[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:22813
Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer.

oval:org.secpod.oval:def:22818
Registers and updates IP addresses and DNS records for this computer.

oval:org.secpod.oval:def:22929
The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.

oval:org.secpod.oval:def:22926
Monitors system events and notifies subscribers to COM+ Event System of these events.

oval:org.secpod.oval:def:22910
This is an advanced security setting for the Windows Firewall that you can use to allow unicast responses on computers running Windows Vista or later.

oval:org.secpod.oval:def:22738
Enables the detection, download, and installation of updates for Windows and other programs.

oval:org.secpod.oval:def:22977
Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package.

oval:org.secpod.oval:def:22976
This policy setting determines whether digital certificates are processed when software restriction policies are enabled and a user or process attempts to run software with an .exe file name extension.

oval:org.secpod.oval:def:22733
This policy setting specifies which users can add computer workstations to a specific domain.

oval:org.secpod.oval:def:22732
Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network.

oval:org.secpod.oval:def:22739
Provides four management services: Catalog Database Service, Protected Root Service, Automatic Root Certificate Update Service, and Key Service.

oval:org.secpod.oval:def:22741
Provides user experience theme management.

oval:org.secpod.oval:def:22847
Enables client computers to print to the Line Printer Daemon (LPD) service on this server using TCP/IP and the Line Printer Remote (LPR) protocol.

oval:org.secpod.oval:def:22725
Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.

oval:org.secpod.oval:def:22724
Processes installation, removal, and enumeration requests for software deployed through Group Policy.

oval:org.secpod.oval:def:22966
Maintains links between NTFS files within a computer or across computers in a network.

oval:org.secpod.oval:def:22722
Supports file, print, and named-pipe sharing over the network for this computer.

oval:org.secpod.oval:def:22963
Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.

oval:org.secpod.oval:def:22719
This setting controls whether local administrators are allowed to create connection security rules that apply with other connection security rules enforced by Group Policy.

oval:org.secpod.oval:def:22960
Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.

oval:org.secpod.oval:def:22821
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems.

oval:org.secpod.oval:def:23056
Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable.

oval:org.secpod.oval:def:23054
Enable: 'Default behavior for AutoRun'

oval:org.secpod.oval:def:23039
This service manages events and event logs.

oval:org.secpod.oval:def:23040
This option determines if this computer can receive unicast responses to multicast or broadcast messages that it initiates. Unsolicited unicast responses are blocked regardless of this setting.

oval:org.secpod.oval:def:23046
This security setting determines which users and groups have the authority to synchronize all directory service data.

oval:org.secpod.oval:def:23084
Provides a common interface and object model to access management information about operating system, devices, applications and services.

oval:org.secpod.oval:def:23030
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing

oval:org.secpod.oval:def:23033
This policy setting determines whether members of the Server Operators group are allowed to submit jobs by means of the AT schedule facility.

oval:org.secpod.oval:def:23017
Maintains date and time synchronization on all clients and servers in the network.

oval:org.secpod.oval:def:23025
Serves as the endpoint mapper and COM Service Control Manager.

oval:org.secpod.oval:def:23023
Manages and implements Volume Shadow Copies used for backup and other purposes.

oval:org.secpod.oval:def:23000
Controls whether computer receives unicast responses to its outgoing multicast or broadcast messages.

oval:org.secpod.oval:def:22784
Manages audio for Windows-based programs.

oval:org.secpod.oval:def:22889
Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.

oval:org.secpod.oval:def:22767
Manages access to smart cards read by this computer.

oval:org.secpod.oval:def:22757
Manages the RPC name service database.

oval:org.secpod.oval:def:22756
Enables remote users to modify registry settings on this computer.

oval:org.secpod.oval:def:22755
This policy setting determines whether the LDAP server requires a signature before it will negotiate with LDAP clients.

oval:org.secpod.oval:def:22989
The Policy Change audit category determines whether to audit every incident of a change to user rights assignment policies, Windows Firewall policies, Trust policies, or changes to the Audit policy itself.

oval:org.secpod.oval:def:22986
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.

oval:org.secpod.oval:def:22994
The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer.

oval:org.secpod.oval:def:22991
Maintains a secure channel between this computer and the domain controller for authenticating users and services.

oval:org.secpod.oval:def:22789
Manages software-based volume shadow copies taken by the Volume Shadow Copy service.

