anonymous users' abiliity to display lists of SAM accounts and shares should be correct.

CCE-2891-0
The "Disable CTRL+ALT+Delete Requirement for Logon" policy should be set correctly.

CCE-5059-1
Notify antivirus programs when opening attachments should be set correcly.

CCE-2926-4
The "LAN Manager Authentication Level" policy should be set correctly.

CCE-2344-0
The "Limit local account user of blank passwords to console logon only" policy should be set correctly.

CCE-3156-7
The "Minimum session security for NTLM SSP based clients" policy should be set correctly.

CCE-3133-6
The "Smart Card Removal Behavior" policy should be set correctly.

CCE-3110-4
The "Let Everyone permissions apply to anonymous users" policy should be set correctly.

CCE-2672-4
The required permissions for the file %SystemRoot%\System32\net1.exe should be assigned.

CCE-3058-5
The "Sharing and security model for local accounts" policy should be set correctly.

CCE-3132-8
IP Source Routing should be properly configured.

CCE-3155-9
The "Remotely accessible registry paths" policy should be set correctly.

CCE-2652-6
IRDP should be properly configured.

CCE-2991-8
The "LDAP client signing requirements" policy should be set correctly.

CCE-2312-7
The required permissions for the file %SystemRoot%\System32\attrib.exe should be assigned.

CCE-2674-0
The required permissions for the file %SystemRoot%\System32\Rsh.exe should be assigned.

CCE-3044-5
Kerberos and RSVP Traffic Protected by IPSec should be properly configured.

CCE-2916-5
TCP/IP SYN Flood Attack Protection should be properly configured.

CCE-2784-7
The required permissions for the file %SystemRoot%\System32\Rcp.exe should be assigned.

CCE-2894-4
The required permissions for the file %SystemRoot%\System32\regsvr32.exe should be assigned.

CCE-2206-1
Auditing of "directory service access" events on failure should be enabled or disabled as appropriate..

CCE-2993-4
The "Do not store LAN Manager hash value on next password change" policy should be set correctly.

CCE-2184-0
The required permissions for the file %SystemRoot%\System32\at.exe should be assigned.

CCE-2699-7
The required permissions for the file %SystemRoot%\System32\debug.exe should be assigned.

CCE-2797-9
The required permissions for the file %SystemRoot%\System32\systeminfo.exe should be assigned.

CCE-2983-5
The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly.

CCE-1909-1
The required permissions for the file %SystemRoot%\System32\edlin.exe should be assigned.

CCE-3027-0
The "Digitally Sign Client Communication (Always)" policy should be set correctly.

CCE-2918-1
Auditing of "privilege use" events on failure should be enabled or disabled as appropriate..

CCE-2313-5
The "Prevent System Maintenance of Computer Account Password" policy should be set correctly.

CCE-2052-9
The required permissions for the directory %SystemRoot%\System32\arp.exe should be assigned.

CCE-2873-8
The "Restrict Floppy Access to Locally Logged-On User Only" policy should be set correctly.

CCE-2688-0
The "Digitally Sign Server Communication (When Possible)" policy should be set correctly.

CCE-2731-8
The required permissions for the file %SystemRoot%\System32\tftp.exe should be assigned.

CCE-2766-4
Auditing of "object access" events on failure should be enabled or disabled as appropriate..

CCE-2789-6
The "Prevent Users from Installing Printer Drivers" policy should be set correctly.

CCE-4952-8
The required permissions for the file %SystemRoot%\System32\mshta.exe should be assigned.

CCE-3049-4
The "Send Unencrypted Password to Connect to Third-Party SMB Servers" policy should be set correctly.

CCE-2239-2
MSS:(TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted

CCE-2799-5
The "Minimum session security for NTLM SSP based servers" policy should be set correctly.

CCE-2841-5
Safe DLL Search Mode should be properly configured.

CCE-2436-4
The required permissions for the file %SystemRoot%\System32\eventtriggers.exe should be assigned.

CCE-2788-8
The required permissions for the file %SystemRoot%\System32\subst.exe should be assigned.

CCE-2973-6
The behavior surrounding Anonymous SID/Name translation should be correct.

CCE-2546-0
The required permissions for the file %SystemRoot%\System32\route.exe should be assigned.

CCE-2176-6
The required permissions for the file %SystemRoot%\System32\sc.exe should be assigned.

CCE-2710-2
Autoplay on all Drive Types should be properly configured.

CCE-3172-4
The "Require Domain Controller authentication to unlock workstation" policy should be set correctly.

CCE-2842-3
The "Default owner for objects created by members of the Administrators group" policy should be set correctly.

CCE-2974-4
The "Restrict CD-ROM Access to Locally Logged-On User Only" policy should be set correctly.

CCE-2899-3
The required permissions for the file %SystemRoot%\System32\Rexec.exe should be assigned.

CCE-3118-7
TCP/IP NetBIOS Name Release on Request Prevented should be properly configured.

