Download
| Alert*
|
CCE-18949-8
The 'Require message integrity' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate. CCE-10193-1 The 'Profile system performance' user right should be assigned to the appropriate accounts. CCE-10932-2 The "Synchronize directory service data" setting should be configured correctly. CCE-10845-6 The 'Log on as a service' user right should be assigned to the appropriate accounts. CCE-10274-9 The 'Generate security audits' user right should be assigned to the appropriate accounts. CCE-11356-3 The "6to4 State" machine setting should be configured correctly. CCE-9972-1 The 'Access Credential Manager as a trusted caller' user right should be assigned to the appropriate accounts. CCE-11431-4 The "Default behavior for AutoRun" machine setting should be configured correctly. CCE-10872-0 The "Do not allow Windows Messenger to be run" machine setting should be configured correctly. CCE-10906-6 The "Enable user control over installs" machine setting should be configured correctly. CCE-11043-7 The "Turn off Program Inventory" machine setting should be configured correctly. CCE-11717-6 The "Maximum Log Size (KB)" machine setting should be configured correctly for the setup log. CCE-11563-4 The "Turn off downloading of print drivers over HTTP" machine setting should be configured correctly. CCE-11865-3 The "Teredo State" machine setting should be configured correctly. CCE-10981-9 The "Turn off heap termination on corruption" machine setting should be configured correctly. CCE-10798-7 The 'Windows Firewall: Domain: Apply local firewall rules' setting should be configured correctly. CCE-11958-6 The "Turn off the Windows Messenger Customer Experience Improvement Program" machine setting should be configured correctly. CCE-11360-5 The "Turn off printing over HTTP" machine setting should be configured correctly. CCE-10555-1 The "Select the Sleep Button Action (Plugged In)" machine setting should be configured correctly. CCE-11609-5 The "Turn off Active Help" machine setting should be configured correctly. CCE-10517-1 The "Turn off Windows Defender" machine setting should be configured correctly. CCE-12046-9 The "Do not delete temp folder upon exit" machine setting should be configured correctly. CCE-11587-3 The "Turn off the "Publish to Web" task for files and folders" machine setting should be configured correctly. CCE-10123-8 Windows Firewall should allow or block outbound connections by default as appropriate for the Private Profile. CCE-11136-9 The "Turn off Internet download for Web publishing and online ordering wizards" machine setting should be configured correctly. CCE-10921-5 The 'Windows Firewall: Private: Apply local connection security rules' setting should be configured correctly. CCE-11174-0 The "Maximum Log Size (KB)" machine setting should be configured correctly for the system log. CCE-11143-5 The "Maximum Log Size (KB)" machine setting should be configured correctly for the application log. CCE-10113-9 Windows Firewall should allow or block outbound connections by default as appropriate for the Domain Profile. CCE-11625-1 The "Offer Remote Assistance" machine setting should be configured correctly. CCE-10855-5 The "Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with Support Provider" machine setting should be configured correctly. CCE-10878-7 The 'Deny log on through Remote Desktop Services' user right should be assigned to the appropriate accounts. CCE-10881-1 The "Restrictions for Unauthenticated RPC clients" machine setting should be configured correctly. CCE-11723-4 The "Solicited Remote Assistance" machine setting should be configured correctly. CCE-11249-0 The "Allow only Vista or later connections" machine setting should be configured correctly. CCE-11264-9 The "Turn off Automatic Root Certificates Update" machine setting should be configured correctly. CCE-11530-3 The "Turn off shell protocol protected mode" machine setting should be configured correctly. CCE-10760-7 The 'Minimum password age' setting should be configured correctly. CCE-11082-5 The "Turn off Windows Startup Sound" machine setting should be configured correctly. CCE-12082-4 The "Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com" machine setting should be configured correctly. CCE-10455-4 The "Allow users to log on using biometrics" machine setting should be configured correctly. CCE-11300-1 The "Route all traffic through the internal network" machine setting should be configured correctly. CCE-10481-0 Windows Firewall should allow or block outbound connections by default as appropriate for the Public Profile. CCE-11263-1 The "Turn on session logging" machine setting should be configured correctly. CCE-11807-5 The "Turn off game updates" machine setting should be configured correctly. CCE-11539-4 The "Allow Corporate redirection of Customer Experience Improvement uploads" machine setting should be configured correctly. CCE-10697-1 The "Turn off Internet File Association service" machine setting should be configured correctly. CCE-10669-0 The "Do not use temporary folders per session" machine setting should be configured correctly. CCE-11544-4 The "Turn off Help and Support Center Microsoft Knowledge Base search" machine setting should be configured correctly. CCE-11183-1 The "Turn on bandwidth optimization" machine setting should be configured correctly. CCE-11905-7 The "Do not allow passwords to be saved" machine setting should be configured correctly. CCE-11638-4 