[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*


CCE-10688-0
User-initiated system crashes via the CTRL+SCROLL LOCK+SCROLL LOCK sequence should be enabled or disabled for PS/2 keyboards as appropriate.

CCE-3720-0
The "Disable Media Player for automatic updates" policy should be set correctly.

CCE-10710-2
User-initiated system crashes via the CTRL+SCROLL LOCK+SCROLL LOCK sequence should be enabled or disabled for USB keyboards as appropriate.

CCE-3812-5
The "Set Client connection Encryption Level" policy should be set correctly for Terminal Services.

CCE-10633-6
The "Display user information when the session is locked" setting should be configured correctly.

CCE-9994-5
The "Change Password" option in the Ctrl+Alt+Del dialog should be enabled or disabled as appropriate.

CCE-3492-6
The startup type of the World Wide Web Publishing service should be correct.

CCE-3514-7
The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly.

CCE-2790-4
The "Message title for users attempting to log on" policy should be set correctly.

CCE-2869-6
The "back up files and directories" user right should be assigned to the correct accounts.

CCE-3383-7
Auditing of "privilege use" events on failure should be enabled or disabled as appropriate..

CCE-3078-3
The startup type of the Telnet service should be correct.

CCE-8479-8
The Security Audit log warning level should be properly configured.

CCE-3548-5
The "minimum password age" policy should meet minimum requirements.

CCE-7611-7
Automatic Reboot After System Crash should be enabled or disabled as appropriate.

CCE-3480-1
The "Security Zones: Do Not Allow Users to Change Policies" setting should be configured correctly.

CCE-3635-0
The startup type of the Alerter service should be correct.

CCE-3427-2
Auditing of "account management" events on success should be enabled or disabled as appropriate..

CCE-3658-2
The "Do Not Allow Windows Messenger to be Run" policy should be set correctly.

CCE-3612-9
The startup type of the Remote Registry service should be correct.

CCE-3710-1
The "Do not Use Temp folders per Session" policy should be set correctly for Terminal Services.

CCE-8544-9
The time in seconds before the screen saver grace period expires (ScreenSaverGracePeriod) setting should be configured correctly.

CCE-3306-8
The "Do Not Automatically Start Windows Messenger" policy should be set correctly.

CCE-3175-7
The startup type of the Print Services for Unix service should be correct.

CCE-3591-5
The behavior surrounding Anonymous users' abiliity to display lists of SAM accounts and shares should be correct.

CCE-3549-3
Always Wait for the Network at Computer Startup and Logon should be properly configured.

CCE-3757-2
Disable saving of dial-up passwords should be properly configured.

CCE-3526-1
The "Screensaver Executable Name" setting should be configured correctly for the current user.

CCE-3250-8
The TCPMaxPortsExhausted setting should be properly configured.

CCE-3711-9
The "Named Pipes that can be accessed anonymously" policy should be set correctly.

CCE-2627-8
The "account lockout duration" policy should meet minimum requirements.

CCE-2812-6
The TCP/IP KeepAlive Time should be set correctly .

CCE-3428-0
The startup type of the Remote Access Auto connection Manager service should be correct.

CCE-3613-7
The "Allow undock without having to logon" policy should be set correctly.

CCE-3659-0
The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly.

CCE-3558-4
The startup type of the Task Scheduler service should be correct.

CCE-3788-7
The startup type of the Removable Storage service should be correct.

CCE-2946-2
The "restrict guest access to security log" policy should be set correctly.

CCE-3621-0
The startup type of the Routing and Remote Access service should be correct.

CCE-3512-1
If the System log's retention method is set to "Overwrite events by days," an appropriate value should be set for the number of days' logs to keep.

CCE-5026-0
Administrative Shares should be enabled or disabled as appropriate.

CCE-2671-6
The startup type of the Automatic Update service should be correct.

CCE-3523-8
The startup type of the Remote Access Auto connection Manager service should be correct.

