[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116564

 
 

909

 
 

91325

 
 

141

Paid content will be excluded from the download.


Download | Alert*


CCE-10949-6
The 'Network access: Remotely accessible registry paths' setting should be configured correctly.

CCE-12161-6
The "Turn off Data Execution Prevention for Explorer" machine setting should be configured correctly.

CCE-11829-9
The "Choose drive encryption method and cipher strength" machine setting should be configured correctly.

CCE-10139-4
Rights to access DCOM applications should be assigned as appropriate.

CCE-11809-1
The "Configure TPM platform validation profile" machine setting should be configured correctly.

CCE-10911-6
The 'Create symbolic links' user right should be assigned to the appropriate accounts.

CCE-11717-6
The "Maximum Log Size (KB)" machine setting should be configured correctly for the setup log.

CCE-10918-1
The "Retain old events" machine setting should be configured correctly for the application log.

CCE-10663-3
The "Retain old events" machine setting should be configured correctly for the security log.

CCE-10843-1
The 'Network Security: Configure encryption types allowed for Kerberos' setting should be configured correctly.

CCE-11055-1
The "Retain old events" machine setting should be configured correctly for the system log.

CCE-10309-3
The "Retain old events" machine setting should be configured correctly for the setup log.

CCE-10978-5
The 'Microsoft network server: Digitally sign communications (if client agrees)' setting should be configured correctly.

CCE-11273-0
The "Choose how BitLocker-protected fixed drives can be recovered" machine setting should be configured correctly.

CCE-11431-4
The "Default behavior for AutoRun" machine setting should be configured correctly.

CCE-10906-6
The "Enable user control over installs" machine setting should be configured correctly.

CCE-11258-1
The "Provide the unique identifiers for your organization" machine setting should be configured correctly.

CCE-11028-8
The 'User Account Control: Admin Approval Mode for the Built-in Administrator account' setting should be configured correctly.

CCE-11405-8
The "Validate smart card certificate usage rule compliance" machine setting should be configured correctly.

CCE-10775-5
The 'Domain member: Disable machine account password changes' setting should be configured correctly.

CCE-11368-8
The "Require secure RPC communication" machine setting should be configured correctly.

CCE-10399-4
The 'Account lockout duration' setting should be configured correctly.

CCE-10009-9
The 'Domain member: Digitally sign secure channel data (when possible)' setting should be configured correctly.

CCE-11973-5
The "Choose how BitLocker-protected removable drives can be recovered" machine setting should be configured correctly.

CCE-10518-9
The 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' setting should be configured correctly.

CCE-11958-6
The "Turn off the Windows Messenger Customer Experience Improvement Program" machine setting should be configured correctly.

CCE-11360-5
The "Turn off printing over HTTP" machine setting should be configured correctly.

CCE-12401-6
The "Always install with elevated privileges" machine setting should be configured correctly.

CCE-10419-0
The 'Shutdown: Allow system to be shut down without having to log on' setting should be configured correctly.

CCE-10112-1
The 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' setting should be configured correctly.

CCE-10570-0
The 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' setting should be configured correctly.

CCE-11317-5
The "Turn off Data Execution Prevention for HTML Help Executible" machine setting should be configured correctly.

CCE-10812-6
The 'Network security: Allow LocalSystem NULL session fallback' setting should be configured correctly.

CCE-11332-4
The "Configure minimum PIN length for startup" machine setting should be configured correctly.

CCE-10751-6
The 'MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)' setting should be configured correctly.

CCE-10691-4
The "Prevent the computer from joining a homegroup" machine setting should be configured correctly.

CCE-11136-9
The "Turn off Internet download for Web publishing and online ordering wizards" machine setting should be configured correctly.

CCE-11465-2
The "Allow access to BitLocker-protected fixed data drives from earlier versions of Windows" machine setting should be configured correctly.

CCE-10653-4
The 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' setting should be configured correctly.

CCE-10944-7
The 'Network access: Named Pipes that can be accessed anonymously' setting should be configured correctly.

CCE-11174-0
The "Maximum Log Size (KB)" machine setting should be configured correctly for the system log.

CCE-10422-4
The "Configure use of passwords for removable data drives" machine setting should be configured correctly.

CCE-12237-4
The "Configure use of passwords for fixed data drives" machine setting should be configured correctly.

CCE-11143-5
The "Maximum Log Size (KB)" machine setting should be configured correctly for the application log.