CCE-2987-6
The "Require Case Insensitivity for Non-Windows Sybsystems" policy should be set correctly.

CCE-2843-1
Auditing of "system" events on failure should be enabled or disabled as appropriate..

CCE-3106-2
The "Number of Previous Logons to Cache" policy should be set correctly.

CCE-3061-9
Security Audit log warning level should be properly configured.

CCE-3008-0
Auditing of "account logon" events on failure should be enabled or disabled as appropriate..

CCE-3128-6
The "Clear Virtual Memory Pagefile at shutdown" policy should be set correctly.

CCE-2930-6
Display Last User Name in Logon Screen should be properly configured.

CCE-1916-6
The required permissions for the file %SystemRoot%\System32\netsh.exe should be assigned.

CCE-2855-5
The required permissions for the file %SystemRoot%\System32\regini.exe should be assigned.

CCE-2198-0
The required permissions for the file %SystemRoot%\System32\Secedit.exe should be assigned.

CCE-2943-9
Use of the built-in Administrator account should be enabled or disabled as appropriate.

CCE-3139-3
The "Force logoff when logon hours expire" policy should be set correctly.

CCE-2175-8
The required permissions for the file %SystemRoot%\regedit.exe should be assigned.

CCE-2833-2
The required permissions for the file %SystemRoot%\System32\Regedt32.exe should be assigned.

CCE-2100-6
Auditing of "logon" events on success should be enabled or disabled as appropriate..

CCE-2472-9
The "Message text for users attempting to log on" policy should be set correctly.

CCE-2933-0
Auditing of "directory service access" events on success should be enabled or disabled as appropriate..

CCE-3273-0
Restrictions for Unauthenticated RPC clients (SP2 only)

CCE-2956-1
RPC Endpiont Mapper Client Authentication (SP2 only)

CCE-2343-2
Auditing of "logon" events on failure should be enabled or disabled as appropriate..

CCE-2573-4
The "Message title for users attempting to log on" policy should be set correctly.

CCE-3151-8
The "Secure Channel: Require Strong (Windows 2000 or later) Session Key" policy should be set correctly.

CCE-2693-0
The security log maximum size should be configured correctly..

CCE-3040-3
Use of the built-in Guest account should be enabled or disabled as appropriate.

CCE-3157-5
The amount of idle time required before disconnecting a session should be set correctly.

CCE-2259-0
Auditing of "object access" events on success should be enabled or disabled as appropriate..

CCE-2466-1
The "reset account lockout counter after" policy should meet minimum requirements.

CCE-2913-2
Auditing of "privilege use" events on success should be enabled or disabled as appropriate..

CCE-3012-2
The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.

CCE-5025-2
The "Prohibit non-administrators from applying vendor signed updates" setting should be configured correctly.

CCE-3000-7
The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly.

CCE-2904-1
The application log maximum size should be configured correctly..

CCE-2980-1
The "Screen Saver Timeout" setting should be configured correctly for the current user.

CCE-4500-5
The "Password protect the screen saver" setting should be configured correctly for the current user.

CCE-2981-9
The "minimum password length" policy should meet minimum requirements.

CCE-2906-6
Auditing of "account management" events on failure should be enabled or disabled as appropriate..

CCE-5032-8
Logon - Do not process the run once list

CCE-2336-6
The "when maximum log size is reached" property should be set correctly for the Security log.

CCE-2994-2
The "enforce password history" policy should meet minimum requirements.

CCE-2971-0
Auditing of "policy change" events on success should be enabled or disabled as appropriate..

CCE-2896-9
The startup type of the NetMeeting Remote Desktop Sharing service should be correct.

CCE-2777-1
The "when maximum log size is reached" property should be set correctly for the System log.

CCE-2961-1
The "Set time limit for disconnected sessions" policy should be set correctly for Terminal Services.

CCE-3124-5
The "Set time limit for idle sessions" policy should be set correctly for Terminal Services.

CCE-2851-4
The "Shut Down system immediately if unable to log security audits" policy should be set correctly.

CCE-2776-3
Automatic Logon should be properly configured.

CCE-3014-8
The "when maximum log size is reached" property should be set correctly for the Application log.

CCE-2996-7
The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly.

CCE-2986-8
The "account lockout threshold" policy should meet minimum requirements.

CCE-3097-3
The "Secure Channel: Digitally Encrypt or Sign Secure Channel Data (Always)" policy should be set correctly.

CCE-7528-3
The "Configure Automatic Updates" setting should be configured correctly.

CCE-2439-8
The "minimum password age" policy should meet minimum requirements.

CCE-3085-8
The "Unsigned Driver Installation Behavior" policy should be set correctly.

CCE-2559-3
The TCP/IP KeepAlive Time should be set correctly .

CCE-2889-4
The "store password using reversible encryption for all users in the domain" policy should be set correctly.

