[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:19366
The 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' machine setting should be configured correctly.

oval:org.secpod.oval:def:19295
The 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' machine setting should be configured correctly.

oval:org.secpod.oval:def:19444
The 'Allow Standby States (S1-S3) When Sleeping (On Battery)' machine setting should be configured correctly.

oval:org.secpod.oval:def:19577
The 'Backup log automatically when full' machine setting should be configured correctly for the system log.

oval:org.secpod.oval:def:19456
The 'Allow users to connect remotely using Remote Desktop Services' machine setting should be configured correctly.

oval:org.secpod.oval:def:19452
The 'Allow Remote Shell Access' machine setting should be configured correctly.

oval:org.secpod.oval:def:18839
The 'Allow enhanced PINs for startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:19600
The 'Always install with elevated privileges' machine setting should be configured correctly.

oval:org.secpod.oval:def:8866
Always prompt client for password upon connection

oval:org.secpod.oval:def:8861
The "Allow remote access to the Plug and Play interface" machine setting should be configured correctly.

oval:org.secpod.oval:def:19089
The 'Backup log automatically when full' machine setting should be configured correctly for the setup log.

oval:org.secpod.oval:def:19250
The 'Backup log automatically when full' machine setting should be configured correctly for the security log.

oval:org.secpod.oval:def:19465
The 'Backup log automatically when full' machine setting should be configured correctly for the application log.

oval:org.secpod.oval:def:19396
The 'Allow Standby States (S1-S3) When Sleeping (Plugged In)' machine setting should be configured correctly.

oval:org.secpod.oval:def:18793
The 'Configure use of passwords for removable data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19537
The 'Choose how BitLocker-protected operating system drives can be recovered' machine setting should be configured correctly.

oval:org.secpod.oval:def:19210
The 'Configure minimum PIN length for startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:19499
The 'Choose how BitLocker-protected removable drives can be recovered' machine setting should be configured correctly.

oval:org.secpod.oval:def:19581
The 'Configure use of passwords for fixed data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19595
The 'Configure use of smart cards on removable data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19233
The 'Control use of BitLocker on removable drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19172
The 'Choose how BitLocker-protected fixed drives can be recovered' machine setting should be configured correctly.

oval:org.secpod.oval:def:19155
The 'Configure use of smart cards on fixed data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:8907
Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop Client

oval:org.secpod.oval:def:8897
Terminal Services / Remote Desktop Services - Local drives prevented from sharing with Terminal Servers.

oval:org.secpod.oval:def:8877
Default behavior for AutoRun

oval:org.secpod.oval:def:19090
The 'Deny write access to removable drives not protected by BitLocker' machine setting should be configured correctly.

oval:org.secpod.oval:def:19361
The 'Deny write access to fixed drives not protected by BitLocker' machine setting should be configured correctly.

oval:org.secpod.oval:def:19508
The 'Do not process the run once list' machine setting should be configured correctly.

oval:org.secpod.oval:def:8814
The "Enable user control over installs" machine setting should be configured correctly.

oval:org.secpod.oval:def:8878
Enumerate administrator accounts on elevation

oval:org.secpod.oval:def:19158
The 'Do not process the legacy run list' machine setting should be configured correctly.

oval:org.secpod.oval:def:8844
The "Maximum Log Size (KB)" machine setting should be configured correctly for the secirity log.

oval:org.secpod.oval:def:8855
The "Maximum Log Size (KB)" machine setting should be configured correctly for the application log.

oval:org.secpod.oval:def:8858
The "Maximum Log Size (KB)" machine setting should be configured correctly for the system log.

oval:org.secpod.oval:def:8892
The system is configured to allow unsolicited remote assistance offers.

oval:org.secpod.oval:def:19480
The 'Prevent memory overwrite on restart' machine setting should be configured correctly.

oval:org.secpod.oval:def:19441
The 'Server Authentication Certificate Template' machine setting should be configured correctly.

oval:org.secpod.oval:def:8806
The "Restrictions for Unauthenticated RPC clients" machine setting should be configured correctly.

oval:org.secpod.oval:def:8915
The "Require a Password When a Computer Wakes (On Battery)" machine setting should be configured correctly.

oval:org.secpod.oval:def:8766
RPC Endpoint Mapper Client Authentication

oval:org.secpod.oval:def:8763
The "Prevent the computer from joining a homegroup" machine setting should be configured correctly.

