[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:19295
The 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' machine setting should be configured correctly.

oval:org.secpod.oval:def:18798
The 'Allow Basic authentication' machine setting should be configured correctly for the WinRM client.

oval:org.secpod.oval:def:19456
The 'Allow users to connect remotely using Remote Desktop Services' machine setting should be configured correctly.

oval:org.secpod.oval:def:19452
The 'Allow Remote Shell Access' machine setting should be configured correctly.

oval:org.secpod.oval:def:19600
The 'Always install with elevated privileges' machine setting should be configured correctly.

oval:org.secpod.oval:def:8866
Always prompt client for password upon connection

oval:org.secpod.oval:def:8861
The "Allow remote access to the Plug and Play interface" machine setting should be configured correctly.

oval:org.secpod.oval:def:19085
The 'Allow Basic authentication' machine setting should be configured correctly for the WinRM service.

oval:org.secpod.oval:def:19183
The 'Allow unencrypted traffic' machine setting should be configured correctly for the WinRM service.

oval:org.secpod.oval:def:19492
The 'Allow unencrypted traffic' machine setting should be configured correctly for the WinRM client.

oval:org.secpod.oval:def:19210
The 'Configure minimum PIN length for startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:18771
The 'Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box' machine setting should be configured correctly.

oval:org.secpod.oval:def:19569
The 'Do not allow local administrators to customize permissions' machine setting should be configured correctly.

oval:org.secpod.oval:def:19214
The 'Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box' machine setting should be configured correctly.

oval:org.secpod.oval:def:8907
Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop Client

oval:org.secpod.oval:def:8897
Terminal Services / Remote Desktop Services - Local drives prevented from sharing with Terminal Servers.

oval:org.secpod.oval:def:8877
Default behavior for AutoRun

oval:org.secpod.oval:def:19586
The 'Disallow Digest authentication' machine setting should be configured correctly.

oval:org.secpod.oval:def:19508
The 'Do not process the run once list' machine setting should be configured correctly.

oval:org.secpod.oval:def:8878
Enumerate administrator accounts on elevation

oval:org.secpod.oval:def:8844
The "Maximum Log Size (KB)" machine setting should be configured correctly for the secirity log.

oval:org.secpod.oval:def:8855
The "Maximum Log Size (KB)" machine setting should be configured correctly for the application log.

oval:org.secpod.oval:def:8858
The "Maximum Log Size (KB)" machine setting should be configured correctly for the system log.

oval:org.secpod.oval:def:8898
This definition tests the the maximum allowed size of the setup log is at least as big as the supplied value.

oval:org.secpod.oval:def:8892
The system is configured to allow unsolicited remote assistance offers.

oval:org.secpod.oval:def:19288
The 'No auto-restart with logged on users for scheduled automatic updates installations' machine setting should be configured correctly.

oval:org.secpod.oval:def:18778
The 'Require user authentication for remote connections by using Network Level Authentication' machine setting should be configured correctly.

oval:org.secpod.oval:def:18773
The 'Retain old events' machine setting should be configured correctly for the setup log.

oval:org.secpod.oval:def:19441
The 'Server Authentication Certificate Template' machine setting should be configured correctly.

oval:org.secpod.oval:def:8806
The "Restrictions for Unauthenticated RPC clients" machine setting should be configured correctly.

oval:org.secpod.oval:def:8915
The "Require a Password When a Computer Wakes (On Battery)" machine setting should be configured correctly.

oval:org.secpod.oval:def:18960
The 'Retain old events' machine setting should be configured correctly for the application log.

oval:org.secpod.oval:def:8766
RPC Endpoint Mapper Client Authentication

oval:org.secpod.oval:def:8763
The "Prevent the computer from joining a homegroup" machine setting should be configured correctly.

oval:org.secpod.oval:def:8894
Require a Password when a Computer Wakes (Plugged in)

oval:org.secpod.oval:def:8895
Set client connection encryption level

oval:org.secpod.oval:def:18853
The 'Retain old events' machine setting should be configured correctly for the security log.