CCE-10878-7
The 'Deny log on through Remote Desktop Services' user right should be assigned to the appropriate accounts.

CCE-12060-0
The "Choose how BitLocker-protected operating system drives can be recovered" machine setting should be configured correctly.

CCE-10109-7
The 'User Account Control: Switch to the secure desktop when prompting for elevation' setting should be configured correctly.

CCE-10750-8
The 'Deny log on locally' user right should be assigned to the appropriate accounts.

CCE-11636-8
The "Allow access to BitLocker-protected removable data drives from earlier versions of Windows" machine setting should be configured correctly.

CCE-11867-9
The "Allow users to connect remotely using Remote Desktop Services" machine setting should be configured correctly.

CCE-11651-7
The "Require a Password When a Computer Wakes (Plugged In)" machine setting should be configured correctly.

CCE-11723-4
The "Solicited Remote Assistance" machine setting should be configured correctly.

CCE-10370-5
The 'Recovery console: Allow automatic administrative logon' setting should be configured correctly.

CCE-10926-4
The 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' setting should be configured correctly.

CCE-11010-6
The 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' setting should be configured correctly.

CCE-10903-3
The 'Domain member: Maximum machine account password age' setting should be configured correctly.

CCE-11033-8
The "Maximum Log Size (KB)" machine setting should be configured correctly for the secirity log.

CCE-10637-7
The 'Devices: Allowed to format and eject removable media' setting should be configured correctly.

CCE-11933-9
The "Require additional authentication at startup" machine setting should be configured correctly.

CCE-10941-3
The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

CCE-10889-4
The "Turn off Search Companion content file updates" machine setting should be configured correctly.

CCE-10807-6
The 'User Account Control: Behavior of the elevation prompt for standard users' setting should be configured correctly.

CCE-10614-6
The 'Network security: LDAP client signing requirements' setting should be configured correctly.

CCE-18944-9
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

CCE-10760-7
The 'Minimum password age' setting should be configured correctly.

CCE-10768-0
The 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' setting should be configured correctly.

CCE-11142-7
The "Deny write access to removable drives not protected by BitLocker" machine setting should be configured correctly.

CCE-11833-1
The "Server Authentication Certificate Template" machine setting should be configured correctly.

CCE-10745-8
The 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' setting should be configured correctly.

CCE-10810-0
The 'Interactive logon: Do not require CTRL+ALT+DEL' setting should be configured correctly.

CCE-18808-6
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

CCE-10027-1
The 'Network access: Do not allow anonymous enumeration of SAM accounts' setting should be configured correctly.

CCE-10772-2
The 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' setting should be configured correctly.

CCE-11860-4
The "Allow Remote Shell Access" machine setting should be configured correctly.

CCE-12336-4
The "Configure use of smart cards on removable data drives" machine setting should be configured correctly.

CCE-11248-2
The "Allow remote access to the Plug and Play interface" machine setting should be configured correctly.

CCE-10541-1
The 'Domain member: Require strong (Windows 2000 or later) session key' setting should be configured correctly.

CCE-10821-7
The 'Network access: Shares that can be accessed anonymously' setting should be configured correctly.

CCE-10804-3
The 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

CCE-10684-9
The 'User Account Control: Run all administrators in Admin Approval Mode' setting should be configured correctly.

CCE-11450-4
The "Enumerate administrator accounts on elevation" machine setting should be configured correctly.

CCE-11506-3
The "Set time limit for active but idle Remote Desktop Services sessions" machine setting should be configured correctly.

CCE-11239-1
The "Configure use of smart cards on fixed data drives" machine setting should be configured correctly.

CCE-10830-8
The 'Network security: Do not store LAN Manager hash value on next password change' setting should be configured correctly.

CCE-10838-1
The 'Microsoft network client: Send unencrypted password to third-party SMB servers' setting should be configured correctly.

CCE-11375-3
The "Turn off Autoplay for non-volume devices" machine setting should be configured correctly.

CCE-11928-9
The "Prevent memory overwrite on restart" machine setting should be configured correctly.

CCE-10794-6
The 'User Account Control: Detect application installations and prompt for elevation' setting should be configured correctly.

CCE-10297-0
The 'Network access: Let Everyone permissions apply to anonymous users' setting should be configured correctly.

CCE-10733-4
The 'Deny access to this computer from the network' user right should be assigned to the appropriate accounts.

CCE-11615-2
The "Deny write access to fixed drives not protected by BitLocker" machine setting should be configured correctly.