oval:org.secpod.oval:def:8894
Require a Password when a Computer Wakes (Plugged in)

oval:org.secpod.oval:def:8895
Set client connection encryption level

oval:org.secpod.oval:def:8875
Allowing unsecure RPC communication exposes the server to man in the middle attacks and data disclosure attacks. A man in the middle attack occurs when an intruder captures packets between a client and server and modifies them before allowing the packets to be exchanged. Usually the attacker will mo ...

oval:org.secpod.oval:def:19483
The 'Require additional authentication at startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:19164
The 'Provide the unique identifiers for your organization' machine setting should be configured correctly.

oval:org.secpod.oval:def:8850
The "Set time limit for disconnected sessions" machine setting should be configured correctly.

oval:org.secpod.oval:def:19205
The 'Set time limit for active Remote Desktop Services sessions' machine setting should be configured correctly.

oval:org.secpod.oval:def:8883
Turn off downloading of print drivers over HTTP

oval:org.secpod.oval:def:8880
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:org.secpod.oval:def:8899
Solicited Remote Assistance

oval:org.secpod.oval:def:8876
Turn off Autoplay for non-volume devices

oval:org.secpod.oval:def:19198
The 'Turn off Data Execution Prevention for HTML Help Executible' machine setting should be configured correctly.

oval:org.secpod.oval:def:8726
The "Turn off Windows Update device driver searching" machine setting should be configured correctly.

oval:org.secpod.oval:def:8853
The "Turn off Internet download for Web publishing and online ordering wizards" machine setting should be configured correctly.

oval:org.secpod.oval:def:8809
The "Turn off Search Companion content file updates" machine setting should be configured correctly.

oval:org.secpod.oval:def:8908
Customer Experience Improvement Program

oval:org.secpod.oval:def:8885
Turn off the "Publish to Web" task for files and folders

oval:org.secpod.oval:def:18849
The 'Turn Off the Display (On Battery)' machine setting should be configured correctly.

oval:org.secpod.oval:def:8874
Prevent printing over HTTP.

oval:org.secpod.oval:def:19255
The 'Validate smart card certificate usage rule compliance' machine setting should be configured correctly.

oval:org.secpod.oval:def:19589
The 'Turn Off the Display (Plugged In)' machine setting should be configured correctly.

oval:org.secpod.oval:def:19228
The 'Turn off location' machine setting should be configured correctly.

oval:org.secpod.oval:def:8736
The 'Audit: Audit the access of global system objects' setting should be configured correctly.

oval:org.secpod.oval:def:8716
The 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' setting should be configured correctly.

oval:org.secpod.oval:def:8926
The 'Accounts: Limit local account use of blank passwords to console logon only' setting should be configured correctly.

oval:org.secpod.oval:def:8927
The 'Devices: Prevent users from installing printer drivers' setting should be configured correctly.

oval:org.secpod.oval:def:18883
The 'Audit: Shut down system immediately if unable to log security audits' setting should be configured correctly.

oval:org.secpod.oval:def:8755
The 'Devices: Allowed to format and eject removable media' setting should be configured correctly.

oval:org.secpod.oval:def:8754
The 'Audit: Audit the use of Backup and Restore privilege' setting should be configured correctly.

oval:org.secpod.oval:def:8723
The 'Network access: Do not allow storage of passwords and credentials for network authentication' setting should be configured correctly.

oval:org.secpod.oval:def:8724
The 'Network access: Let Everyone permissions apply to anonymous users' setting should be configured correctly.

oval:org.secpod.oval:def:8840
The 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' setting should be configured correctly.

oval:org.secpod.oval:def:8727
The 'Microsoft network server: Amount of idle time required before suspending session' setting should be configured correctly.

oval:org.secpod.oval:def:8729
The 'Recovery console: Allow automatic administrative logon' setting should be configured correctly.

oval:org.secpod.oval:def:8730
The 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' setting should be configured correctly.

oval:org.secpod.oval:def:8731
The 'Shutdown: Allow system to be shut down without having to log on' setting should be configured correctly.

oval:org.secpod.oval:def:8737
The 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' setting should be configured correctly.

oval:org.secpod.oval:def:8739
The 'Domain member: Require strong (Windows 2000 or later) session key' setting should be configured correctly.