oval:org.secpod.oval:def:8875
Allowing unsecure RPC communication exposes the server to man in the middle attacks and data disclosure attacks. A man in the middle attack occurs when an intruder captures packets between a client and server and modifies them before allowing the packets to be exchanged. Usually the attacker will mo ...

oval:org.secpod.oval:def:19186
The 'Require use of specific security layer for remote (RDP) connections' machine setting should be configured correctly.

oval:org.secpod.oval:def:19478
The 'Reschedule Automatic Updates scheduled installations' machine setting should be configured correctly.

oval:org.secpod.oval:def:19034
The 'Retain old events' machine setting should be configured correctly for the system log.

oval:org.secpod.oval:def:8850
The "Set time limit for disconnected sessions" machine setting should be configured correctly.

oval:org.secpod.oval:def:19205
The 'Set time limit for active Remote Desktop Services sessions' machine setting should be configured correctly.

oval:org.secpod.oval:def:8880
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:org.secpod.oval:def:8899
Solicited Remote Assistance

oval:org.secpod.oval:def:8809
The "Turn off Search Companion content file updates" machine setting should be configured correctly.

oval:org.secpod.oval:def:8908
Customer Experience Improvement Program

oval:org.secpod.oval:def:8885
Turn off the "Publish to Web" task for files and folders

oval:org.secpod.oval:def:8736
The 'Audit: Audit the access of global system objects' setting should be configured correctly.

oval:org.secpod.oval:def:8716
The 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' setting should be configured correctly.

oval:org.secpod.oval:def:8926
The 'Accounts: Limit local account use of blank passwords to console logon only' setting should be configured correctly.

oval:org.secpod.oval:def:8927
The 'Devices: Prevent users from installing printer drivers' setting should be configured correctly.

oval:org.secpod.oval:def:18757
Auditing of 'Audit directory service access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18883
The 'Audit: Shut down system immediately if unable to log security audits' setting should be configured correctly.

oval:org.secpod.oval:def:8755
The 'Devices: Allowed to format and eject removable media' setting should be configured correctly.

oval:org.secpod.oval:def:8723
The 'Network access: Do not allow storage of passwords and credentials for network authentication' setting should be configured correctly.

oval:org.secpod.oval:def:8724
The 'Network access: Let Everyone permissions apply to anonymous users' setting should be configured correctly.

oval:org.secpod.oval:def:8727
The 'Microsoft network server: Amount of idle time required before suspending session' setting should be configured correctly.

oval:org.secpod.oval:def:8729
The 'Recovery console: Allow automatic administrative logon' setting should be configured correctly.

oval:org.secpod.oval:def:8731
The 'Shutdown: Allow system to be shut down without having to log on' setting should be configured correctly.

oval:org.secpod.oval:def:8737
The 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' setting should be configured correctly.

oval:org.secpod.oval:def:8739
The 'Domain member: Require strong (Windows 2000 or later) session key' setting should be configured correctly.

oval:org.secpod.oval:def:8822
The 'Network access: Restrict anonymous access to Named Pipes and Shares' setting should be configured correctly.

oval:org.secpod.oval:def:19627
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8823
The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:18895
The 'Devices: Restrict CD-ROM access to locally logged-on user only' setting should be configured correctly.

oval:org.secpod.oval:def:19624
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8820
The 'Interactive logon: Prompt user to change password before expiration' setting should be configured correctly.

oval:org.secpod.oval:def:8829
The 'Microsoft network client: Digitally sign communications (always)' setting should be configured correctly.

oval:org.secpod.oval:def:8711
The 'Network access: Do not allow anonymous enumeration of SAM accounts' setting should be configured correctly.

oval:org.secpod.oval:def:8833
The 'Microsoft network server: Digitally sign communications (if client agrees)' setting should be configured correctly.

oval:org.secpod.oval:def:8835
The 'Microsoft network server: Disconnect clients when logon hours expire' setting should be configured correctly.

oval:org.secpod.oval:def:8830
The 'Microsoft network client: Digitally sign communications (if server agrees)' setting should be configured correctly.

oval:org.secpod.oval:def:8710
The 'MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic.' setting should be configured correctly.