The "Configure Microsoft SpyNet Reporting" machine setting should be configured correctly. CCE-10357-2 The "Turn off Windows Update device driver searching" machine setting should be configured correctly. CCE-11243-3 The "Turn off the "Order Prints" picture task" machine setting should be configured correctly. CCE-10901-7 The 'Password must meet complexity requirements' policy should be set correctly. CCE-11035-3 The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly. CCE-12070-9 The "Require trusted path for credential entry." machine setting should be configured correctly. CCE-12754-8 The "Registry policy processing" machine setting should be configured correctly. CCE-11046-0 The 'Account lockout threshold' setting should be configured correctly. CCE-11812-5 The "Turn off Help and Support Center "Did you know?" content" machine setting should be configured correctly. CCE-10188-1 The 'Windows Firewall: Public: Apply local firewall rules' setting should be configured correctly. CCE-10131-1 The 'Windows Firewall: Private: Apply local firewall rules' setting should be configured correctly. CCE-11787-9 The "Specify search order for device driver source locations" machine setting should be configured correctly. CCE-11242-5 The "Configuration of wireless settings using Windows Connect Now" machine setting should be configured correctly. CCE-10619-5 The 'Audit: Audit the use of Backup and Restore privilege' setting should be configured correctly. CCE-10487-7 The 'Audit: Audit the access of global system objects' setting should be configured correctly. CCE-10742-5 The 'Audit: Shut down system immediately if unable to log security audits' setting should be configured correctly. CCE-10780-5 The 'Devices: Restrict CD-ROM access to locally logged-on user only' setting should be configured correctly. CCE-11621-0 The "Disable Logging" machine setting should be configured correctly. CCE-12161-6 The "Turn off Data Execution Prevention for Explorer" machine setting should be configured correctly. CCE-10584-1 The "Allow Automatic Sleep with Open Network Files (On Battery)" machine setting should be configured correctly. CCE-11112-0 The "Turn off Registration if URL connection is referring to Microsoft.com" machine setting should be configured correctly. CCE-11123-7 The "Turn off Windows Mail application" machine setting should be configured correctly. CCE-10726-8 The 'Manage auditing and security log' user right should be assigned to the appropriate accounts. CCE-11739-0 The "Turn off downloading of game information" machine setting should be configured correctly. CCE-10912-4 The 'Devices: Restrict floppy access to locally logged-on user only' setting should be configured correctly. CCE-10292-1 The 'Network access: Do not allow storage of passwords and credentials for network authentication' setting should be configured correctly. CCE-10715-1 The "RPC Endpoint Mapper Client Authentication" machine setting should be configured correctly. CCE-11610-3 The "Require domain users to elevate when setting a network's location" machine setting should be configured correctly. CCE-10693-0 The "Turn off Event Viewer "Events.asp" links" machine setting should be configured correctly. CCE-11596-4 The "Do Not Show First Use Dialog Boxes" machine setting should be configured correctly. CCE-10544-5 The "Prevent Windows Anytime Upgrade from running." machine setting should be configured correctly. CCE-11923-0 The "Reschedule Automatic Updates scheduled installations" machine setting should be configured correctly. CCE-11468-6 The "Prohibit non-administrators from applying vendor signed updates" machine setting should be configured correctly. CCE-11319-1 The "Turn off Windows Update device driver search prompt" machine setting should be configured correctly. CCE-11117-9 The "Set time limit for disconnected sessions" machine setting should be configured correctly. CCE-11976-8 The "Extend Point and Print connection to search Windows Update" machine setting should be configured correctly. CCE-10955-3 The 'Lock pages in memory' user right should be assigned to the appropriate accounts. CCE-9984-6 The 'Perform volume maintenance tasks' user right should be assigned to the appropriate accounts. CCE-12401-6 The "Always install with elevated privileges" machine setting should be configured correctly. CCE-10637-7 The 'Devices: Allowed to format and eject removable media' setting should be configured correctly. CCE-10935-5 The 'Network access: Remotely accessible registry paths and sub-paths' setting should be configured correctly. CCE-11103-9 The Windows Firewall should be enabled or disabled as appropriate for the Private Profile. CCE-10399-4 The 'Account lockout duration' setting should be configured correctly. CCE-10482-8 The Windows Firewall should be enabled or disabled as appropriate for the Domain Profile. CCE-11059-3 The 'Reset account lockout counter after' setting should be configured correctly. CCE-11453-8 The "No auto-restart with logged on users for scheduled automatic updates installations" machine setting should be configured correctly. CCE-10112-1 The 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' setting should be configured correctly. CCE-10930-6 The 'Interactive logon: Prompt user to change password before expiration' setting should be configured correctly. CCE-10838-1 The 'Microsoft network client: Send unencrypted password to third-party SMB servers' setting should be configured correctly. |
