[Forgot Password]
Login  Register Subscribe

23631

 
 

122241

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*


CCE-4228-3
Auditing of "Account Management: Computer Account Management" events on failure should be enabled or disabled as appropriate.

CCE-4183-0
Auditing of "Logon/Logoff: Logoff" events on failure should be enabled or disabled as appropriate.

CCE-5137-5
Auditing of "Policy Change: Audit Policy Change" events on failure should be enabled or disabled as appropriate.

CCE-5094-8
Auditing of "Detailed Tracking: Process Creation" events on failure should be enabled or disabled as appropriate.

CCE-8458-2
The "Access credential Manager as a trusted caller" user right should be assigned to the correct accounts.

CCE-4662-3
The "Enforce user logon restrictions" policy should be set correctly.

CCE-5039-3
Auditing of "Object Access: File System" events on failure should be enabled or disabled as appropriate.

CCE-4081-6
The "Internet Explorer Maintenance Policy Processing - Allow processing across a slow network connection" setting should be configured correctly.

CCE-4755-5
The "Maximum User Renewal Lifetime" policy should be set correctly.

CCE-8188-5
The Windows Firewall "Allow ICMP exceptions" policy should be enabled or disabled as appropriate for the Standard Profile.

CCE-2467-9
The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly.

CCE-4666-4
The "Maximum Service Ticket Litfetime" policy should be set correctly.

CCE-5157-3
Auditing of "System: Security State Change" events on failure should be enabled or disabled as appropriate.

CCE-4579-9
The 'Approved Installation Sites for ActiveX Controls' security mechanism should be enabled or disabled as appropriate.

CCE-4627-6
The required permissions for the WLAN AutoConfig service should be assigned.

CCE-4516-1
Auditing of "Policy Change: Authentication Policy Change" events on failure should be enabled or disabled as appropriate.

CCE-4734-0
Auditing of "Privilege Use: Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate.

CCE-4941-1
User notifications when a program is blocked from receiving inbound connections by Windows Firewall should be enabled or disabled as appropriate for the Domain Profile.

CCE-5087-2
Auditing of "Object Access: Registry" events on failure should be enabled or disabled as appropriate.

CCE-3508-9
The "IPv6 Block of UDP 3544" setting should be configured correctly.

CCE-2339-0
The behavior surrounding Anonymous SID/Name translation should be correct.

CCE-4142-6
Auditing of "Account Management: Security Group Management" events on failure should be enabled or disabled as appropriate.

CCE-4910-6
Auditing of "System: Security System Extension" events on failure should be enabled or disabled as appropriate.

CCE-4783-7
Auditing of "Account Management: Other Account Management Events" events on failure should be enabled or disabled as appropriate.

CCE-5036-9
The 6to4 tunneling protocol for IPv6 should be enabled or disabled as appropriate.

CCE-8470-7
The Windows Firewall "Allow ICMP exceptions" policy should be enabled or disabled as appropriate for the Domain Profile.

CCE-4423-0
Auditing of "Logon/Logoff: Logon" events on failure should be enabled or disabled as appropriate.

CCE-4811-6
The Teredo tunneling protocol for IPv6 should be enabled or disabled as appropriate.

CCE-3936-2
The "Maximum User Ticket Lifetime" policy should be set correctly.

CCE-4702-7
The "Maximum tolerance for computer clock synchronization" policy should be set correctly.

CCE-4879-3
Auditing of "System: Ipsec Driver" events on failure should be enabled or disabled as appropriate.

CCE-4822-3
Auditing of "System: System Integrity" events on failure should be enabled or disabled as appropriate.

CCE-2874-6
The "Do not allow drive redirection" setting should be configured correctly for Terminal Services.

CCE-2865-4
The "IPv6 Block of Protocols 41" setting should be configured correctly.

CCE-5097-1
Auditing of "Account Management: User Account Management" events on failure should be enabled or disabled as appropriate.

CCE-4824-9
Auditing of "Logon/Logoff: Special Logon" events on failure should be enabled or disabled as appropriate.

CCE-5028-6
Auditing of "DS Access: Directory Service Access" events on success should be enabled or disabled as appropriate.

CCE-3285-4
The "Audit the access of global system objects" policy should be set correctly.

CCE-3032-0
Use of the built-in Administrator account should be enabled or disabled as appropriate.

CCE-4797-7
The "Do Not Automatically Start Windows Messenger" policy should be set correctly.

CCE-3439-7
Domain Profile - Outbound Connections

CCE-3187-2
Domain Profile: Do not allow exceptions (SP2 only)

CCE-2398-6
The "Limit local account user of blank passwords to console logon only" policy should be set correctly.

CCE-3089-0
Auditing of "account logon" events on failure should be enabled or disabled as appropriate..

CCE-8095-2
The Autoplay policy "Don't set the always do this checkbox" should be configured correctly.

CCE-4916-3
Auditing of "Account Management: Other Account Management Events" events on success should be enabled or disabled as appropriate.

CCE-5070-8
The "Prevent users from sharing files within their profile" setting should be configured correctly.

CCE-4194-7
The "User Account Control: Virtualize file and registry write failures to per-user locations" setting should be configured correctly.

CCE-3054-4
Domain Profile: Protect all network connections (SP2 only)

CCE-3261-5
IP Source Routing should be properly configured.

CCE-4206-9
The log file path and name for the Windows Firewall should be configured correctly for the Private Profile.

CCE-4982-5
Auditing of "Object Access: SAM" events on failure should be enabled or disabled as appropriate.

CCE-2922-3
The "Turn off Windows Startup Sound" setting should be configured correctly.