oval:org.secpod.oval:def:8836
The 'Network security: LAN Manager authentication level' setting should be configured correctly.

oval:org.secpod.oval:def:8838
The 'Microsoft network server: Digitally sign communications (always)' setting should be configured correctly.

oval:org.secpod.oval:def:8804
The 'Domain member: Digitally encrypt or sign secure channel data (always)' setting should be configured correctly.

oval:org.secpod.oval:def:8812
The 'Domain member: Maximum machine account password age' setting should be configured correctly.

oval:org.secpod.oval:def:8819
The 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' setting should be configured correctly.

oval:org.secpod.oval:def:7706
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:org.secpod.oval:def:8788
The 'Interactive logon: Do not require CTRL+ALT+DEL' setting should be configured correctly.

oval:org.secpod.oval:def:8785
The 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:18928
The 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' setting should be configured correctly.

oval:org.secpod.oval:def:18940
The 'Domain member: Digitally encrypt secure channel data (when possible)' setting should be configured correctly.

oval:org.secpod.oval:def:8795
The 'Microsoft network client: Send unencrypted password to third-party SMB servers' setting should be configured correctly.

oval:org.secpod.oval:def:8797
The 'Network Security: Configure encryption types allowed for Kerberos' setting should be configured correctly.

oval:org.secpod.oval:def:8792
The 'Network access: Sharing and security model for local accounts' setting should be configured correctly.

oval:org.secpod.oval:def:8793
The 'Network security: Do not store LAN Manager hash value on next password change' setting should be configured correctly.

oval:org.secpod.oval:def:8790
The 'Network security: Allow Local System to use computer identity for NTLM' setting should be configured correctly.

oval:org.secpod.oval:def:8769
The 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' setting should be configured correctly.

oval:org.secpod.oval:def:8760
The 'Interactive logon: Message text for users attempting to log on' setting should be configured correctly.

oval:org.secpod.oval:def:8777
The 'Domain member: Disable machine account password changes' setting should be configured correctly.

oval:org.secpod.oval:def:18886
The 'MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)' setting should be configured correctly.

oval:org.secpod.oval:def:18764
The 'Network Security: Restrict NTLM: NTLM authentication in this domain' setting should be configured correctly.

oval:org.secpod.oval:def:8779
The 'Interactive logon: Do not display last user name' setting should be configured correctly.

oval:org.secpod.oval:def:8774
The 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' setting should be configured correctly.

oval:org.secpod.oval:def:8744
The 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' setting should be configured correctly.

oval:org.secpod.oval:def:18733
The 'Domain member: Digitally sign secure channel data (when possible)' setting should be configured correctly.

oval:org.secpod.oval:def:8747
The 'Interactive logon: Smart card removal behavior' setting should be configured correctly.

oval:org.secpod.oval:def:18735
The 'Network Security: Restrict NTLM: Add server exceptions in this domain' setting should be configured correctly.

oval:org.secpod.oval:def:8748
The 'Network security: Force logoff when logon hours expire' setting should be configured correctly.

oval:org.secpod.oval:def:18848
The 'Network Security: Restrict NTLM: Add remote server exceptions for NTLM authentication' setting should be configured correctly.

oval:org.secpod.oval:def:8756
Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders

oval:org.secpod.oval:def:8757
The 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' setting should be configured correctly.

oval:org.secpod.oval:def:8751
The 'Network security: LDAP client signing requirements' setting should be configured correctly.

oval:org.secpod.oval:def:18747
The 'Interactive logon: Display user information when the session is locked.' setting should be configured correctly.

oval:org.secpod.oval:def:18739
The 'Network Security: Restrict NTLM: Incoming NTLM traffic' setting should be configured correctly.

oval:org.secpod.oval:def:18796
Auditing of 'Account Logon: Other Account Logon Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8841
The 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' setting should be configured correctly.

oval:org.secpod.oval:def:8842
The 'User Account Control: Admin Approval Mode for the Built-in Administrator account' setting should be configured correctly.

oval:org.secpod.oval:def:8738
The 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' setting should be configured correctly.

