[Forgot Password]
Login  Register Subscribe

24002

 
 

127027

 
 

102010

 
 

909

 
 

81374

 
 

133

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:19577
The 'Backup log automatically when full' machine setting should be configured correctly for the system log.

oval:org.secpod.oval:def:19089
The 'Backup log automatically when full' machine setting should be configured correctly for the setup log.

oval:org.secpod.oval:def:19250
The 'Backup log automatically when full' machine setting should be configured correctly for the security log.

oval:org.secpod.oval:def:19465
The 'Backup log automatically when full' machine setting should be configured correctly for the application log.

oval:org.secpod.oval:def:8907
Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop Client

oval:org.secpod.oval:def:8897
Terminal Services / Remote Desktop Services - Local drives prevented from sharing with Terminal Servers.

oval:org.secpod.oval:def:8892
The system is configured to allow unsolicited remote assistance offers.

oval:org.secpod.oval:def:19205
The 'Set time limit for active Remote Desktop Services sessions' machine setting should be configured correctly.

oval:org.secpod.oval:def:8883
Turn off downloading of print drivers over HTTP

oval:org.secpod.oval:def:8726
The "Turn off Windows Update device driver searching" machine setting should be configured correctly.

oval:org.secpod.oval:def:8885
Turn off the "Publish to Web" task for files and folders

oval:org.secpod.oval:def:19228
The 'Turn off location' machine setting should be configured correctly.

oval:org.secpod.oval:def:8736
The 'Audit: Audit the access of global system objects' setting should be configured correctly.

oval:org.secpod.oval:def:8727
The 'Microsoft network server: Amount of idle time required before suspending session' setting should be configured correctly.

oval:org.secpod.oval:def:8730
The 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' setting should be configured correctly.

oval:org.secpod.oval:def:19625
The 'Require message integrity' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19626
The 'Require message confidentiality' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19628
The 'Require message integrity' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19623
The 'Require NTLMv2 session security' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8835
The 'Microsoft network server: Disconnect clients when logon hours expire' setting should be configured correctly.

oval:org.secpod.oval:def:8830
The 'Microsoft network client: Digitally sign communications (if server agrees)' setting should be configured correctly.

oval:org.secpod.oval:def:19630
The 'Require message confidentiality' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19629
The 'Require NTLMv2 session security' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8790
The 'Network security: Allow Local System to use computer identity for NTLM' setting should be configured correctly.

oval:org.secpod.oval:def:18788
Auditing of 'Object Access: Detailed File Share' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18927
Windows Firewall should allow or block inbound connections by default as appropriate for the Private Profile.

oval:org.secpod.oval:def:18805
Windows Firewall should allow or block outbound connections by default as appropriate for the Public Profile.

oval:org.secpod.oval:def:18997
Windows Firewall should allow or block inbound connections by default as appropriate for the Domain Profile.

oval:org.secpod.oval:def:18744
The 'Windows Firewall: Private: Apply local firewall rules' setting should be configured correctly.

oval:org.secpod.oval:def:18742
Windows Firewall should allow or block outbound connections by default as appropriate for the Private Profile.

oval:org.secpod.oval:def:18748
Windows Firewall should allow or block inbound connections by default as appropriate for the Public Profile.

oval:org.secpod.oval:def:18740
Windows Firewall should allow or block outbound connections by default as appropriate for the Domain Profile.

oval:org.secpod.oval:def:19094
Auditing of 'Object Access: Filtering Platform Packet Drop' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19065
Auditing of 'Object Access: Detailed File Share' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19632
The Access Credential Manager as a trusted caller user right should be assigned to the appropriate accounts. This security setting is used by Credential Manager during Backup and Restore. No accounts should have this user right, as it is only assigned to Winlogon. Users saved credentials might be c ...

oval:org.secpod.oval:def:18878
The Manage auditing and security log user right should be assigned to the appropriate accounts. This policy setting determines which users can change the auditing options for files and directories and clear the Security log. When configuring a user right in the SCM enter a comma delimited list of a ...

oval:org.secpod.oval:def:8723
The 'Network access: Do not allow storage of passwords and credentials for network authentication' setting should be configured correctly.

oval:org.secpod.oval:def:18796
Auditing of 'Account Logon: Other Account Logon Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8840
The 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' setting should be configured correctly.

oval:org.secpod.oval:def:8841
The 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' setting should be configured correctly.