CCE-3295-3
The "Digitally Sign Server Communication (Always)" policy should be set correctly.

CCE-3731-7
The "Secure Channel: Digitally Encrypt or Sign Secure Channel Data (Always)" policy should be set correctly.

CCE-3546-9
Auditing of "policy change" events on success should be enabled or disabled as appropriate..

CCE-3370-4
The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly.

CCE-3448-8
The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly.

CCE-8380-8
System availability to Master Browser should be properly configured.

CCE-3536-0
The startup type of the SNMP Trap Service service should be correct.

CCE-2947-0
The "Default owner for objects created by members of the Administrators group" policy should be set correctly.

CCE-3547-7
The "Enable User Control Over Installs" policy should be set correctly.

CCE-3778-8
Safe DLL Search Mode should be properly configured.

CCE-3611-1
Auditing of "system" events on failure should be enabled or disabled as appropriate..

CCE-3449-6
Auditing of "account management" events on failure should be enabled or disabled as appropriate..

CCE-2837-3
The "Allow Administrator to Install from Terminal Services Session" policy should be set correctly.

CCE-8534-0
The "Digitally Sign Client Communication (When Possible)" policy should be set correctly.

CCE-8151-3
RPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate.

CCE-3594-9
Auditing of "system" events on success should be enabled or disabled as appropriate..

CCE-3725-9
ICMP Redirects should be properly configured.

CCE-2827-4
Auditing of "directory service access" events on success should be enabled or disabled as appropriate..

CCE-3627-7
The "Do not Delete Temp folder on exit" policy should be set correctly for Terminal Services.

CCE-3484-3
The "when maximum log size is reached" property should be set correctly for the Security log.

CCE-3506-3
The system log maximum size should be configured correctly..

CCE-3714-3
The "Require Case Insensitivity for Non-Windows Sybsystems" policy should be set correctly.

CCE-3353-0
The startup type of the IIS Admin service should be correct.

CCE-3616-0
TCP/IP SYN Flood Attack Protection should be properly configured.

CCE-3582-4
The startup type of the FTP Publishing service should be correct.

CCE-3497-5
The startup type of the Simple TCP/IP service should be correct.

CCE-3801-8
The "LDAP server signing requirements" policy should be set correctly.

CCE-3386-0
The startup type of the Simple Mail Transport Protocol (SMTP) service should be correct.

CCE-3703-6
The "LAN Manager Authentication Level" policy should be set correctly.

CCE-3605-3
The "Refuse machine account password change" policy should be set correctly.

CCE-3715-0
The screensaver should be enabled or disabled as appropriate for the default user.

CCE-3277-1
The "No auto-restart with logged on users for scheduled automatic updates installations" setting should be enabled or disabled as appropriate.

CCE-3693-9
The "screensaver timeout" policy should be set correctly for the default user.

CCE-3617-8
The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.

CCE-3494-2
The startup type of the Messenger service should be correct.

CCE-3746-5
The "Prohibit New Task Creation" policy should be set correctly for the Task Scheduler.

CCE-3769-7
The "Prevent Users from Installing Printer Drivers" policy should be set correctly.

CCE-3602-0
The startup type of the Remote Shell service should be correct.

CCE-3592-3
The "Shares that can be accessed anonymously" policy should be set correctly.

CCE-3758-0
The "Enable Error Reporting" policy should be set correctly.

CCE-2870-4
The "Send Unencrypted Password to Connect to Third-Party SMB Servers" policy should be set correctly.

CCE-3810-9
The "Disable Periodic Check For Internet Explorer Software Updates" setting should be configured correctly.

CCE-3504-8
The "Require Domain Controller authentication to unlock workstation" policy should be set correctly.

CCE-3189-8
The "Digitally Sign Server Communication (When Possible)" policy should be set correctly.

CCE-3690-5
Automatic Logon should be properly configured.