oval:org.secpod.oval:def:18890
Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18770
Auditing of 'Object Access: Filtering Platform Connection' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18788
Auditing of 'Object Access: Detailed File Share' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8715
Switch to the secure desktop when prompting for elevation

oval:org.secpod.oval:def:8803
The 'User Account Control: Virtualize file and registry write failures to per-user locations' setting should be configured correctly.

oval:org.secpod.oval:def:8818
The 'User Account Control: Only elevate executables that are signed and validated' setting should be configured correctly.

oval:org.secpod.oval:def:18953
Auditing of 'Object Access: Handle Manipulation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18962
The 'Windows Firewall: Private: Apply local connection security rules' setting should be configured correctly.

oval:org.secpod.oval:def:18846
Display of a notification to the user when Windows Firewall blocks network activity should be enabled or disabled as appropriate for the private profile.

oval:org.secpod.oval:def:18935
Auditing of 'Logon-Logoff: Other Logon Logoff Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18813
Auditing of 'Detailed Tracking: Process Creation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8787
The 'User Account Control: Behavior of the elevation prompt for standard users' setting should be configured correctly.

oval:org.secpod.oval:def:8780
The 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' setting should be configured correctly.

oval:org.secpod.oval:def:18927
Windows Firewall should allow or block inbound connections by default as appropriate for the Private Profile.

oval:org.secpod.oval:def:18806
The Windows Firewall should be enabled or disabled as appropriate for the Domain Profile.

oval:org.secpod.oval:def:8782
The 'User Account Control: Detect application installations and prompt for elevation' setting should be configured correctly.

oval:org.secpod.oval:def:18809
Auditing of 'Object Access: SAM' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18929
Auditing of 'Account Management: Computer Account Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18997
Windows Firewall should allow or block inbound connections by default as appropriate for the Domain Profile.

oval:org.secpod.oval:def:18755
Auditing of 'Account Management: User Account Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18754
Auditing of 'Account Management: Distribution Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18752
Auditing of 'Account Logon: Kerberos Service Ticket Operations' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8762
The 'User Account Control: Run all administrators in Admin Approval Mode' setting should be configured correctly.

oval:org.secpod.oval:def:18756
Auditing of 'DS Access: Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18751
Auditing of 'Account Logon: Credential Validation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18749
The 'Windows Firewall: Public: Apply local firewall rules' setting should be configured correctly.

oval:org.secpod.oval:def:18885
Auditing of 'Account Management: Application Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18763
Auditing of 'Object Access: Registry' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18769
Auditing of 'Object Access: File System' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18882
Auditing of 'Account Management: Security Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18761
Auditing of 'Object Access: Kernel Object' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18760
Auditing of 'Object Access: Certification Services' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18880
Auditing of 'Logon-Logoff: Special Logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8746
The 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' setting should be configured correctly.

oval:org.secpod.oval:def:18973
Auditing of 'Logon-Logoff: IPsec Main Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18858
Auditing of 'Object Access: Filtering Platform Packet Drop' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18978
Auditing of 'Logon-Logoff: IPsec Extended Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18855
Auditing of 'DS Access: Directory Service Access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18744
The 'Windows Firewall: Private: Apply local firewall rules' setting should be configured correctly.

oval:org.secpod.oval:def:18748
Windows Firewall should allow or block inbound connections by default as appropriate for the Public Profile.

oval:org.secpod.oval:def:18868
Auditing of 'Logon-Logoff: IPsec Quick Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19067
The Windows Firewall should be enabled or disabled as appropriate for the Private Profile.

oval:org.secpod.oval:def:19066
Auditing of 'Logon-Logoff: Logoff' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19079
Display of a notification to the user when Windows Firewall blocks network activity should be enabled or disabled as appropriate for the public profile.

oval:org.secpod.oval:def:19071
Auditing of 'Logon-Logoff: Logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19073
Auditing of 'Object Access: Application Generated' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18923
Auditing of 'Logon-Logoff: Network Policy Server' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18917
Auditing of 'Logon-Logoff: Account Lockout' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18902
Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18901
The 'Windows Firewall: Domain: Apply local firewall rules' setting should be configured correctly.