oval:org.secpod.oval:def:22787
The IIS Admin Service allows administration of IIS components such as FTP, application pools, Web sites, Web service extensions, and both Network News Transfer Protocol (NNTP) and Simple Mail Transfer Protocol (SMTP) virtual servers.

oval:org.secpod.oval:def:22786
Allows users to connect interactively to a remote computer.

oval:org.secpod.oval:def:22792
Allows UPnP devices to be hosted on this computer.

oval:org.secpod.oval:def:22801
This setting determines the behavior for outbound connections that do not match an outbound firewall rule. If Outbound connections are set to Block and deploy the firewall policy by using a GPO, cannot receive subsequent Group Policy updates.

oval:org.secpod.oval:def:22912
This policy setting determines the strength of the default discretionary access control list (DACL) for objects.

oval:org.secpod.oval:def:22911
This setting determines which users can change the time zone of the computer.

oval:org.secpod.oval:def:22974
This setting determines the behavior for outbound connections that do not match an outbound firewall rule.

oval:org.secpod.oval:def:22982
The entry appears as MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) in the SCE.

oval:org.secpod.oval:def:22843
This policy setting determines which users and groups can change the time and date on the internal clock of the computers in your environment.

oval:org.secpod.oval:def:22962
Determines whether case insensitivity is enforced for all subsystems. Example is case insensitivity for other subsystems, such as the Portable Operating System Interface for UNIX (POSIX) which are normally case sensitive.

oval:org.secpod.oval:def:23074
When this policy setting is enabled, a domain controller must authenticate the domain account used to unlock the computer.

oval:org.secpod.oval:def:23071
This setting determines the behavior for outbound connections that do not match an outbound firewall rule. If Outbound connections are set to Block and deploy the firewall policy by using a GPO, cannot receive subsequent Group Policy updates.

oval:org.secpod.oval:def:23061
Allow NTLM to fall back to NULL session when used with LocalSystem.

oval:org.secpod.oval:def:23052
The 'Network access: Named Pipes that can be accessed anonymously' setting should be configured correctly.

oval:org.secpod.oval:def:23002
This policy setting determines whether the virtual memory pagefile is cleared when the system is shut down.

oval:org.secpod.oval:def:22897
This policy setting allows the user of a portable computer to click Eject PC on the Start menu to undock the computer.

oval:org.secpod.oval:def:22999
The entry appears as MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning in the SCE.

oval:org.secpod.oval:def:22880
The entry appears as MSS: (DisableIPSourceRouting) IPv6 source routing protection level (protects against packet spoofing) in the SCE.

oval:org.secpod.oval:def:22745
The entry appears as MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) in the SCE.

oval:org.secpod.oval:def:22798
Autoplay starts to read from a drive as soon as you insert media in the drive, which causes the setup file for programs or audio media to start immediately.

oval:org.secpod.oval:def:22815
This policy setting allows users to change the size of the pagefile.

oval:org.secpod.oval:def:22934
This policy setting determines whether the SMB client will attempt to negotiate SMB packet signing.

oval:org.secpod.oval:def:22933
This setting controls whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy.

oval:org.secpod.oval:def:22812
This policy setting audits Security Group Management events.

oval:org.secpod.oval:def:22932
This policy setting allows users to shut down Windows Vista-based computers from remote locations on the network.

oval:org.secpod.oval:def:22811
This policy setting in the DS Access audit category enables reports to result when Active Directory Domain Services (AD DS) objects are accessed.

oval:org.secpod.oval:def:22930
This setting determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to connections to the Filtering Platform.

oval:org.secpod.oval:def:22817
This policy setting determines whether the system shuts down if it is unable to log Security events.

oval:org.secpod.oval:def:22938
Disable this policy setting to prevent the SMB redirector from sending plaintext passwords during authentication to third-party SMB servers that do not support password encryption.

oval:org.secpod.oval:def:22937
This policy setting determines whether the account name of the last user to log on to the client computers in your organization will be displayed in each computer's respective Windows logon screen.

oval:org.secpod.oval:def:22803
This policy setting allows you to specify the amount of continuous idle time that must pass in an SMB session before the session is suspended because of inactivity.

oval:org.secpod.oval:def:22924
This setting applies to the Sensitive Privilege Use subcategory of events. You can use it to audit users exercising user rights.