CCE-3417-3
User notifications when a program is blocked from receiving inbound connections by Windows Firewall should be enabled or disabled as appropriate for the Private Profile.

CCE-7621-6
The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured properly.

CCE-2979-3
Hide mechanisms to remove zone information is set correcly.

CCE-3394-4
RPC Endpiont Mapper Client Authentication (SP2 only)

CCE-3283-9
The "Force logoff when logon hours expire" policy should be set correctly.

CCE-3328-2
The "Turn on Windows Meeting Space audting" setting should be configured correctly.

CCE-3437-1
Do not preserve zone information in file attachments is set correcly.

CCE-3953-7
The "Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders" policy should be set correctly.

CCE-3076-7
Auditing of "logon" events on success should be enabled or disabled as appropriate..

CCE-3500-6
The "Turn Off User Installed Windows Sidebar Gadgets" setting should be configured correctly.

CCE-3041-1
Auditing of "directory service access" events on success should be enabled or disabled as appropriate..

CCE-3272-2
The behavior surrounding Anonymous users' abiliity to display lists of SAM accounts should be correct.

CCE-4829-8
Auditing of "Object Access: Application Generated" events on failure should be enabled or disabled as appropriate.

CCE-2781-3
The "Don't Display the Getting Started Welcome Screen at Logon" setting should be configured correctly.

CCE-2924-9
Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Private Profile.

CCE-5004-7
The "User Account Control: Only elevate executables that are signed and validated" setting should be configured correctly.

CCE-3415-7
Access to registry editing tools is set correctly.

CCE-3196-3
The "when maximum log size is reached" property should be set correctly for the Security log.

CCE-2519-7
The amount of idle time required before disconnecting a session should be set correctly.

CCE-2376-2
The "Number of Previous Logons to Cache" policy should be set correctly.

CCE-4991-6
The "Set Safe for Scripting" policy should be set correctly.

CCE-3426-4
Public Profile - Apply Local Connection Security Rules

CCE-4938-7
Auditing of "Account Management: Application Group Management" events on success should be enabled or disabled as appropriate.

CCE-2650-0
Public Profile - Apply Local Firewall Rules

CCE-3243-3
Auditing of "object access" events on failure should be enabled or disabled as appropriate..

CCE-3387-8
Standard Profile: Allow Remote Desktop exception (SP2 only)

CCE-8501-9
The "Do Not Allow Windows Messenger to be Run" policy should be set correctly.

CCE-2839-9
The "restrict guest access to system log" policy should be set correctly.

CCE-3450-4
Audit: Force audit policy subcategory settings are set correcly.

CCE-8547-2
Administrative Shares should be enabled or disabled as appropriate.

CCE-3341-5
The "Report Logon Server Not Available During User logon" setting should be configured correctly.

CCE-3001-5
The "Shut Down system immediately if unable to log security audits" policy should be set correctly.

CCE-3232-6
The behavior surrounding Anonymous users' abiliity to display lists of SAM accounts and shares should be correct.

CCE-3330-8
The "Secure Channel: Digitally Encrypt or Sign Secure Channel Data (Always)" policy should be set correctly.

CCE-3376-1
The "Allow indexing of encrypted files" setting should be configured correctly.

CCE-3278-9
Turn off Windows Update device driver searching

CCE-3363-9
The "Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box" should be set correctly

CCE-5048-4
Auditing of "Account Management: Security Group Management" events on success should be enabled or disabled as appropriate.

CCE-4535-1
Auditing of "System: Security State Change" events on success should be enabled or disabled as appropriate.

CCE-4300-0
Auditing of "Privilege Use: Sensitive Privilege Use" events on success should be enabled or disabled as appropriate.

CCE-4213-5
The "Minimum session security for NTLM SSP based servers" policy should be set correctly.

CCE-3352-2
Standard Profile: Allow remote administration exception (SP2 only)

CCE-3398-5
The "Prohibit non-administrators from applying vendor signed updates" setting should be configured correctly.

CCE-3121-1
The "restrict guest access to application log" policy should be set correctly.

CCE-5264-7
The "Screen Saver Executable Name" setting should be configured correctly for the current user.

CCE-3023-9
The "Digitally Sign Server Communication (Always)" policy should be set correctly.

CCE-4115-2
Auditing of "Account Management: Distribution Group Management" events on success should be enabled or disabled as appropriate.

CCE-4290-3
The "Password protect the screen saver" setting should be configured correctly for the current user.

CCE-3287-0
Auditing of "account management" events on failure should be enabled or disabled as appropriate..

CCE-3385-2
The "Turn Off Windows Movie Maker Saving to Online Video Hosting Provider" setting should be configured correctly.

CCE-4479-2
Auditing of "Policy Change: Other Policy Change Events" events on success should be enabled or disabled as appropriate.

CCE-3178-1
The "Allow Corporate redirection of Customer Experience Improvement uploads" setting should be configured correctly.

CCE-4907-2
The "User Account Control: Run all administrators in Admin Approval Mode" setting should be configured correctly.

CCE-4851-2
The "Turn off Help Ratings" setting should be configured correctly.

CCE-4335-6
Auditing of "Object Access: Filtering Platform Packet Drop" events on failure should be enabled or disabled as appropriate.

CCE-3045-2
The "Prohibit Access of the Windows Connect Now Wizards" setting should be configured correctly.

CCE-5146-6
The ISATAP tunneling protocol for IPv6 should be enabled or disabled as appropriate.

CCE-3230-0
The "Users Prompted to Change Password Before Expiration" policy should be set correctly.

CCE-2785-4
TCP/IP NetBIOS Name Release on Request Prevented should be properly configured.