CCE-4849-6
The "Do not allow passwords to be saved" setting should be configured correctly for Terminal Services.

CCE-3084-1
The "Use FIPS compliant algorithms for encryption, hashing, and signing" policy should be set correctly.

CCE-2735-9
The "password must meet complexity requirments" policy should be set correctly.

CCE-3170-8
The "Screen Saver Executable Name" setting should be configured correctly for the current user.

CCE-2867-0
Auditing of "account logon" events on success should be enabled or disabled as appropriate..

CCE-2701-1
The "Users Prompted to Change Password Before Expiration" policy should be set correctly.

CCE-2878-7
Auditing of "system" events on success should be enabled or disabled as appropriate..

CCE-3094-0
The "Enable User Control Over Installs" policy should be set correctly.

CCE-3018-9
The "Maximum machine account password age" policy should be set correctly.

CCE-3006-4
The system log maximum size should be configured correctly..

CCE-3025-4
The built-in Guest account should be correctly named.

CCE-3135-1
The built-in Administrator account should be correctly named.

CCE-2792-0
The "deny logon as a service" user right should be assigned to the correct accounts.

CCE-2167-5
The "act as part of the operating system" user right should be assigned to the correct accounts.

CCE-1978-6
The "deny access to this computer from the network" user right should be assigned to the correct accounts.

CCE-2737-5
The "Impersonate a client after authentication" user right should be assigned to the correct accounts.

CCE-2847-2
The "restore files and directories" user right should be assigned to the correct accounts.

CCE-2299-6
The "back up files and directories" user right should be assigned to the correct accounts.

CCE-2366-3
The "shut down the system" user right should be assigned to the correct accounts.

CCE-1969-5
The "create permanent shared objects" user right should be assigned to the correct accounts.

CCE-2791-2
The "Create a token object" user right should be assigned to the correct accounts.

CCE-2814-2
The "deny logon through Terminal Services" user right should be assigned to the correct accounts.

CCE-2948-8
The "log on as a service" user right should be assigned to the correct accounts.

CCE-2379-6
The "access this computer from the network" user right should be assigned to the correct accounts.

CCE-2609-6
The "lock pages in memory" user right should be assigned to the correct accounts.

CCE-2829-0
The "log on locally" user right should be assigned to the correct accounts.

CCE-2882-9
The "log on as a batch job" user right should be assigned to the correct accounts.

CCE-2860-5
The "replace a process-level token" user right should be assigned to the correct accounts.

CCE-2247-5
The "manage auditing and security log" user right should be assigned to the correct accounts.

CCE-2446-3
The "load and unload device drivers" user right should be assigned to the correct accounts.

CCE-2960-3
The "perform volume maintenance tasks" user right should be assigned to the correct accounts.

CCE-2786-2
The "create a pagefile" user right should be assigned to the correct accounts.

CCE-3004-9
The "allow logon through Terminal Services" user right should be assigned to the correct accounts.

CCE-2886-0
The "force shutdown from a remote system" user right should be assigned to the correct accounts.

CCE-2547-8
The "adjust memory quotas for a process" user right should be assigned to the correct accounts.

CCE-2864-7
The "debug programs" user right should be assigned to the correct accounts.

CCE-2898-5
The "deny logon as a batch job" user right should be assigned to the correct accounts.

CCE-2700-3
The "deny logon locally" user right should be assigned to the correct accounts.

CCE-2944-7
The "increase scheduling priority" user right should be assigned to the correct accounts.

CCE-2846-4
The "change the system time" user right should be assigned to the correct accounts.

CCE-2675-7
The "profile system performance" user right should be assigned to the correct accounts.

CCE-2806-8
The "bypass traverse checking" user right should be assigned to the correct accounts.

CCE-2335-8
The "remove computer from docking station" user right should be assigned to the correct accounts.

CCE-2807-6
The "profile single process" user right should be assigned to the correct accounts.

CCE-2021-4
The "take ownership of files or other objects" user right should be assigned to the correct accounts.

CCE-3107-0
The "Create global objects" user right should be assigned to the correct accounts.

CCE-2657-5
The "modify firmware environment values" user right should be assigned to the correct accounts.

CCE-2767-2
The "generate security audits" user right should be assigned to the correct accounts.

CCE-2810-0
The "synchronize directory service data" user right should be assigned to the correct accounts.

CCE-2920-7
The "maximum password age" policy should meet minimum requirements.

CCE-2928-0
The "account lockout duration" policy should meet minimum requirements.

CPE    1
cpe:/o:microsoft:windows_xp
*XCCDF
xccdf_gov.nist_benchmark_USGCB-Windows-XP
OVAL    226
oval:gov.nist.usgcb.xp:def:6132
oval:gov.nist.usgcb.xp:def:6120
oval:gov.nist.usgcb.xp:def:6572
oval:gov.nist.usgcb.xp:def:6571
...

© 2013 SecPod Technologies