oval:org.secpod.oval:def:22921
This privilege determines which user accounts can modify the integrity label of objects, such as files, registry keys, or processes owned by other users.

oval:org.secpod.oval:def:22920
The Password protect the screen saver setting should be configured correctly.

oval:org.secpod.oval:def:22809
This policy setting allows a process to create an access token, which may provide elevated rights to access sensitive data.

oval:org.secpod.oval:def:22808
This policy setting determines whether the Transport Layer Security/Secure Sockets Layer (TLS/SSL) Security Provider supports only the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite.

oval:org.secpod.oval:def:22807
This subcategory is not used.

oval:org.secpod.oval:def:22806
Always install with elevated privileges

oval:org.secpod.oval:def:22805
Setting displays notifications to the user when a program is blocked from receiving inbound connections.

oval:org.secpod.oval:def:22913
This setting controls whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy.

oval:org.secpod.oval:def:22918
This setting controls whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy.

oval:org.secpod.oval:def:22916
This policy setting specifies the type of challenge/response authentication for network logons. LAN Manager (LM) authentication is the least secure method; it allows encrypted passwords to be cracked because they can be easily intercepted on the network.

oval:org.secpod.oval:def:22915
This policy setting in the DS Access audit category enables reports to result when changes to create, modify, move, or undelete operations are performed on objects in Active Directory Domain Services (AD DS).

oval:org.secpod.oval:def:22903
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the IPsec Main Mode settings.

oval:org.secpod.oval:def:22902
Disable: 'Control Event Log behavior when the log file reaches its maximum size for Security (KB)'

oval:org.secpod.oval:def:22901
Specify the maximum log file size for Security (KB)

oval:org.secpod.oval:def:22900
When enabled, this policy setting restricts anonymous access to only those shares and pipes that are named in the Network access: Named pipes that can be accessed anonymously and Network access: Shares that can be accessed anonymously settings.

oval:org.secpod.oval:def:22907
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Handle Manipulation on Windows objects.

oval:org.secpod.oval:def:22906
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the Logon-Logoff Account Lockout setting.

oval:org.secpod.oval:def:22904
This policy setting audits Other Account Management events.

oval:org.secpod.oval:def:22735
This policy setting controls whether User Interface Accessibility (UIAccess or UIA) programs can automatically disable the secure desktop for elevation prompts used by a standard user.

oval:org.secpod.oval:def:22856
Specify the maximum log file size for Application (KB)

oval:org.secpod.oval:def:22855
This policy setting determines whether a user can log on to a Windows domain using cached account information.

oval:org.secpod.oval:def:22975
This setting allows other users on the network to connect to the computer.

oval:org.secpod.oval:def:22854
The policy setting for this audit category determines whether to audit MPSSVC Rule-Level Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:22973
The registry value entry AutoAdminLogon was added to the template file in the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ registry key

oval:org.secpod.oval:def:22852
This policy setting allows administrators to enable the more precise auditing capabilities present in Windows Vista. Uses subcategory setting to override audit policy categories.

oval:org.secpod.oval:def:22983
This policy setting determines whether packet signing is required by the SMB client component.

oval:org.secpod.oval:def:22740
This policy setting allows accounts to log on using the task scheduler service.

oval:org.secpod.oval:def:22981
The policy setting for this audit category determines whether to audit Filtering Platform Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:22727
This policy setting controls the ability of anonymous users to enumerate the accounts in the Security Accounts Manager (SAM).

oval:org.secpod.oval:def:22848
This policy setting controls whether application write failures are redirected to defined registry and file system locations.

oval:org.secpod.oval:def:22968
Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.

oval:org.secpod.oval:def:22967
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the Logoff event settings.

oval:org.secpod.oval:def:22845
This policy setting prohibits users from connecting to a computer from across the network, which would allow users to access and potentially modify data remotely.

oval:org.secpod.oval:def:22844
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the special settings defined in the Windows Vista Security Guide.

oval:org.secpod.oval:def:22728
This policy setting determines whether services can be launched in the context of the specified account.

oval:org.secpod.oval:def:22849
This settings determines whether to audit the event of a user who accesses an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Other Object Access events.

oval:org.secpod.oval:def:22730
This policy determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to the certification services processes.

oval:org.secpod.oval:def:22851
The "Domain member: Disable machine account password changes" setting should be configured correctly.

oval:org.secpod.oval:def:22850
The Screen Saver timeout setting should be configured correctly.