CCE-3143-5
The "Prevent indexing uncached Exchange folders" setting should be configured correctly.

CCE-2641-9
Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Public Profile.

CCE-3406-6
The "Turn Off Help and Support Center Microsoft Knowledge Base Search" setting should be configured correctly.

CCE-5011-2
Auditing of "Logon/Logoff: IPsec Extended Mode" events on success should be enabled or disabled as appropriate.

CCE-2719-3
Autoplay on all Drive Types should be properly configured.

CCE-3263-1
Public Profile - Inbound Connections

CCE-4204-4
Auditing of "Policy Change: MPSSVC Rule-Level Policy Change" events on failure should be enabled or disabled as appropriate.

CCE-2323-4
The "enforce password history" policy should meet minimum requirements.

CCE-2772-2
The "Interactive logon: Requre smart card" setting should be configured correctly.

CCE-3361-3
The "Disconnect clients when logon hours expire" policy should be set correctly.

CCE-4568-2
Auditing of "Object Access: Filtering Platform Connection" events on success should be enabled or disabled as appropriate.

CCE-5000-5
Auditing of "Detailed Tracking: DPAPI Activity" events on success should be enabled or disabled as appropriate.

CCE-2883-7
The "minimum password length" policy should meet minimum requirements.

CCE-3252-4
The "Digitally Sign Client Communication (Always)" policy should be set correctly.

CCE-3165-8
The system log maximum size should be configured correctly.

CCE-4995-7
Auditing of "Policy Change: Other Policy Change Events" events on failure should be enabled or disabled as appropriate.

CCE-3067-6
System availability to Master Browser should be properly configured.

CCE-3345-6
The "Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box" should be set correctly

CCE-3138-5
The "Do not store LAN Manager hash value on next password change" policy should be set correctly.

CCE-5043-5
The screen saver should be enabled or disabled as appropriate for the current user.

CCE-5089-8
Auditing of "DS Access: Directory Service Replication" events on success should be enabled or disabled as appropriate.

CCE-3093-2
The "Turn Off Registration if URL Connection is Referring to Microsoft.com" setting should be configured correctly.

CCE-2533-8
The log file path and name for the Windows Firewall should be configured correctly for the Domain Profile.

CCE-3454-6
The "Turn Off Automatic Root Certificates Update" setting should be configured correctly.

CCE-7716-4
The time in seconds before the screen saver grace period expires (ScreenSaverGracePeriod) setting should be configured correctly.

CCE-5163-1
Auditing of "Logon/Logoff: Other Logon/Logoff Events" events on success should be enabled or disabled as appropriate.

CCE-4869-4
Auditing of "Detailed Tracking: Process Termination" events on success should be enabled or disabled as appropriate.

CCE-8516-7
The Windows Firewall inbound program exceptions list should be set appropriately for the Domain Profile.

CCE-3334-0
Standard Profile: Allow local program exceptions (SP2 only)

CCE-4691-2
Auditing of "Object Access: Other Object Access Events" events on failure should be enabled or disabled as appropriate.

CCE-3432-2
The "Turn Off Internet Connection Wizard if URL Connection is Referring to Microsoft.com" setting should be configured correctly.

CCE-7629-9
The Windows Firewall "Define inbound program exceptions" policy should be enabled or disabled as appropriate for the Domain Profile.

CCE-5067-4
Auditing of "DS Access: Directory Service Changes" events on success should be enabled or disabled as appropriate.

CCE-4921-3
Auditing of "Object Access: File System" events on success should be enabled or disabled as appropriate.

CCE-3367-0
The "Sharing and security model for local accounts" policy should be set correctly.

CCE-4505-4
Auditing of "Logon/Logoff: IPsec Extended Mode" events on failure should be enabled or disabled as appropriate.

CCE-2653-4
Auditing of "policy change" events on failure should be enabled or disabled as appropriate..

CCE-4342-2
Auditing of "Logon/Logoff: Account Lockout" events on success should be enabled or disabled as appropriate.

CCE-3310-0
Require trusted path for credential entry

CCE-3125-2
The "Turn off shell protocol protected mode" setting should be configured correctly.

CCE-3356-3
Standard Profile: Allow local port exceptions (SP2 only)

CCE-3212-8
The "Secure Channel: Require Strong (Windows 2000 or later) Session Key" policy should be set correctly.

CCE-2457-0
The "Let Everyone permissions apply to anonymous users" policy should be set correctly.

CCE-2679-9
TCP/IP SYN Flood Attack Protection should be properly configured.

CCE-3452-0
Group Policy - Registry policy processing

CCE-3234-2
Auditing of "account management" events on success should be enabled or disabled as appropriate..

CCE-4998-1
Auditing of "System: Other System Events" events on success should be enabled or disabled as appropriate.

CCE-4965-0
Auditing of "Object Access: Handle Manipulation" events on failure should be enabled or disabled as appropriate.

CCE-2962-9
The "Turn off Heap termination on corruption" setting should be configured correctly.

CCE-8342-8
The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly.

CCE-3158-3
Domain Profile: Allow remote administration

CCE-3365-4
The "Windows Firewall: Prohibit notifications" setting should be configured correctly for the Domain Profile.

CCE-4200-2
Auditing of "Object Access: File Share" events on success should be enabled or disabled as appropriate.

CCE-2557-7
The "Turn off Windows Meeting Space" setting should be configured correctly.

CCE-4612-8
The "User Account Control: Detect application installations and prompt for elevation" setting should be configured correctly.

CCE-4658-1
Auditing of "DS Access: Detailed Directory Service Replication" events on failure should be enabled or disabled as appropriate.