oval:org.secpod.oval:def:8842
The 'User Account Control: Admin Approval Mode for the Built-in Administrator account' setting should be configured correctly.

oval:org.secpod.oval:def:18793
The 'Configure use of passwords for removable data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:8729
The 'Recovery console: Allow automatic administrative logon' setting should be configured correctly.

oval:org.secpod.oval:def:19537
The 'Choose how BitLocker-protected operating system drives can be recovered' machine setting should be configured correctly.

oval:org.secpod.oval:def:8850
The "Set time limit for disconnected sessions" machine setting should be configured correctly.

oval:org.secpod.oval:def:8731
The 'Shutdown: Allow system to be shut down without having to log on' setting should be configured correctly.

oval:org.secpod.oval:def:8853
The "Turn off Internet download for Web publishing and online ordering wizards" machine setting should be configured correctly.

oval:org.secpod.oval:def:8737
The 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' setting should be configured correctly.

oval:org.secpod.oval:def:8738
The 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' setting should be configured correctly.

oval:org.secpod.oval:def:8739
The 'Domain member: Require strong (Windows 2000 or later) session key' setting should be configured correctly.

oval:org.secpod.oval:def:8823
The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:19627
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18895
The 'Devices: Restrict CD-ROM access to locally logged-on user only' setting should be configured correctly.

oval:org.secpod.oval:def:18770
Auditing of 'Object Access: Filtering Platform Connection' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18787
Auditing of 'System: IPsec Driver' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8833
The 'Microsoft network server: Digitally sign communications (if client agrees)' setting should be configured correctly.

oval:org.secpod.oval:def:8710
The 'MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic.' setting should be configured correctly.

oval:org.secpod.oval:def:8715
Switch to the secure desktop when prompting for elevation

oval:org.secpod.oval:def:8837
The 'System objects: Require case insensitivity for non-Windows subsystems' setting should be configured correctly.

oval:org.secpod.oval:def:8716
The 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' setting should be configured correctly.

oval:org.secpod.oval:def:8839
The 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' setting should be configured correctly.

oval:org.secpod.oval:def:19441
The 'Server Authentication Certificate Template' machine setting should be configured correctly.

oval:org.secpod.oval:def:8809
The "Turn off Search Companion content file updates" machine setting should be configured correctly.

oval:org.secpod.oval:def:8803
The 'User Account Control: Virtualize file and registry write failures to per-user locations' setting should be configured correctly.

oval:org.secpod.oval:def:8926
The 'Accounts: Limit local account use of blank passwords to console logon only' setting should be configured correctly.

oval:org.secpod.oval:def:19210
The 'Configure minimum PIN length for startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:19452
The 'Allow Remote Shell Access' machine setting should be configured correctly.

oval:org.secpod.oval:def:8819
The 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' setting should be configured correctly.

oval:org.secpod.oval:def:8814
The "Enable user control over installs" machine setting should be configured correctly.

oval:org.secpod.oval:def:8908
Customer Experience Improvement Program

oval:org.secpod.oval:def:18839
The 'Allow enhanced PINs for startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:8788
The 'Interactive logon: Do not require CTRL+ALT+DEL' setting should be configured correctly.

oval:org.secpod.oval:def:8789
The 'Network security: Allow LocalSystem NULL session fallback' setting should be configured correctly.

oval:org.secpod.oval:def:8785
The 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:18942
The Deny log on through Remote Desktop Services user right should be assigned to the appropriate accounts. This policy setting determines whether users can log on as Terminal Services clients. After the baseline member server is joined to a domain environment, there is no need to use local accounts ...

oval:org.secpod.oval:def:8795
The 'Microsoft network client: Send unencrypted password to third-party SMB servers' setting should be configured correctly.

oval:org.secpod.oval:def:8796
The 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' setting should be configured correctly.

oval:org.secpod.oval:def:18943
Auditing of 'System: Other System Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8792
The 'Network access: Sharing and security model for local accounts' setting should be configured correctly.

oval:org.secpod.oval:def:18819
Auditing of 'Policy Change: MPSSVC Rule Level Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18754
Auditing of 'Account Management: Distribution Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8769
The 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' setting should be configured correctly.

oval:org.secpod.oval:def:8763
The "Prevent the computer from joining a homegroup" machine setting should be configured correctly.

oval:org.secpod.oval:def:19600
The 'Always install with elevated privileges' machine setting should be configured correctly.