oval:org.secpod.oval:def:22970
This policy setting allows users to change the amount of processor time that a process uses.

oval:org.secpod.oval:def:22958
Disable: 'Do not process the run once list' for Computer Configuration

oval:org.secpod.oval:def:22837
This policy setting determines whether the LAN Manager (LM) hash value for the new password is stored when the password is changed.

oval:org.secpod.oval:def:22836
This policy setting determines whether to disconnect users who are connected to the local computer outside their user account's valid logon hours. It affects the SMB component.

oval:org.secpod.oval:def:22834
This policy setting controls the behavior of Admin Approval Mode for the built-in Administrator account.

oval:org.secpod.oval:def:22953
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.

oval:org.secpod.oval:def:22831
Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ...

oval:org.secpod.oval:def:22952
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to dropped packet events by the Filtering Pl

oval:org.secpod.oval:def:22830
This policy setting determines which users or processes can generate audit records in the Security log.

oval:org.secpod.oval:def:22718
This policy setting determines how network logons that use local accounts are authenticated.

oval:org.secpod.oval:def:22839
This policy setting determines what happens when the smart card for a logged on user is removed from the smart card reader.

oval:org.secpod.oval:def:22838
Disable: 'Restrict Unauthenticated RPC clients'

oval:org.secpod.oval:def:22840
This policy setting determines which user accounts can increase or decrease the size of a process's working set. The working set of a process is the set of memory pages currently visible to the process in physical random access memory (RAM).

oval:org.secpod.oval:def:22961
This policy setting audits Application Group Management events.

oval:org.secpod.oval:def:22946
This setting determines the behavior for inbound connections that do not match an inbound firewall rule.

oval:org.secpod.oval:def:22943
Network security: Minimum session security for NTLM SSP based (including secure RPC) client applications.

oval:org.secpod.oval:def:22942
This policy setting allows users to dynamically load a new device driver on a system.

oval:org.secpod.oval:def:22941
This policy setting controls the ability of anonymous users to enumerate SAM accounts as well as shares.

oval:org.secpod.oval:def:22820
The "Require a Password When a Computer Wakes (On Battery)" machine setting should be configured correctly.

oval:org.secpod.oval:def:22949
This policy setting determines whether a domain member should attempt to negotiate whether all secure channel traffic that it initiates must be digitally signed.

oval:org.secpod.oval:def:22948
This setting controls whether local administrators are allowed to create local firewall rules that apply with other firewall rules enforced by Group Policy.

oval:org.secpod.oval:def:22827
This setting determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. This setting is targeted to File Share access operations.

oval:org.secpod.oval:def:23077
The policy setting for this audit category determines whether to audit Authentication Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:23063
This setting controls whether local administrators are allowed to create connection security rules that apply with other connection security rules enforced by Group Policy.

oval:org.secpod.oval:def:23062
This policy setting allows users to configure the system-wide environment variables that affect hardware configuration. This information is typically stored in the Last Known Good Configuration.

oval:org.secpod.oval:def:23067
The "Accounts: Limit local account use of blank passwords to console logon only" setting should be configured correctly.

oval:org.secpod.oval:def:23066
This policy setting allows users to take ownership of files, folders, registry keys, processes, or threads. This user right bypasses any permissions that are in place to protect objects and give ownership to the specified user.

oval:org.secpod.oval:def:23064
The Account Logon audit category generates events for credential validation.

oval:org.secpod.oval:def:23050
The Detailed Tracking audit category determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. This setting deals with Process Creation.

oval:org.secpod.oval:def:23059
This policy setting in the System audit category determines whether to audit Security System Extension changes on computers that are running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:23058
This policy setting determines which users can bypass file, directory, registry, and other persistent object permissions when restoring backed up files and directories.

oval:org.secpod.oval:def:23057
This policy setting allows Local System services that use Negotiate to use the computer identity when reverting to NTLM authentication.

oval:org.secpod.oval:def:23055
Detailed Tracking audit category determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. This setting deals with Process Termination.

oval:org.secpod.oval:def:23053
This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system.

oval:org.secpod.oval:def:23041
This policy setting in the System audit category determines whether to audit IPsec Driver events on computers that are running Windows Vista.

oval:org.secpod.oval:def:23049
The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:23042
This policy setting allows users to circumvent file and directory permissions to back up the system.