CCE-2742-5
The "Allow only Vista or later connections" setting should be configured correctly.

CCE-3169-0
Prompt for password on resume from hibernate/suspend is set correctly.

CCE-4976-7
Auditing of "System: Ipsec Driver" events on success should be enabled or disabled as appropriate.

CCE-3349-8
The "Shares that can be accessed anonymously" policy should be set correctly.

CCE-5239-9
The "Turn off Help Experience Improvement Program" setting should be configured correctly.

CCE-3303-5
The "Audit the use of backup and restore privilege" policy should be set correctly.

CCE-4020-4
The "User Account Control: Only elevate UIAccess applications that are installed in secure locations" setting should be configured correctly.

CCE-4891-8
Auditing of "Detailed Tracking: RPC Events" events on success should be enabled or disabled as appropriate.

CCE-4947-8
Auditing of "Object Access: Filtering Platform Packet Drop" events on success should be enabled or disabled as appropriate.

CCE-3458-7
Domain Profile: Allow Remote Desktop exception (SP2 only)

CCE-4597-1
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Private Profile.

CCE-4405-7
The "Do Not Show First Use Dialog Boxes" setting for Windows Media Player should be configured correctly.

CCE-4077-4
The "Turn on Responder (RSPNDR) driver" setting should be configured correctly for the domain profile.

CCE-3160-9
Restrictions for Unauthenticated RPC clients (SP2 only)

CCE-3469-4
The "Require a Password when a Computer Wakes (Plugged)" setting should be configured correctly.

CCE-2755-7
The "Turn Off Downloading of Game Information" setting should be configured correctly.

CCE-3325-8
The "Prevent Users from Installing Printer Drivers" policy should be set correctly.

CCE-5170-6
Auditing of "System: Security System Extension" events on success should be enabled or disabled as appropriate.

CCE-2964-5
Domain Profile: Allow UPnP framework exception (SP2 only)

CCE-2820-9
Auditing of "account logon" events on success should be enabled or disabled as appropriate..

CCE-3436-3
Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Domain Profile.

CCE-4925-4
The "User Account Control: Switch to the secure desktop when prompting for elevation" setting should be configured correctly.

CCE-4493-3
Auditing of "Detailed Tracking: DPAPI Activity" events on failure should be enabled or disabled as appropriate.

CCE-3314-2
The "Message title for users attempting to log on" policy should be set correctly.

CCE-5181-3
Auditing of "Policy Change: MPSSVC Rule-Level Policy Change" events on success should be enabled or disabled as appropriate.

CCE-2975-1
The "Do not allow passwords to be saved" setting should be configured correctly for Terminal Services.

CCE-5052-6
The "Prevent Desktop Shortcut Creation" setting for Windows Media Player should be configured correctly.

CCE-2877-9
The "Turn Off Help and Support Center "Did You Know?" Content" setting should be configured correctly.

CCE-5128-4
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Public Profile.

CCE-4629-2
The "Enable User Control Over Installs" policy should be set correctly.

CCE-3456-1
The "Disable unpacking and installation of gadgets that are not digitally signed" setting should be configured correctly.

CCE-3347-2
Standard Profile: Do not allow exceptions (SP2 only)

CCE-4166-5
Auditing of "Detailed Tracking: Process Creation" events on success should be enabled or disabled as appropriate.

CCE-2953-8
Auditing of "system" events on success should be enabled or disabled as appropriate..

CCE-2999-1
Domain Profile - Inbound Connections

CCE-2724-3
Auditing of "object access" events on success should be enabled or disabled as appropriate..

CCE-3336-5
The "Message text for users attempting to log on" policy should be set correctly.

CCE-7952-5
The "Remove Security tab" setting should be configured correctly.

CCE-3421-5
Turn off printing over HTTP

CCE-4956-9
Auditing of "Logon/Logoff: Special Logon" events on success should be enabled or disabled as appropriate.

CCE-3225-0
The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly.

CCE-5172-2
Auditing of "Policy Change: Authorization Policy Change" events on success should be enabled or disabled as appropriate.

CCE-3369-6
Standard Profile: Allow file and printer sharing exception (SP2 only)

CCE-5061-7
The "Configuration of wireless settings using Windows Connect Now" setting should be configured correctly for Wireless Connect Now over Ethernet (UPnP).

CCE-3434-8
The "Turn off Active Help" setting should be configured correctly.

CCE-4969-2
The "Behavior of the elevation prompt for standard users" setting should be configured correctly.

CCE-4714-2
Auditing of "Object Access: Certification Services" events on success should be enabled or disabled as appropriate.

CCE-2868-8
The "Turn Off Handwriting Reconition Error Reporting" setting should be configured correctly.

CCE-3323-3
The "Allow Solicited Remote Assistance" policy should be set correctly for Terminal Services.

CCE-4507-0
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Public Profile.

CCE-2659-1
The "restrict guest access to security log" policy should be set correctly.

CCE-2977-7
Domain Profile - Apply Local Connection Security Rules

CCE-2746-6
Auditing of "policy change" events on success should be enabled or disabled as appropriate..

CCE-4011-3
The "Strengthen Default Permissions of Global System Objects" policy should be set correctly.

CCE-4616-9
Auditing of "Object Access: SAM" events on success should be enabled or disabled as appropriate.

CCE-2931-4
The "when maximum log size is reached" property should be set correctly for the System log.

CCE-3358-9
The "Configure Automatic Updates" should be set correctly

CCE-4703-5
Auditing of "Logon/Logoff: Logoff" events on success should be enabled or disabled as appropriate.