CCE-10901-7
The 'Password must meet complexity requirements' policy should be set correctly.

CCE-11992-5
The "Do not process the run once list" machine setting should be configured correctly.

CCE-11035-3
The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly.

CCE-10372-1
The 'Minimum password length' setting should be configured correctly.

CCE-10612-0
The "Allow enhanced PINs for startup" machine setting should be configured correctly.

CCE-9992-9
The 'Accounts: Limit local account use of blank passwords to console logon only' setting should be configured correctly.

CCE-11046-0
The 'Account lockout threshold' setting should be configured correctly.

CCE-10705-2
The 'Interactive logon: Require Domain Controller authentication to unlock workstation' setting should be configured correctly.

CCE-10789-6
The 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' setting should be configured correctly.

CCE-11023-9
The 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' setting should be configured correctly.

CCE-11299-5
The "Always prompt for password upon connection" machine setting should be configured correctly.

CCE-12088-1
The "Require a Password When a Computer Wakes (On Battery)" machine setting should be configured correctly.

CCE-10018-0
The 'MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic.' setting should be configured correctly.

CCE-10839-9
The 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' setting should be configured correctly.

CCE-11677-2
The "Set client connection encryption level" machine setting should be configured correctly.

CCE-11117-9
The "Set time limit for disconnected sessions" machine setting should be configured correctly.

CCE-10986-8
The 'System objects: Require case insensitivity for non-Windows subsystems' setting should be configured correctly.

CCE-11011-4
The 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' setting should be configured correctly.

CCE-10732-6
The 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' setting should be configured correctly.

CCE-10562-7
The 'Maximum password age' setting should be configured correctly.

CCE-10865-4
The 'User Account Control: Virtualize file and registry write failures to per-user locations' setting should be configured correctly.

CCE-10888-6
The 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' setting should be configured correctly.

CCE-10940-5
The 'Network access: Restrict anonymous access to Named Pipes and Shares' setting should be configured correctly.

CCE-10619-5
The 'Audit: Audit the use of Backup and Restore privilege' setting should be configured correctly.

CCE-10742-5
The 'Audit: Shut down system immediately if unable to log security audits' setting should be configured correctly.

CCE-10780-5
The 'Devices: Restrict CD-ROM access to locally logged-on user only' setting should be configured correctly.

CCE-11377-9
The "Control use of BitLocker on removable drives" machine setting should be configured correctly.

CCE-10573-4
The 'Interactive logon: Smart card removal behavior' setting should be configured correctly.

CCE-10596-5
The 'Deny log on as a batch job' user right should be assigned to the appropriate accounts.

CCE-10788-8
The 'Interactive logon: Do not display last user name' setting should be configured correctly.

CCE-11049-4
The 'Shutdown: Clear virtual memory pagefile' setting should be configured correctly.

CCE-10019-8
The time in seconds before the screen saver grace period expires (ScreenSaverGracePeriod) setting should be configured correctly.

CCE-11245-8
The "Do not process the legacy run list" machine setting should be configured correctly.

CCE-10922-3
The 'User Account Control: Only elevate executables that are signed and validated' setting should be configured correctly.

CCE-9989-5
The 'Accounts: Guest account status' setting should be configured correctly.

CCE-10809-2
The "Enforce password history" setting should be configured correctly.

CCE-10557-7
The 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' setting should be configured correctly.

CCE-10534-6
The 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' setting should be configured correctly.

CCE-11837-2
The "Allow Standby States (S1-S3) When Sleeping (On Battery)" machine setting should be configured correctly.

CCE-10643-5
The 'Recovery console: Allow floppy copy and access to all drives and all folders' setting should be configured correctly.

CCE-10984-3
The 'Network security: LAN Manager authentication level' setting should be configured correctly.

CCE-10292-1
The 'Network access: Do not allow storage of passwords and credentials for network authentication' setting should be configured correctly.

CCE-10715-1
The "RPC Endpoint Mapper Client Authentication" machine setting should be configured correctly.

CCE-11059-3
The 'Reset account lockout counter after' setting should be configured correctly.

CCE-10825-8
The 'Network access: Sharing and security model for local accounts' setting should be configured correctly.

CPE    1
cpe:/o:microsoft:windows_server_2008:r2
*XCCDF
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2008_R2
OVAL    136
oval:org.secpod.oval:def:8825
oval:org.secpod.oval:def:8916
oval:org.secpod.oval:def:8815
oval:org.secpod.oval:def:19439
...

© SecPod Technologies