oval:org.secpod.oval:def:23085
When this setting is configured to Enabled, users are not required to use the CTRL+ALT+DEL key combination to log on to the network.

oval:org.secpod.oval:def:23081
This policy setting audits Distribution Group Management events.

oval:org.secpod.oval:def:23029
This policy setting makes the Recovery Console SET command available.

oval:org.secpod.oval:def:23028
This policy setting allows users who do not have the special "Traverse Folder" access permission to "pass through" folders when they browse an object path in the NTFS file system or the registry.

oval:org.secpod.oval:def:23038
Select On to allow Windows Firewall to filter network traffic. Select Off to prevent Windows Firewall from using any firewall rules or connection security rules for this profile.

oval:org.secpod.oval:def:23034
This setting determines whether to audit the event of a user who accesses an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It targets application generated events.

oval:org.secpod.oval:def:23019
This policy setting determines which accounts will not be able to log on to the computer as a batch job.

oval:org.secpod.oval:def:23018
Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.

oval:org.secpod.oval:def:23027
This policy setting allows users to change the Trusted for Delegation setting on a computer object in Active Directory.

oval:org.secpod.oval:def:23026
Network security: Minimum session security for NTLM SSP based (including secure RPC) server applications.

oval:org.secpod.oval:def:23024
This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests.

oval:org.secpod.oval:def:23022
This policy setting determines which users can interactively log on to computers in your environment.

oval:org.secpod.oval:def:23020
This policy setting determines who is allowed to format and eject removable media.

oval:org.secpod.oval:def:23016
The 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:23015
The "Domain member: Require strong (Windows 2000 or later) session key" setting should be configured correctly.

oval:org.secpod.oval:def:23014
This policy setting in the System audit category determines whether to audit Other System events on computers that are running Windows Vista or later versions of Windows.

oval:org.secpod.oval:def:23012
This policy setting in the System audit category determines whether to audit Security State changes on computers that are running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:23011
This setting controls which groups has the right to install printer drivers.

oval:org.secpod.oval:def:23010
The policy setting for this audit category determines whether to audit Other Policy Change events on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:23003
This policy setting audits Account Management events.

oval:org.secpod.oval:def:23001
This policy setting allows a user to adjust the maximum amount of memory that is available to a process.

oval:org.secpod.oval:def:22898
This policy setting allows one process or service to start another service or process with a different security access token, which can be used to modify the security access token of that sub-process and result in the escalation of privileges.

oval:org.secpod.oval:def:22896
This policy setting determines which users can create symbolic links.

oval:org.secpod.oval:def:22785
This policy setting determines what additional permissions are assigned for anonymous connections to the computer

oval:org.secpod.oval:def:22781
Disable: 'Control Event Log behavior when the log file reaches its maximum size for System (KB)'

oval:org.secpod.oval:def:22768
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the Logon settings.

oval:org.secpod.oval:def:22766
This policy setting controls whether the elevation request prompt is displayed on the interactive user's desktop or the secure desktop.

oval:org.secpod.oval:def:22887
The policy setting allows programs that run on behalf of a user to impersonate that user (or another specified account) so that they can act on behalf of the user.

oval:org.secpod.oval:def:22886
This policy setting allows the administrator account to automatically log on to the recovery console when it is invoked during startup.

oval:org.secpod.oval:def:22765
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Kernal Object access processes.

oval:org.secpod.oval:def:22764
This is the setting that turns on or off UAC. Disabling this setting effectively disables UAC.

oval:org.secpod.oval:def:22774
This policy setting allows users to create directory objects in the object manager.

oval:org.secpod.oval:def:22773
This policy setting determines if the server side SMB service is required to perform SMB packet signing.

oval:org.secpod.oval:def:22893
This policy setting controls the behavior of the elevation prompt for standard users on computers running Windows 7, Windows Server 2008 R2, and later versions of Windows.

oval:org.secpod.oval:def:22772
The "Interactive logon: Prompt user to change password before expiration" setting should be configured correctly

oval:org.secpod.oval:def:22892
This policy setting audits logon events other than credential validation and Kerberos Ticket Events.

oval:org.secpod.oval:def:22891
This policy setting controls the behavior of application installation detection for the computer.

oval:org.secpod.oval:def:22770
Disable: 'Require a Password when a Computer Wakes (Plugged in)'

oval:org.secpod.oval:def:22890
This audit category generates events that record the creation and destruction of logon sessions.