oval:org.secpod.oval:def:19625
The 'Require message integrity' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19626
The 'Require message confidentiality' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8822
The 'Network access: Restrict anonymous access to Named Pipes and Shares' setting should be configured correctly.

oval:org.secpod.oval:def:8823
The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:19627
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19628
The 'Require message integrity' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8824
The 'Network access: Named Pipes that can be accessed anonymously' setting should be configured correctly.

oval:org.secpod.oval:def:18895
The 'Devices: Restrict CD-ROM access to locally logged-on user only' setting should be configured correctly.

oval:org.secpod.oval:def:19623
The 'Require NTLMv2 session security' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8820
The 'Interactive logon: Prompt user to change password before expiration' setting should be configured correctly.

oval:org.secpod.oval:def:19624
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8829
The 'Microsoft network client: Digitally sign communications (always)' setting should be configured correctly.

oval:org.secpod.oval:def:8711
The 'Network access: Do not allow anonymous enumeration of SAM accounts' setting should be configured correctly.

oval:org.secpod.oval:def:8833
The 'Microsoft network server: Digitally sign communications (if client agrees)' setting should be configured correctly.

oval:org.secpod.oval:def:8835
The 'Microsoft network server: Disconnect clients when logon hours expire' setting should be configured correctly.

oval:org.secpod.oval:def:8830
The 'Microsoft network client: Digitally sign communications (if server agrees)' setting should be configured correctly.

oval:org.secpod.oval:def:8710
The 'MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic.' setting should be configured correctly.

oval:org.secpod.oval:def:19630
The 'Require message confidentiality' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8836
The 'Network security: LAN Manager authentication level' setting should be configured correctly.

oval:org.secpod.oval:def:8838
The 'Microsoft network server: Digitally sign communications (always)' setting should be configured correctly.

oval:org.secpod.oval:def:19629
The 'Require NTLMv2 session security' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8808
The 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' setting should be configured correctly.

oval:org.secpod.oval:def:8812
The 'Domain member: Maximum machine account password age' setting should be configured correctly.

oval:org.secpod.oval:def:8819
The 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' setting should be configured correctly.

oval:org.secpod.oval:def:7706
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:org.secpod.oval:def:8788
The 'Interactive logon: Do not require CTRL+ALT+DEL' setting should be configured correctly.

oval:org.secpod.oval:def:8789
The 'Network security: Allow LocalSystem NULL session fallback' setting should be configured correctly.

oval:org.secpod.oval:def:8785
The 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:8795
The 'Microsoft network client: Send unencrypted password to third-party SMB servers' setting should be configured correctly.

oval:org.secpod.oval:def:8796
The 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' setting should be configured correctly.

oval:org.secpod.oval:def:8791
The 'Network access: Shares that can be accessed anonymously' setting should be configured correctly.

oval:org.secpod.oval:def:8792
The 'Network access: Sharing and security model for local accounts' setting should be configured correctly.

oval:org.secpod.oval:def:8793
The 'Network security: Do not store LAN Manager hash value on next password change' setting should be configured correctly.

oval:org.secpod.oval:def:8790
The 'Network security: Allow Local System to use computer identity for NTLM' setting should be configured correctly.

oval:org.secpod.oval:def:8767
The 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' setting should be configured correctly.

oval:org.secpod.oval:def:8769
The 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' setting should be configured correctly.

oval:org.secpod.oval:def:8777
The 'Domain member: Disable machine account password changes' setting should be configured correctly.

oval:org.secpod.oval:def:18886
The 'MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)' setting should be configured correctly.

oval:org.secpod.oval:def:8779
The 'Interactive logon: Do not display last user name' setting should be configured correctly.

oval:org.secpod.oval:def:8774
The 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' setting should be configured correctly.

oval:org.secpod.oval:def:8776
The 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' setting should be configured correctly.

oval:org.secpod.oval:def:18733
The 'Domain member: Digitally sign secure channel data (when possible)' setting should be configured correctly.

oval:org.secpod.oval:def:8744
The 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' setting should be configured correctly.

oval:org.secpod.oval:def:8747
The 'Interactive logon: Smart card removal behavior' setting should be configured correctly.

oval:org.secpod.oval:def:8748
The 'Network security: Force logoff when logon hours expire' setting should be configured correctly.