CCE-3082-5
The startup type of the NetMeeting Remote Desktop Sharing service should be correct.

CCE-3180-7
Domain Profile: Allow local port exceptions (SP2 only)

CCE-3214-4
The "Override the More Gadgets Link" setting should be configured correctly.

CCE-4107-9
The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly.

CCE-5114-4
Auditing of "Privilege Use: Non Sensitive Privilege Use" events on success should be enabled or disabled as appropriate.

CCE-3199-7
Safe DLL Search Mode should be properly configured.

CCE-3307-6
The "Disable CTRL+ALT+Delete Requirement for Logon" policy should be set correctly.

CCE-3360-5
Private Profile - Apply Local Firewall Rules

CCE-4205-1
Auditing of "Privilege Use: Privilege Use: Other Privilege Use Events" events on failure should be enabled or disabled as appropriate.

CCE-4774-6
The "Use FIPS compliant algorithms for encryption, hashing, and signing" policy should be set correctly.

CCE-2462-0
The "No auto-restart for scheduled Automatic Updates installations

CCE-3209-4
The "Turn off Windows Defender" setting should be configured correctly.

CCE-4928-8
Auditing of "Logon/Logoff: IPsec Quick Mode" events on failure should be enabled or disabled as appropriate.

CCE-3251-6
The "Smart Card Removal Behavior" policy should be set correctly.

CCE-4992-4
Internet Explorer Processes (Zone Elevation Protection)

CCE-4808-2
Auditing of "DS Access: Directory Service Changes" events on failure should be enabled or disabled as appropriate.

CCE-3395-1
Private Profile - Inbound Connections

CCE-3164-1
The "Digitally Sign Server Communication (When Possible)" policy should be set correctly.

CCE-4939-5
Auditing of "Policy Change: Filtering Platform Policy Change" events on failure should be enabled or disabled as appropriate.

CCE-3297-9
The "Turn Off Windows Movie Maker Online Web Links" setting should be configured correctly.

CCE-3329-0
Standard Profile: Protect all network connections (SP2 only)

CCE-4086-5
The setup log maximum size should be configured correctly.

CCE-5018-7
Auditing of "Logon/Logoff: Logon" events on success should be enabled or disabled as appropriate.

CCE-5101-1
IP Source Routing should be properly configured for IPv6.

CCE-2858-9
The "Restrict CD-ROM Access to Locally Logged-On User Only" policy should be set correctly.

CCE-4883-5
Auditing of "System: Other System Events" events on failure should be enabled or disabled as appropriate.

CCE-3405-8
Domain Profile: Allow local program exceptions

CCE-3371-2
The "DCOM: Machine access Restrictions in Security Descriptor Definition Language (SDDL) syntax" setting should be configured correctly.

CCE-4271-3
The "MSS: (TCPMaxDataRetransmissions) IPv6, how many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting should be configured correctly.

CCE-3260-7
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Domain Profile.

CCE-3305-0
Outlook Express attachment blocking is set correctly.

CCE-3414-0
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Domain Profile.

CCE-4207-7
The log file size limit for the Windows Firewall should be configured correctly for the Private Profile.

CCE-2825-8
The "Remotely accessible registry paths" policy should be set correctly.

CCE-5038-5
Auditing of "Logon/Logoff: IPsec Quick Mode" events on success should be enabled or disabled as appropriate.

CCE-4990-8
Auditing of "Privilege Use: Non Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate.

CCE-4761-3
Computer-wide, rather than per-user, use of Microsoft Spynet Reporting for Windows Defender should be enabled or disabled as appropriate.

CCE-3327-4
Deny all add-ons unless specifically allowed in the Add-on List

CCE-4140-0
Auditing of "Account Management: Distribution Group Management" events on failure should be enabled or disabled as appropriate.

CCE-3173-2
Display Last User Name in Logon Screen should be properly configured.

CCE-4904-9
Kerberos and RSVP Traffic Protected by IPSec should be properly configured.

CCE-3380-3
The "Named Pipes that can be accessed anonymously" policy should be set correctly.

CCE-3075-9
The "Maximum machine account password age" policy should be set correctly.

CCE-3271-4
The "Turn on session logging" setting should be configured correctly.

CCE-4828-0
Auditing of "Object Access: Handle Manipulation" events on success should be enabled or disabled as appropriate.

CCE-4650-8
Auditing of "Logon/Logoff: IPsec Main Mode" events on failure should be enabled or disabled as appropriate.

CCE-3316-7
The startup type of the Messenger service should be correct.

CCE-3403-3
The "Turn Off Windows Movies Maker Automatic Codec Downloads" setting should be configured correctly.

CCE-4915-5
The "Disable Logging" setting should be configured correctly.

CCE-5016-1
Auditing of "Logon/Logoff: IPsec Main Mode" events on success should be enabled or disabled as appropriate.

CCE-3086-6
Logon - Do not process the run once list

CCE-3266-4
The "DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax" security option should be set correctly.

CCE-3220-1
The "Require Domain Controller authentication to unlock workstation" policy should be set correctly.

CCE-3364-7
Turn off Internet download for Web publishing and online ordering wizards

CCE-2322-6
Auditing of "privilege use" events on success should be enabled or disabled as appropriate..

CCE-4201-0
Auditing of "Policy Change: Audit Policy Change" events on success should be enabled or disabled as appropriate.

CCE-5047-6
Auditing of "System: System Integrity" events on success should be enabled or disabled as appropriate.

CCE-2477-8
The "Turn off the 'Publish to Web' task for files and folders" setting should be configured correctly.