oval:org.secpod.oval:def:22759
Windows Firewall with Advanced Security uses the settings for this profile to filter network traffic.

oval:org.secpod.oval:def:22758
This audit category generates events that record the creation and destruction of logon sessions. This setting targets IPsec Quick Mode settings.

oval:org.secpod.oval:def:22878
The policy setting controls whether to audit users who have accessed the Security Accounts Manager (SAM) object on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:22998
This policy setting determines whether a computer can be shut down when a user is not logged on.

oval:org.secpod.oval:def:22876
The policy setting for this audit category determines whether to audit Authorization Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:22997
This policy setting in the System audit category determines whether to audit System Integrity changes on computers that are running Windows Vista.

oval:org.secpod.oval:def:22996
The Account Logon audit category generates events for credential validation. These events occur on the computer that is authoritative for the credentials.

oval:org.secpod.oval:def:22763
This policy setting determines which user accounts will have the right to attach a debugger to any process or to the kernel, which provides complete access to sensitive and critical operating system components.

oval:org.secpod.oval:def:22883
This security setting determines which users are prevented from logging on at the computer.

oval:org.secpod.oval:def:22762
Disable: 'Control Event Log behavior when the log file reaches its maximum size for Application (KB)'

oval:org.secpod.oval:def:22761
This settings determines whether to audit the event of a user who accesses an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Registry Object access events.

oval:org.secpod.oval:def:22760
This policy setting in the DS Access audit category enables domain controllers to report detailed information about information that replicates between domain controllers.

oval:org.secpod.oval:def:22881
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to File System object access processes.

oval:org.secpod.oval:def:22748
This policy setting audits Computer Account Management events.

oval:org.secpod.oval:def:22867
This policy setting for the DS Access audit category enables reports to result when replication between two domain controllers starts and ends.

oval:org.secpod.oval:def:22987
The Detailed Tracking audit category determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. This setting deals with the DPAPI Activity.

oval:org.secpod.oval:def:22866
This policy setting determines if the server side SMB service is able to sign SMB packets if it is requested to do so by a client that attempts to establish a connection.

oval:org.secpod.oval:def:22744
This policy setting determines which users can change the auditing options for files and directories and clear the Security log.

oval:org.secpod.oval:def:22984
The entry appears as MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended) in the SCE.

oval:org.secpod.oval:def:22752
The Detailed Tracking audit category determines whether to audit detailed tracking information for events, such as program activation, process exit, handle duplication, and indirect object access. This setting is focused on RPC events.

oval:org.secpod.oval:def:22873
Specify the maximum log file size for System (KB)

oval:org.secpod.oval:def:22872
This policy setting determines which users or groups have the right to log on as a Terminal Services client.

oval:org.secpod.oval:def:22751
This policy setting determines which users who are logged on locally can use the Shut Down command to shut down the operating system.

oval:org.secpod.oval:def:22993
This policy setting allows users to manage the system's volume or disk configuration, which could allow a user to delete a volume and cause data loss as well as a denial-of-service condition.

oval:org.secpod.oval:def:22750
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.

oval:org.secpod.oval:def:22871
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the IPsec Extended Mode settings.

oval:org.secpod.oval:def:22990
This policy setting allows a process to assume the identity of any user and thus gain access to the resources that the user is authorized to access.

oval:org.secpod.oval:def:22799
This setting enables the prevention of the execution of unsigned or invalidated applications. Before enabling this setting, it is essential that administrators are certain that all required applications are signed and valid.

oval:org.secpod.oval:def:22797
This policy setting controls the behavior of the elevation prompt for administrators on computers running Windows 7, Windows Server 2008 R2, and later versions of Windows.

oval:org.secpod.oval:def:22796
This setting applies to the Non Sensitive Privilege Use subcategory of events. You can use it to audit users exercising user rights.

oval:org.secpod.oval:def:22794
This policy setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they do not have this user right.

oval:org.secpod.oval:def:22791
This policy setting determines which users can use tools to monitor the performance of non-system processes. if System Monitor is configured to collect data using Windows Management Instrumentation (WMI) this setting is required.

oval:org.secpod.oval:def:22790
This policy setting allows a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk.

CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    224
CCE-37044-5
CCE-38217-6
CCE-36693-0
CCE-36859-7
...
*XCCDF
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2012_R2

© 2013 SecPod Technologies