oval:org.secpod.oval:def:8756
Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders

oval:org.secpod.oval:def:8757
The 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' setting should be configured correctly.

oval:org.secpod.oval:def:8751
The 'Network security: LDAP client signing requirements' setting should be configured correctly.

oval:org.secpod.oval:def:18867
The 'Interactive logon: Require Domain Controller authentication to unlock workstation' setting should be configured correctly.

oval:org.secpod.oval:def:19029
The 'Shutdown: Clear virtual memory pagefile' setting should be configured correctly.

oval:org.secpod.oval:def:8845
The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly.

oval:org.secpod.oval:def:18796
Auditing of 'Account Logon: Other Account Logon Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8841
The 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' setting should be configured correctly.

oval:org.secpod.oval:def:8842
The 'User Account Control: Admin Approval Mode for the Built-in Administrator account' setting should be configured correctly.

oval:org.secpod.oval:def:8738
The 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' setting should be configured correctly.

oval:org.secpod.oval:def:18890
Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18770
Auditing of 'Object Access: Filtering Platform Connection' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18788
Auditing of 'Object Access: Detailed File Share' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8715
Switch to the secure desktop when prompting for elevation

oval:org.secpod.oval:def:8837
The 'System objects: Require case insensitivity for non-Windows subsystems' setting should be configured correctly.

oval:org.secpod.oval:def:8839
The 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' setting should be configured correctly.

oval:org.secpod.oval:def:8803
The 'User Account Control: Virtualize file and registry write failures to per-user locations' setting should be configured correctly.

oval:org.secpod.oval:def:8818
The 'User Account Control: Only elevate executables that are signed and validated' setting should be configured correctly.

oval:org.secpod.oval:def:18953
Auditing of 'Object Access: Handle Manipulation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18935
Auditing of 'Logon-Logoff: Other Logon Logoff Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18813
Auditing of 'Detailed Tracking: Process Creation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8787
The 'User Account Control: Behavior of the elevation prompt for standard users' setting should be configured correctly.

oval:org.secpod.oval:def:8780
The 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' setting should be configured correctly.

oval:org.secpod.oval:def:18927
Windows Firewall should allow or block inbound connections by default as appropriate for the Private Profile.

oval:org.secpod.oval:def:18805
Windows Firewall should allow or block outbound connections by default as appropriate for the Public Profile.

oval:org.secpod.oval:def:8782
The 'User Account Control: Detect application installations and prompt for elevation' setting should be configured correctly.

oval:org.secpod.oval:def:18809
Auditing of 'Object Access: SAM' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18929
Auditing of 'Account Management: Computer Account Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18997
Windows Firewall should allow or block inbound connections by default as appropriate for the Domain Profile.

oval:org.secpod.oval:def:18755
Auditing of 'Account Management: User Account Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18754
Auditing of 'Account Management: Distribution Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18752
Auditing of 'Account Logon: Kerberos Service Ticket Operations' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8762
The 'User Account Control: Run all administrators in Admin Approval Mode' setting should be configured correctly.

oval:org.secpod.oval:def:18756
Auditing of 'DS Access: Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18751
Auditing of 'Account Logon: Credential Validation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18885
Auditing of 'Account Management: Application Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18763
Auditing of 'Object Access: Registry' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18769
Auditing of 'Object Access: File System' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18882
Auditing of 'Account Management: Security Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18761
Auditing of 'Object Access: Kernel Object' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18760
Auditing of 'Object Access: Certification Services' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18880
Auditing of 'Logon-Logoff: Special Logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18973
Auditing of 'Logon-Logoff: IPsec Main Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8746
The 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' setting should be configured correctly.

oval:org.secpod.oval:def:18978
Auditing of 'Logon-Logoff: IPsec Extended Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18855
Auditing of 'DS Access: Directory Service Access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18744
The 'Windows Firewall: Private: Apply local firewall rules' setting should be configured correctly.

oval:org.secpod.oval:def:18742
Windows Firewall should allow or block outbound connections by default as appropriate for the Private Profile.

oval:org.secpod.oval:def:18748
Windows Firewall should allow or block inbound connections by default as appropriate for the Public Profile.

oval:org.secpod.oval:def:18868
Auditing of 'Logon-Logoff: IPsec Quick Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18740
Windows Firewall should allow or block outbound connections by default as appropriate for the Domain Profile.