CCE-4016-2
The "Behavior of the elevation prompt for administrators in Admin Approval Mode" setting should be configured correctly.

CCE-3168-2
The "Restrict Floppy Access to Locally Logged-On User Only" policy should be set correctly.

CCE-4996-5
Auditing of "Object Access: Kernel Object" events on success should be enabled or disabled as appropriate.

CCE-3255-7
The "Prevent System Maintenance of Computer Account Password" policy should be set correctly.

CCE-2838-1
The "Send Unencrypted Password to Connect to Third-Party SMB Servers" policy should be set correctly.

CCE-3024-7
Auditing of "process tracking" events on success should be enabled or disabled as appropriate..

CCE-4898-3
The "Disable Media Player for automatic updates" policy should be set correctly.

CCE-5132-6
Auditing of "Object Access: Other Object Access Events" events on success should be enabled or disabled as appropriate.

CCE-4963-5
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Private Profile.

CCE-4501-3
The "Do not allow drive redirection" setting should be configured correctly for Terminal Services.

CCE-3954-5
The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly.

CCE-8404-6
The default behavior for AutoRun should be properly configured.

CCE-3288-8
The "Prevent IIS Installation" setting should be configured correctly.

CCE-2914-0
The "Turn off Windows Calendar" setting should be configured correctly.

CCE-4093-1
Auditing of "Account Management: Computer Account Management" events on success should be enabled or disabled as appropriate.

CCE-3046-0
The "Turn off Untrusted Content" setting should be configured correctly.

CCE-4467-7
The "User Account Control: Allow UIAccess applications to prompt for elevation" setting should be configured correctly.

CCE-3409-0
The "Windows Firewall: Prohibit notifications" setting should be configured correctly for the Standard Profile.

CCE-3462-9
Standard Profile: Define port exceptions (SP2 only)

CCE-4841-3
The "Require Case Insensitivity for Non-Windows Sybsystems" policy should be set correctly.

CCE-2927-2
Auditing of "process tracking" events on failure should be enabled or disabled as appropriate..

CCE-3309-2
Auditing of "directory service access" events on failure should be enabled or disabled as appropriate..

CCE-3362-1
The "Turn Off Access to All Windows Update Feature" setting should be configured correctly.

CCE-3299-5
The log file size limit for the Windows Firewall should be configured correctly for the Domain Profile.

CCE-3482-7
The "Do not allow Digital Locker to run" setting should be configured correctly.

CCE-3166-6
Private Profile - Outbound Connections

CCE-3351-4
Public Profile - Outbound Connections

CCE-5034-4
The "Disable Windows Error Reporting" setting should be configured correctly.

CCE-3120-3
TCP/IP Dead Gateway Detection should be properly configured.

CCE-3429-8
The "Always Prompt Client for Password upon Connection" policy should be set correctly for Terminal Services.

CCE-3240-9
The "minimum password age" policy should meet minimum requirements.

CCE-2905-8
The "when maximum log size is reached" property should be set correctly for the Application log.

CCE-8250-3
Automatic Reboot After System Crash should be enabled or disabled as appropriate.

CCE-3177-3
The "account lockout threshold" policy should meet minimum requirements.

CCE-5023-7
Auditing of "DS Access: Detailed Directory Service Replication" events on success should be enabled or disabled as appropriate.

CCE-3033-8
The "password must meet complexity requirments" policy should be set correctly.

CCE-2697-1
The "Turn Off Internet File Association Service" setting should be configured correctly.

CCE-3460-3
MSS:(TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted

CCE-3407-4
The "Turn on bandwidth optimization" setting should be configured correctly.

CCE-3142-7
The TCP/IP KeepAlive Time should be set correctly .

CCE-5058-3
Auditing of "Policy Change: Authorization Policy Change" events on failure should be enabled or disabled as appropriate.

CCE-3373-8
Private Profile- Firewall State

CCE-5145-8
Auditing of "Object Access: File Share" events on failure should be enabled or disabled as appropriate.

CCE-4885-0
Auditing of "Object Access: Kernel Object" events on failure should be enabled or disabled as appropriate.

CCE-4919-7
The "Display Error Notification" setting should be configured correctly.

CCE-3431-4
Domain Profile: Allow file and printer sharing exception (SP2 only)

CCE-3115-3
The "Turn Off the 'Order Prints' Picture Task" setting should be configured correctly.

CCE-4857-9
Auditing of "Logon/Logoff: Account Lockout" events on failure should be enabled or disabled as appropriate.

CCE-5020-3
The "Prohibit use of Internet Connection Firewall on your DNS domain network" setting should be configured correctly.

CCE-5066-6
Auditing of "Logon/Logoff: Other Logon/Logoff Events" events on failure should be enabled or disabled as appropriate.

CCE-3477-7
The "Turn off downloading of enclosures" setting should be configured correctly.

CCE-4759-7
Auditing of "Detailed Tracking: RPC Events" events on failure should be enabled or disabled as appropriate.

CCE-3311-8
The "store password using reversible encryption for all users in the domain" policy should be set correctly.

CCE-4931-2
Auditing of "DS Access: Directory Service Access" events on failure should be enabled or disabled as appropriate.

CCE-2970-2
Auditing of "logon" events on failure should be enabled or disabled as appropriate..

CCE-3259-9
Turn off the Windows Messenger Customer Experience Improvement Program

CCE-2521-3
The "Turn off the communitication features" setting should be configured correctly.

CCE-4278-8
The log file size limit for the Windows Firewall should be configured correctly for the Public Profile.

CCE-3246-6
Public Profile- Firewall State

CCE-4833-0
Auditing of "Account Management: User Account Management" events on success should be enabled or disabled as appropriate.