CCE-3527-9
Display Last User Name in Logon Screen should be properly configured.

CCE-3614-5
The "Minimum session security for NTLM SSP based clients" policy should be set correctly.

CCE-2817-5
TCP/IP NetBIOS Name Release on Request Prevented should be properly configured.

CCE-8601-7
Kerberos and RSVP Traffic Protected by IPSec should be properly configured.

CCE-3286-2
Auditing of "object access" events on success should be enabled or disabled as appropriate..

CCE-8527-4
Authentication requirements for RPC clients should be configured appropriately.

CCE-3603-8
Auditing of "logon" events on success should be enabled or disabled as appropriate..

CCE-3593-1
The "Clear Virtual Memory Pagefile at shutdown" policy should be set correctly.

CCE-3713-5
The "Make Proxy Settings Per-Machine (Rather Then Per-User)" setting should be configured correctly.

CCE-3759-8
The "Minimum session security for NTLM SSP based servers" policy should be set correctly.

CCE-3638-4
The startup type of the Background Intelligent Transfer Service (BITS) service should be correct.

CCE-3350-6
The startup type of the ClipBook service should be correct.

CCE-3298-7
Background Refresh of Group Policy should be properly configured.

CCE-3552-7
The startup type of the Print Services for Unix service should be correct.

CCE-3804-2
The "Users Prompted to Change Password Before Expiration" policy should be set correctly.

CCE-8592-8
The "Prevent System Maintenance of Computer Account Password" policy should be set correctly.

CCE-3661-6
The "Reschedule Automatic Updates scheduled installations" setting should be enabled or disabled as appropriate.

CCE-3598-0
The "Disable Automatic Install of Internet Explorer Components" setting should be configured correctly.

CCE-3608-7
The "Automatic Updates detection frequency" should be set correctly.

CCE-2884-5
The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly.

CCE-3465-2
The "restore files and directories" user right should be assigned to the correct accounts.

CCE-3586-5
The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly.

CCE-3442-1
The "password must meet complexity requirments" policy should be set correctly.

CCE-2819-1
The "LDAP client signing requirements" policy should be set correctly.

CCE-3357-1
The "Limit local account user of blank passwords to console logon only" policy should be set correctly.

CCE-3488-4
The "restrict guest access to system log" policy should be set correctly.

CCE-3794-5
The "Always Install with Elevated Privileges" policy should be set correctly.

CCE-3599-8
The "Allow Solicited Remote Assistance" policy should be set correctly for Terminal Services.

CCE-3200-3
The startup type of the Background Intelligent Transfer Service (BITS) service should be correct.

CCE-3321-7
Auditing of "account logon" events on success should be enabled or disabled as appropriate..

CCE-2919-9
TCP/IP Dead Gateway Detection should be properly configured.

CCE-3530-3
The "maximum password age" policy should meet minimum requirements.

CCE-3190-6
The "Enable User to Browser for Source While Elevated" policy should be set correctly.

CCE-3478-5
The "Require Strong (Windows 2000 or later) Session Key" policy should be set correctly.

CCE-3039-5
The "Security Zones: Do Not Allow Users to Add/Delete Sites" setting should be configured correctly.

CCE-3817-4
The "Let Everyone permissions apply to anonymous users" policy should be set correctly.

CCE-3719-2
The "Force logoff when logon hours expire" policy should be set correctly.

CCE-3674-9
The "Smart Card Removal Behavior" policy should be set correctly.

CCE-3443-9
Installation and Configuration of Network Bridge on the DNS Domain Network should be properly configured.

CCE-8472-3
The number of SYN-ACK retransmissions sent when attempting to respond to a SYN request should be configured correctly.

CCE-3420-7
The "Do not allow storage of credentials or .NET Passports" policy should be set correctly.

CCE-7936-8
The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured properly.

CCE-3587-3
The "Enable User to Use Media Source While Elevated" policy should be set correctly.