oval:org.secpod.oval:def:18756
Auditing of 'DS Access: Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8880
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:org.secpod.oval:def:8777
The 'Domain member: Disable machine account password changes' setting should be configured correctly.

oval:org.secpod.oval:def:18886
The 'MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)' setting should be configured correctly.

oval:org.secpod.oval:def:8899
Solicited Remote Assistance

oval:org.secpod.oval:def:8779
The 'Interactive logon: Do not display last user name' setting should be configured correctly.

oval:org.secpod.oval:def:8774
The 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' setting should be configured correctly.

oval:org.secpod.oval:def:8776
The 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' setting should be configured correctly.

oval:org.secpod.oval:def:18883
The 'Audit: Shut down system immediately if unable to log security audits' setting should be configured correctly.

oval:org.secpod.oval:def:18760
Auditing of 'Object Access: Certification Services' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8772
The Deny log on locally user right should be assigned to the appropriate accounts. This security setting determines which users are prevented from logging on at the computer. This policy setting supersedes the Allow log on locally policy setting if an account is subject to both policies.Important:I ...

oval:org.secpod.oval:def:8747
The 'Interactive logon: Smart card removal behavior' setting should be configured correctly.

oval:org.secpod.oval:def:18855
Auditing of 'DS Access: Directory Service Access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8755
The 'Devices: Allowed to format and eject removable media' setting should be configured correctly.

oval:org.secpod.oval:def:8756
Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders

oval:org.secpod.oval:def:8757
The 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' setting should be configured correctly.

oval:org.secpod.oval:def:8878
Enumerate administrator accounts on elevation

oval:org.secpod.oval:def:8751
The Network security: LDAP client signing requirements setting should be configured correctly. This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests, as follows: * None. The LDAP BIND request is issued with the caller-specified ...

oval:org.secpod.oval:def:8874
Prevent printing over HTTP.

oval:org.secpod.oval:def:18867
The 'Interactive logon: Require Domain Controller authentication to unlock workstation' setting should be configured correctly.

oval:org.secpod.oval:def:8754
The 'Audit: Audit the use of Backup and Restore privilege' setting should be configured correctly.

oval:org.secpod.oval:def:19090
The 'Deny write access to removable drives not protected by BitLocker' machine setting should be configured correctly.

oval:org.secpod.oval:def:18902
Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19001
Auditing of 'Account Management: Other Account Management Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19366
The 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' machine setting should be configured correctly.

oval:org.secpod.oval:def:19361
The 'Deny write access to fixed drives not protected by BitLocker' machine setting should be configured correctly.

oval:org.secpod.oval:def:19483
The 'Require additional authentication at startup' machine setting should be configured correctly.

oval:org.secpod.oval:def:19480
The 'Prevent memory overwrite on restart' machine setting should be configured correctly.

oval:org.secpod.oval:def:19255
The 'Validate smart card certificate usage rule compliance' machine setting should be configured correctly.

oval:org.secpod.oval:def:19499
The 'Choose how BitLocker-protected removable drives can be recovered' machine setting should be configured correctly.

oval:org.secpod.oval:def:19108
Auditing of 'Object Access: Other Object Access Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19581
The 'Configure use of passwords for fixed data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19595
The 'Configure use of smart cards on removable data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19233
The 'Control use of BitLocker on removable drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19110
Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19164
The 'Provide the unique identifiers for your organization' machine setting should be configured correctly.

oval:org.secpod.oval:def:19295
The 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' machine setting should be configured correctly.

oval:org.secpod.oval:def:19172
The 'Choose how BitLocker-protected fixed drives can be recovered' machine setting should be configured correctly.

oval:org.secpod.oval:def:19029
The 'Shutdown: Clear virtual memory pagefile' setting should be configured correctly.

oval:org.secpod.oval:def:19155
The 'Configure use of smart cards on fixed data drives' machine setting should be configured correctly.

oval:org.secpod.oval:def:19035
Auditing of 'DS Access: Detailed Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8844
The "Maximum Log Size (KB)" machine setting should be configured correctly for the secirity log.

oval:org.secpod.oval:def:8724
The 'Network access: Let Everyone permissions apply to anonymous users' setting should be configured correctly.

oval:org.secpod.oval:def:8845
The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly.

oval:org.secpod.oval:def:8848
Reset Account Lockout Counter After

oval:org.secpod.oval:def:8855
The "Maximum Log Size (KB)" machine setting should be configured correctly for the application log.