oval:org.secpod.oval:def:19001
Auditing of 'Account Management: Other Account Management Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19016
Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19014
Display of a notification to the user when Windows Firewall blocks network activity should be enabled or disabled as appropriate for the domain profile.

oval:org.secpod.oval:def:19015
Auditing of 'Object Access: File Share' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19108
Auditing of 'Object Access: Other Object Access Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19052
Auditing of 'Account Logon: Kerberos Authentication Service' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19023
Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19021
The 'Windows Firewall: Domain: Apply local connection security rules' setting should be configured correctly.

oval:org.secpod.oval:def:19035
Auditing of 'DS Access: Detailed Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19030
The Windows Firewall should be enabled or disabled as appropriate for the Public Profile.

oval:org.secpod.oval:def:8848
Reset Account Lockout Counter After

oval:org.secpod.oval:def:18898
Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18787
Auditing of 'System: IPsec Driver' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8813
The 'Store passwords using reversible encryption' setting should be configured correctly.

oval:org.secpod.oval:def:18835
Auditing of 'Privilege Use: Other Privilege Use Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18943
Auditing of 'System: Other System Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18817
Auditing of 'Policy Change: Filtering Platform Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18819
Auditing of 'Policy Change: MPSSVC Rule Level Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8773
The 'Minimum password age' setting should be configured correctly.

oval:org.secpod.oval:def:7897
The number of passwords remembered

oval:org.secpod.oval:def:7899
The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ...

oval:org.secpod.oval:def:18860
Auditing of 'Policy Change: Other Policy Change Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19006
Auditing of 'System: Security State Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19003
Auditing of 'Privilege Use: Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19018
Auditing of 'System: Security System Extension' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19102
Auditing of 'Policy Change: Authentication Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7900
The Minimum password length setting should be configured correctly.

oval:org.secpod.oval:def:7901
The 'Password must meet complexity requirements' policy should be set correctly.

oval:org.secpod.oval:def:7902
Maximum password age is the profile defined number of days

oval:org.secpod.oval:def:19110
Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19020
Auditing of 'System: System Integrity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8831
The built-in Administrator account should be correctly named. The built-in local administrator account is a well-known account name that attackers will target. Microsoft recommends to choose another name for this account, and to avoid names that denote administrative or elevated access accounts. Be ...

oval:org.secpod.oval:def:8925
The Accounts: Guest account status setting should be configured correctly. This policy setting determines whether the Guest account is enabled or disabled. The Guest account allows unauthenticated network users to gain access to the system. Note that this setting will have no impact when applied to ...

oval:org.secpod.oval:def:8772
The Deny log on locally user right should be assigned to the appropriate accounts. This security setting determines which users are prevented from logging on at the computer. This policy setting supersedes the Allow log on locally policy setting if an account is subject to both policies.Important:I ...

oval:org.secpod.oval:def:18836
The Deny log on as a batch job user right should be assigned to the appropriate accounts. This policy setting determines which accounts will not be able to log on to the computer as a batch job. A batch job is not a batch (.bat) file, but rather a batch-queue facility. Accounts that use the Task Sc ...

oval:org.secpod.oval:def:8768
The Deny access to this computer from the network user right should be assigned to the appropriate accounts. This policy setting prohibits users from connecting to a computer from across the network, which would allow users to access and potentially modify data remotely. In high security environmen ...

oval:org.secpod.oval:def:18942
The Deny log on through Remote Desktop Services user right should be assigned to the appropriate accounts. This policy setting determines whether users can log on as Terminal Services clients. After the baseline member server is joined to a domain environment, there is no need to use local accounts ...

oval:org.secpod.oval:def:18878
The Manage auditing and security log user right should be assigned to the appropriate accounts. This policy setting determines which users can change the auditing options for files and directories and clear the Security log. When configuring a user right in the SCM enter a comma delimited list of a ...

oval:org.secpod.oval:def:7898
The Account lockout duration setting should be configured correctly. This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again. The setting does this by specifying the number of minutes a locked out account will remain un ...

CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    200
CCE-11465-2
CCE-11290-4
CCE-11860-4
CCE-11248-2
...
*XCCDF
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2008_R2

© 2013 SecPod Technologies