CCE-3541-0
The startup type of the SSDP Discovery service should be correct.

CCE-3475-1
The startup type of the Universal Plug and Play Device Host (UPnP) service should be correct.

CCE-2908-2
Use of the built-in Guest account should be enabled or disabled as appropriate.

CCE-2984-3
The "Maximum machine account password age" policy should be set correctly.

CCE-3343-1
The security log maximum size should be configured correctly..

CCE-8462-4
The "System cryptography: Force strong key protection for user keys stored on the computer" policy should be enabled or disabled as appropriate.

CCE-2863-9
The "Prevent Codec Download" policy should be set correctly for Windows MediaPlayer.

CCE-3550-1
The application log maximum size should be configured correctly..

CCE-3211-0
Auditing of "privilege use" events on success should be enabled or disabled as appropriate..

CCE-3739-0
TCP/IP PMTU Discovery should be properly configured.

CCE-3814-1
The "Audit the use of backup and restore privilege" policy should be set correctly.

CCE-3694-7
The "Restrict CD-ROM Access to Locally Logged-On User Only" policy should be set correctly.

CCE-3101-3
Auditing of "directory service access" events on failure should be enabled or disabled as appropriate..

CCE-3618-6
The startup type of the Indexing service should be correct.

CCE-2678-1
The startup type of the Internet Connection Sharing service should be correct.

CCE-3551-9
The "account lockout threshold" policy should meet minimum requirements.

CCE-8508-4
The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate.

CCE-3728-3
The "Hide Property Pages" policy should be set correctly for the Task Scheduler.

CCE-3430-6
The "Shut Down system immediately if unable to log security audits" policy should be set correctly.

CCE-3803-4
The "Enable User to Patch Elevated Products" policy should be set correctly.

CCE-2909-0
The startup type of the NetMeeting Remote Desktop Sharing service should be correct.

CCE-3683-0
The "Allow Reconnection from Original Client Only" policy should be set correctly for Terminal Services.

CCE-3112-0
The "Sharing and security model for local accounts" policy should be set correctly.

CCE-3453-8
Auditing of "process tracking" events on failure should be enabled or disabled as appropriate..

CCE-8561-3
The "DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax" security option should be set correctly.

CCE-3597-2
Autoplay on all Drive Types should be properly configured.

CCE-3574-1
The "reset account lockout counter after" policy should meet minimum requirements.

CCE-3672-3
The "Message text for users attempting to log on" policy should be set correctly.

CCE-3441-3
The "Use FIPS compliant algorithms for encryption, hashing, and signing" policy should be set correctly.

CCE-3354-8
The "add workstations to domain" user right should be assigned to the correct accounts.

CCE-3509-7
IRDP should be properly configured.

CCE-2644-3
The "store password using reversible encryption for all users in the domain" policy should be set correctly.

CCE-2875-3
The "Set time limit for disconnected sessions" policy should be set correctly for Terminal Services.

CCE-3556-8
The startup type of the Remote Desktop Help Session Manager service should be correct.

CCE-8091-1
Anonymous access to Named Pipes and Shares via the network should be enabled or disabled as appropriate.

CCE-3510-5
Auditing of "process tracking" events on success should be enabled or disabled as appropriate..

CCE-3808-3
The "Do Not Allow Local Administrators to Customize Permissions" policy should be set correctly for Terminal Services.

CCE-3281-3
The "restrict guest access to application log" policy should be set correctly.

CCE-2963-7
The "Strengthen Default Permissions of Global System Objects" policy should be set correctly.

CCE-3665-7
The "Set time limit for idle sessions" policy should be set correctly for Terminal Services.

CCE-3786-1
The "Limit Number of Connections" policy should be set correctly for Terminal Services.

CCE-3567-5
If the Application log's retention method is set to "Overwrite events by days," an appropriate value should be set for the number of days' logs to keep.

CCE-3654-1
The "Limit Users to One Remote Session" policy should be set correctly for Terminal Services.