oval:org.secpod.oval:def:8858
The "Maximum Log Size (KB)" machine setting should be configured correctly for the system log.

oval:org.secpod.oval:def:18898
Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8822
The 'Network access: Restrict anonymous access to Named Pipes and Shares' setting should be configured correctly.

oval:org.secpod.oval:def:8824
The 'Network access: Named Pipes that can be accessed anonymously' setting should be configured correctly.

oval:org.secpod.oval:def:8820
The 'Interactive logon: Prompt user to change password before expiration' setting should be configured correctly.

oval:org.secpod.oval:def:19624
The 'Require 128-bit encryption' option for the 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18890
Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8829
The 'Microsoft network client: Digitally sign communications (always)' setting should be configured correctly.

oval:org.secpod.oval:def:8711
The 'Network access: Do not allow anonymous enumeration of SAM accounts' setting should be configured correctly.

oval:org.secpod.oval:def:8831
The built-in Administrator account should be correctly named. The built-in local administrator account is a well-known account name that attackers will target. Microsoft recommends to choose another name for this account, and to avoid names that denote administrative or elevated access accounts. Be ...

oval:org.secpod.oval:def:8836
The 'Network security: LAN Manager authentication level' setting should be configured correctly.

oval:org.secpod.oval:def:8838
The 'Microsoft network server: Digitally sign communications (always)' setting should be configured correctly.

oval:org.secpod.oval:def:19508
The 'Do not process the run once list' machine setting should be configured correctly.

oval:org.secpod.oval:def:8808
The 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' setting should be configured correctly.

oval:org.secpod.oval:def:19444
The 'Allow Standby States (S1-S3) When Sleeping (On Battery)' machine setting should be configured correctly.

oval:org.secpod.oval:def:8925
The Accounts: Guest account status setting should be configured correctly. This policy setting determines whether the Guest account is enabled or disabled. The Guest account allows unauthenticated network users to gain access to the system. Note that this setting will have no impact when applied to ...

oval:org.secpod.oval:def:8806
The "Restrictions for Unauthenticated RPC clients" machine setting should be configured correctly.

oval:org.secpod.oval:def:8927
The 'Devices: Prevent users from installing printer drivers' setting should be configured correctly.

oval:org.secpod.oval:def:8812
The 'Domain member: Maximum machine account password age' setting should be configured correctly.

oval:org.secpod.oval:def:8813
The 'Store passwords using reversible encryption' setting should be configured correctly.

oval:org.secpod.oval:def:19456
The 'Allow users to connect remotely using Remote Desktop Services' machine setting should be configured correctly.

oval:org.secpod.oval:def:8818
The 'User Account Control: Only elevate executables that are signed and validated' setting should be configured correctly.

oval:org.secpod.oval:def:8915
The "Require a Password When a Computer Wakes (On Battery)" machine setting should be configured correctly.

oval:org.secpod.oval:def:7706
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:org.secpod.oval:def:18953
Auditing of 'Object Access: Handle Manipulation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18836
The Deny log on as a batch job user right should be assigned to the appropriate accounts. This policy setting determines which accounts will not be able to log on to the computer as a batch job. A batch job is not a batch (.bat) file, but rather a batch-queue facility. Accounts that use the Task Sc ...

oval:org.secpod.oval:def:18835
Auditing of 'Privilege Use: Other Privilege Use Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18935
Auditing of 'Logon-Logoff: Other Logon Logoff Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18813
Auditing of 'Detailed Tracking: Process Creation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8787
The 'User Account Control: Behavior of the elevation prompt for standard users' setting should be configured correctly.

oval:org.secpod.oval:def:8780
The 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' setting should be configured correctly.

oval:org.secpod.oval:def:8782
The 'User Account Control: Detect application installations and prompt for elevation' setting should be configured correctly.

oval:org.secpod.oval:def:18809
Auditing of 'Object Access: SAM' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18929
Auditing of 'Account Management: Computer Account Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8791
The 'Network access: Shares that can be accessed anonymously' setting should be configured correctly.

oval:org.secpod.oval:def:18817
Auditing of 'Policy Change: Filtering Platform Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8793
The 'Network security: Do not store LAN Manager hash value on next password change' setting should be configured correctly.

oval:org.secpod.oval:def:8766
RPC Endpoint Mapper Client Authentication

oval:org.secpod.oval:def:18755
Auditing of 'Account Management: User Account Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8767
The 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' setting should be configured correctly.