oval:org.secpod.oval:def:19094
Auditing of 'Object Access: Filtering Platform Packet Drop' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19065
Auditing of 'Object Access: Detailed File Share' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19066
Auditing of 'Logon-Logoff: Logoff' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19071
Auditing of 'Logon-Logoff: Logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19073
Auditing of 'Object Access: Application Generated' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18917
Auditing of 'Logon-Logoff: Account Lockout' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18902
Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19001
Auditing of 'Account Management: Other Account Management Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19016
Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19015
Auditing of 'Object Access: File Share' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19108
Auditing of 'Object Access: Other Object Access Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19023
Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19035
Auditing of 'DS Access: Detailed Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8848
Reset Account Lockout Counter After

oval:org.secpod.oval:def:18898
Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18787
Auditing of 'System: IPsec Driver' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8813
The 'Store passwords using reversible encryption' setting should be configured correctly.

oval:org.secpod.oval:def:18835
Auditing of 'Privilege Use: Other Privilege Use Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18943
Auditing of 'System: Other System Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18817
Auditing of 'Policy Change: Filtering Platform Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18819
Auditing of 'Policy Change: MPSSVC Rule Level Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8773
The 'Minimum password age' setting should be configured correctly.

oval:org.secpod.oval:def:7897
The number of passwords remembered

oval:org.secpod.oval:def:7899
The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ...

oval:org.secpod.oval:def:18860
Auditing of 'Policy Change: Other Policy Change Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19006
Auditing of 'System: Security State Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19003
Auditing of 'Privilege Use: Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19018
Auditing of 'System: Security System Extension' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19102
Auditing of 'Policy Change: Authentication Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7900
The Minimum password length setting should be configured correctly.

oval:org.secpod.oval:def:7901
The 'Password must meet complexity requirements' policy should be set correctly.

oval:org.secpod.oval:def:7902
Maximum password age is the profile defined number of days

oval:org.secpod.oval:def:19110
Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19020
Auditing of 'System: System Integrity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8831
The built-in Administrator account should be correctly named. The built-in local administrator account is a well-known account name that attackers will target. Microsoft recommends to choose another name for this account, and to avoid names that denote administrative or elevated access accounts. Be ...

oval:org.secpod.oval:def:8925
The Accounts: Guest account status setting should be configured correctly. This policy setting determines whether the Guest account is enabled or disabled. The Guest account allows unauthenticated network users to gain access to the system. Note that this setting will have no impact when applied to ...

oval:org.secpod.oval:def:8772
The Deny log on locally user right should be assigned to the appropriate accounts. This security setting determines which users are prevented from logging on at the computer. This policy setting supersedes the Allow log on locally policy setting if an account is subject to both policies.Important:I ...

oval:org.secpod.oval:def:18836
The Deny log on as a batch job user right should be assigned to the appropriate accounts. This policy setting determines which accounts will not be able to log on to the computer as a batch job. A batch job is not a batch (.bat) file, but rather a batch-queue facility. Accounts that use the Task Sc ...

oval:org.secpod.oval:def:8768
The Deny access to this computer from the network user right should be assigned to the appropriate accounts. This policy setting prohibits users from connecting to a computer from across the network, which would allow users to access and potentially modify data remotely. In high security environmen ...

oval:org.secpod.oval:def:19632
The Access Credential Manager as a trusted caller user right should be assigned to the appropriate accounts. This security setting is used by Credential Manager during Backup and Restore. No accounts should have this user right, as it is only assigned to Winlogon. Users saved credentials might be c ...

oval:org.secpod.oval:def:18942
The Deny log on through Remote Desktop Services user right should be assigned to the appropriate accounts. This policy setting determines whether users can log on as Terminal Services clients. After the baseline member server is joined to a domain environment, there is no need to use local accounts ...

oval:org.secpod.oval:def:18878
The Manage auditing and security log user right should be assigned to the appropriate accounts. This policy setting determines which users can change the auditing options for files and directories and clear the Security log. When configuring a user right in the SCM enter a comma delimited list of a ...

oval:org.secpod.oval:def:7898
The Account lockout duration setting should be configured correctly. This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again. The setting does this by specifying the number of minutes a locked out account will remain un ...

CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    219
CCE-11465-2
CCE-11636-8
CCE-11138-5
CCE-11860-4
...
*XCCDF
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2008_R2

© 2013 SecPod Technologies