CCE-3631-9
The behavior surrounding Anonymous users' abiliity to display lists of SAM accounts should be correct.

CCE-3446-2
The "enforce password history" policy should meet minimum requirements.

CCE-3391-0
Auditing of "logon" events on failure should be enabled or disabled as appropriate..

CCE-3787-9
The "Unsigned Driver Installation Behavior" policy should be set correctly.

CCE-3511-3
The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly.

CCE-8049-9
Use of the built-in Administrator account should be enabled or disabled as appropriate.

CCE-3764-8
The "screensaver timeout" policy should be set correctly for the current user.

CCE-3413-2
The "Security Zones: Use Only Machine Settings" setting should be configured correctly.

CCE-3666-5
The "Always Prompt Client for Password upon Connection" policy should be set correctly for Terminal Services.

CCE-3227-6
IP Source Routing should be properly configured.

CCE-3730-9
The "Specify intranet Microsoft update service location" setting should be enabled or disabled as appropriate.

CCE-3799-4
The screensaver should be enabled or disabled as appropriate for the current user.

CCE-3424-9
The "minimum password length" policy should meet minimum requirements.

CCE-3632-7
The "Do not store LAN Manager hash value on next password change" policy should be set correctly.

CCE-3806-7
The "Allow automatic updates immediate installation" setting should be enabled or disabled as appropriate.

CCE-3577-4
The "Terminate session when time limits are reached" policy should be set correctly for Terminal Services.

CCE-3640-0
The startup type of the .NET Framework service should be correct.

CCE-3708-5
Disallow Installation of Printers Using Kernel-mode Drivers should be properly configured.

CCE-3479-3
The "Allow Server Operators to Schedule Tasks" policy should be set correctly.

CCE-3761-4
The amount of idle time required before disconnecting a session should be set correctly.

CCE-3565-9
The startup type of the Fax service should be correct.

CCE-3773-9
The "Disconnect clients when logon hours expire" policy should be set correctly.

CCE-3698-8
The "Password protect the screensaver" setting should be set correctly for the default user.

CCE-3060-1
The "Disable CTRL+ALT+Delete Requirement for Logon" policy should be set correctly.

CCE-3652-5
The "Digitally Sign Client Communication (Always)" policy should be set correctly.

CCE-3796-0
The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly.

CCE-7613-3
The number of retransmissions sent of TCP data segments before the connection is dropped should be set correctly.

CCE-3467-8
Auditing of "account logon" events on failure should be enabled or disabled as appropriate..

CCE-2832-4
The startup type of the Terminal Services service should be correct.

CCE-3532-9
The startup type of the SNMP Service service should be correct.

CCE-3709-3
The "Number of Previous Logons to Cache" policy should be set correctly.

CCE-8542-3
The "Interactive logon: Requre smart card" setting should be configured correctly.

CCE-2822-5
The "Restrict Floppy Access to Locally Logged-On User Only" policy should be set correctly.

CCE-3774-7
The "Audit the access of global system objects" policy should be set correctly.

CCE-3290-4
Auditing of "object access" events on failure should be enabled or disabled as appropriate..

CCE-3422-3
The "when maximum log size is reached" property should be set correctly for the System log.

CCE-3127-8
If the Security log's retention method is set to "Overwrite events by days," an appropriate value should be set for the number of days' logs to keep.

CCE-3312-6
Auditing of "policy change" events on failure should be enabled or disabled as appropriate..

CCE-3676-4
The "Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders" policy should be set correctly.

CPE    1
cpe:/o:microsoft:windows_server_2003
*XCCDF
xccdf_org.secpod_benchmark_general_Windows_2003
OVAL    213
oval:org.secpod.oval:def:7689
oval:org.secpod.oval:def:7686
oval:org.secpod.oval:def:10030
oval:org.secpod.oval:def:10031
...

© 2013 SecPod Technologies