oval:org.secpod.oval:def:8768
The Deny access to this computer from the network user right should be assigned to the appropriate accounts. This policy setting prohibits users from connecting to a computer from across the network, which would allow users to access and potentially modify data remotely. In high security environmen ...

oval:org.secpod.oval:def:18752
Auditing of 'Account Logon: Kerberos Service Ticket Operations' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8762
The 'User Account Control: Run all administrators in Admin Approval Mode' setting should be configured correctly.

oval:org.secpod.oval:def:18751
Auditing of 'Account Logon: Credential Validation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18885
Auditing of 'Account Management: Application Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18763
Auditing of 'Object Access: Registry' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8894
Require a Password when a Computer Wakes (Plugged in)

oval:org.secpod.oval:def:8773
The 'Minimum password age' setting should be configured correctly.

oval:org.secpod.oval:def:18769
Auditing of 'Object Access: File System' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8895
Set client connection encryption level

oval:org.secpod.oval:def:18882
Auditing of 'Account Management: Security Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18761
Auditing of 'Object Access: Kernel Object' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18880
Auditing of 'Logon-Logoff: Special Logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18733
The 'Domain member: Digitally sign secure channel data (when possible)' setting should be configured correctly.

oval:org.secpod.oval:def:8744
The 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' setting should be configured correctly.

oval:org.secpod.oval:def:7897
The number of passwords remembered

oval:org.secpod.oval:def:8866
Always prompt client for password upon connection

oval:org.secpod.oval:def:7898
The Account lockout duration setting should be configured correctly. This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again. The setting does this by specifying the number of minutes a locked out account will remain un ...

oval:org.secpod.oval:def:18973
Auditing of 'Logon-Logoff: IPsec Main Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8746
The 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' setting should be configured correctly.

oval:org.secpod.oval:def:7899
The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ...

oval:org.secpod.oval:def:8861
The "Allow remote access to the Plug and Play interface" machine setting should be configured correctly.

oval:org.secpod.oval:def:18978
Auditing of 'Logon-Logoff: IPsec Extended Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8748
The 'Network security: Force logoff when logon hours expire' setting should be configured correctly.

oval:org.secpod.oval:def:18849
The 'Turn Off the Display (On Battery)' machine setting should be configured correctly.

oval:org.secpod.oval:def:8876
Turn off Autoplay for non-volume devices

oval:org.secpod.oval:def:8877
Default behavior for AutoRun

oval:org.secpod.oval:def:18868
Auditing of 'Logon-Logoff: IPsec Quick Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8875
Allowing unsecure RPC communication exposes the server to man in the middle attacks and data disclosure attacks. A man in the middle attack occurs when an intruder captures packets between a client and server and modifies them before allowing the packets to be exchanged. Usually the attacker will mo ...

oval:org.secpod.oval:def:18860
Auditing of 'Policy Change: Other Policy Change Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19066
Auditing of 'Logon-Logoff: Logoff' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19198
The 'Turn off Data Execution Prevention for HTML Help Executible' machine setting should be configured correctly.

oval:org.secpod.oval:def:19071
Auditing of 'Logon-Logoff: Logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19073
Auditing of 'Object Access: Application Generated' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:18917
Auditing of 'Logon-Logoff: Account Lockout' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19006
Auditing of 'System: Security State Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19003
Auditing of 'Privilege Use: Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19016
Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19018
Auditing of 'System: Security System Extension' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19015
Auditing of 'Object Access: File Share' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19589
The 'Turn Off the Display (Plugged In)' machine setting should be configured correctly.

oval:org.secpod.oval:def:19102
Auditing of 'Policy Change: Authentication Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7900
The Minimum password length setting should be configured correctly.

oval:org.secpod.oval:def:7901
The 'Password must meet complexity requirements' policy should be set correctly.

oval:org.secpod.oval:def:7902
Maximum password age is the profile defined number of days

oval:org.secpod.oval:def:19023
Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19020
Auditing of 'System: System Integrity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:19158
The 'Do not process the legacy run list' machine setting should be configured correctly.

oval:org.secpod.oval:def:19396
The 'Allow Standby States (S1-S3) When Sleeping (Plugged In)' machine setting should be configured correctly.

CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    219
CCE-11138-5
CCE-11890-1
CCE-12204-4
CCE-11400-9
...
*XCCDF
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2008_R2

© 2013 SecPod Technologies