CCE-4868-6
Auditing of "Object Access: Certification Services" events on failure should be enabled or disabled as appropriate.

CCE-3379-5
The "Do not allow storage of credentials or .NET Passports" policy should be set correctly.

CCE-4267-1
The "Set time limit for idle sessions" policy should be set correctly for Terminal Services.

CCE-5079-9
Auditing of "Object Access: Filtering Platform Connection" events on failure should be enabled or disabled as appropriate.

CCE-4955-1
The "User Account Control: Admin Approval Mode for the Built-in Administrator account" setting should be configured correctly.

CCE-3102-1
The "Log Access For Setup Log" setting should be configured correctly.

CCE-3969-3
The "Clear Virtual Memory Pagefile at shutdown" policy should be set correctly.

CCE-5177-1
Auditing of "Policy Change: Filtering Platform Policy Change" events on success should be enabled or disabled as appropriate.

CCE-3268-0
Standard Profile: Allow UPnP framework exception (SP2 only)

CCE-3320-9
Logon - Do not process the legacy run list

CCE-5131-8
Auditing of "Privilege Use: Other Privilege Use Events" events on success should be enabled or disabled as appropriate.

CCE-8387-3
The "Unsigned Driver Installation Behavior" policy should be set correctly.

CCE-2754-0
Turn off downloading of print drivers over HTTP

CCE-3222-7
Auditing of "system" events on failure should be enabled or disabled as appropriate..

CCE-3015-5
The application log maximum size should be configured correctly..

CCE-3257-3
Auditing of "privilege use" events on failure should be enabled or disabled as appropriate..

CCE-3440-5
Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Standard Profile.

CCE-4700-1
Auditing of "Account Management: Application Group Management" events on failure should be enabled or disabled as appropriate.

CCE-3949-5
TCP/IP PMTU Discovery should be properly configured.

CCE-3486-8
The "Prevent Windows Media DRM Internet Access" setting should be configured correctly.

CCE-3244-1
The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate.

CCE-4877-7
Auditing of "Policy Change: Authentication Policy Change" events on success should be enabled or disabled as appropriate.

CCE-3388-6
The startup type of the Windows Search service should be configured correctly.

CCE-2380-4
The "Digitally Sign Client Communication (When Possible)" policy should be set correctly.

CCE-2887-8
The "Customization Warning Messages" setting should be configured correctly.

CCE-3233-4
The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly.

CCE-3464-5
The "Do not create system restore point when new device driver installed" setting should be configured correctly.

CCE-3331-6
The "Allow remote access to the PnP interface" setting should be configured correctly.

CCE-4866-0
The "Set Client connection Encryption Level" policy should be set correctly for Terminal Services.

CCE-2852-2
The "Reschedule Automatic Updates scheduled installations" should be set correctly

CCE-3279-7
IRDP should be properly configured.

CCE-3326-6
The "Allow undock without having to logon" policy should be set correctly.

CCE-8389-9
Disable saving of dial-up passwords should be properly configured.

CCE-4089-9
The "Do not send additional data" setting should be configured correctly.

CCE-3270-6
The startup type of Microsoft Peer-to-Peer Networking Services should be configured correctly.

CCE-4152-5
Installation and Configuration of Network Bridge on the DNS Domain Network should be properly configured.

CCE-3217-7
The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.

CCE-3302-7
The security log maximum size should be configured correctly..

CCE-2778-9
Turn off Search Companion content file updates

CCE-3050-2
The "Screen Saver Timeout" setting should be configured correctly for the current user.

CCE-2525-4
The "Turn off Windows Mail application" setting should be configured correctly.

CCE-3348-0
The "Turn Off Event Views 'Events.asp' Links" setting should be configured correctly.

CCE-3459-5
MSS:(TCPMaxConnectResponseRetransmission) SYN-ACK retansmissions when a connection request is not acknowledged

CCE-4781-1
The "Remotely accessible registry paths and subpaths" policy should be set correctly.

CCE-3292-0
The "Network access: Restrict anonymous access to named pipes and shares" setting should be configured correctly.

CCE-2998-3
User notifications when a program is blocked from receiving inbound connections by Windows Firewall should be enabled or disabled as appropriate for the Public Profile.

CCE-4078-2
The startup type of the Internet Connection Sharing service should be correct.

CCE-2854-8
Private Profile - Apply Local Connection Security Rules

CCE-4694-6
The "Enable Error Reporting" policy should be set correctly.

CCE-4176-4
Auditing of "DS Access: Directory Service Replication" events on failure should be enabled or disabled as appropriate.

CCE-8608-2
CD Burning features in Windows Explorer should be enabled or disabled as appropriate.

CCE-3239-1
ICMP Redirects should be properly configured.

CCE-4813-2
Use Classic Logon should be properly configured.

CCE-4922-1
The "LAN Manager Authentication Level" policy should be set correctly.

CCE-3072-6
Automatic Logon should be properly configured.

CCE-5007-0
The "Set time limit for disconnected sessions" policy should be set correctly for Terminal Services.

CCE-7624-0
The "System cryptography: Force strong key protection for user keys stored on the computer" policy should be enabled or disabled as appropriate.

CCE-2821-7
The "Require a Password when a Computer Wakes (On Battery)" setting should be configured correctly.

CCE-3181-5
Security Audit log warning level should be properly configured.

CCE-2471-1
Enumerate administrator accounts on elevation

CCE-5084-9
Auditing of "Object Access: Application Generated" events on success should be enabled or disabled as appropriate.

CCE-3411-6
The "Display user information when the session is locked" setting should be configured correctly.

CCE-3248-2
Use of the built-in Guest account should be enabled or disabled as appropriate.

CCE-3300-1
Notify antivirus programs when opening attachments is set correcly.

CCE-3202-9
Domain Profile: Define port exceptions (SP2 only)

CCE-3457-9
Domain Profile - Apply Local Firewall Rules

CCE-4363-8
Auditing of "Detailed Tracking: Process Termination" events on failure should be enabled or disabled as appropriate.

CCE-4594-8
Auditing of "Object Access: Registry" events on success should be enabled or disabled as appropriate.

CCE-4639-1
The log file path and name for the Windows Firewall should be configured correctly for the Public Profile.

CCE-3468-6
The "Do not send a Windows Error Report when a generic driver is installed on a device" setting should be configured correctly.

CCE-2359-8
The built-in Guest account should be correctly named.

CCE-2714-4
The built-in Administrator account should be correctly named.

CCE-4867-8
The "deny logon as a service" user right should be assigned to the correct accounts.

CCE-5008-8
The "Change the time zone" user right should be assigned to the appropriate accounts.

CCE-4046-9
The "manage auditing and security log" user right should be assigned to the correct accounts.

CCE-4071-7
The "perform volume maintenance tasks" user right should be assigned to the correct accounts.

CCE-4792-8
The "Create global objects" user right should be assigned to the correct accounts.

CCE-4948-6
The "restore files and directories" user right should be assigned to the correct accounts.

CCE-4294-5
The "Create Symbolic Links" user right should be assigned to the appropriate accounts.

CCE-4651-6
The "Increase a Process Working Set" setting should be configured correctly.

CCE-4317-4
The "lock pages in memory" user right should be assigned to the correct accounts.

CCE-4962-7
The "profile single process" user right should be assigned to the correct accounts.

CCE-4973-4
The "bypass traverse checking" user right should be assigned to the correct accounts.

CCE-4048-5
The "modify firmware environment values" user right should be assigned to the correct accounts.

CCE-4854-6
The "adjust memory quotas for a process" user right should be assigned to the correct accounts.

CCE-4827-2
The "back up files and directories" user right should be assigned to the correct accounts.

CCE-4618-5
The "profile system performance" user right should be assigned to the correct accounts.

CCE-4264-8
The "allow logon through Terminal Services" user right should be assigned to the correct accounts.

CCE-4872-8
The "log on locally" user right should be assigned to the correct accounts.

CCE-4861-1
The "remove computer from docking station" user right should be assigned to the correct accounts.

CCE-4687-0
The "debug programs" user right should be assigned to the correct accounts.

CCE-4184-8
The "create permanent shared objects" user right should be assigned to the correct accounts.

CCE-4088-1
The "act as part of the operating system" user right should be assigned to the correct accounts.

CCE-4382-8
The "Impersonate a client after authentication" user right should be assigned to the correct accounts.

CCE-4569-0
The "shut down the system" user right should be assigned to the correct accounts.

CCE-4863-7
The "change the system time" user right should be assigned to the correct accounts.

CCE-8034-1
The "enable computer and user accounts to be trusted for delegation" user right should be assigned to the correct accounts.

CCE-4757-1
The "create a pagefile" user right should be assigned to the correct accounts.

CCE-4988-2
The "take ownership of files or other objects" user right should be assigned to the correct accounts.

CCE-4038-6
The "log on as a service" user right should be assigned to the correct accounts.

CCE-4722-5
The "deny logon as a batch job" user right should be assigned to the correct accounts.

CCE-7615-8
The "add workstations to domain" user right should be assigned to the correct accounts.

CCE-4285-3
The "Modify an object label" user right should be assigned to the appropriate accounts.

CCE-4902-3
The "Create a token object" user right should be assigned to the correct accounts.

CCE-4704-3
The "deny access to this computer from the network" user right should be assigned to the correct accounts.

CCE-4673-0
The "force shutdown from a remote system" user right should be assigned to the correct accounts.

CCE-4083-2
The "log on as a batch job" user right should be assigned to the correct accounts.

CCE-4889-2
The "deny logon locally" user right should be assigned to the correct accounts.

CCE-4488-3
The "generate security audits" user right should be assigned to the correct accounts.

CCE-4796-9
The "increase scheduling priority" user right should be assigned to the correct accounts.

CCE-4970-0
The "synchronize directory service data" user right should be assigned to the correct accounts.

CCE-4334-9
The "access this computer from the network" user right should be assigned to the correct accounts.

CCE-4656-5
The "deny logon through Terminal Services" user right should be assigned to the correct accounts.

CCE-4372-9
The "replace a process-level token" user right should be assigned to the correct accounts.

CCE-4034-5
The "load and unload device drivers" user right should be assigned to the correct accounts.

CCE-2967-8
The "maximum password age" policy should meet minimum requirements.

CCE-2363-0
The "account lockout duration" policy should meet minimum requirements.

CCE-2715-1
The "reset account lockout counter after" policy should meet minimum requirements.

CCE-4940-3
The "LDAP client signing requirements" policy should be set correctly.

CCE-4583-1
The "Minimum session security for NTLM SSP based clients" policy should be set correctly.

CPE    1
cpe:/o:microsoft:windows_vista
*XCCDF
xccdf_org.secpod_benchmark_nist_windows_vista
OVAL    397
oval:gov.nist.usgcb.vista:def:6106
oval:org.secpod.oval:def:14386
oval:gov.nist.usgcb.vista:def:6033
oval:org.secpod.oval:def:14486
...

© 2013 SecPod Technologies