[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:5645
Verify that all users are assigned a unique ID for access to system components or cardholder data and also verify that users are authenticated using unique ID and additional authentication (for example, a password) for access to the cardholder data environment.

oval:org.secpod.oval:def:5646
Verify that inactive accounts over 90 days old are either removed or disabled.

oval:org.secpod.oval:def:8447
The "Set time limit for idle sessions" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8448
The "Message text for users attempting to log on" policy should be set correctly.

oval:org.secpod.oval:def:8449
The "Smart Card Removal Behavior" policy should be set correctly.

oval:org.secpod.oval:def:8443
The "Do not store LAN Manager hash value on next password change" policy should be set correctly.

oval:org.secpod.oval:def:8444
The "Digitally Sign Client Communication (Always)" policy should be set correctly.

oval:org.secpod.oval:def:8445
The "Limit Users to One Remote Session" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8446
The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly.

oval:org.secpod.oval:def:8440
The "Maximum User Ticket Lifetime" policy should be set correctly.

oval:org.secpod.oval:def:8441
The "Do not Delete Temp folder on exit" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8442
The behavior surrounding Anonymous users' ability to display lists of SAM accounts should be correct.

oval:org.secpod.oval:def:8458
The "Named Pipes that can be accessed anonymously" policy should be set correctly.

oval:org.secpod.oval:def:8459
The "Require Case Insensitivity for Non-Windows Sybsystems" policy should be set correctly.

oval:org.secpod.oval:def:8454
The "LAN Manager Authentication Level" policy should be set correctly.

oval:org.secpod.oval:def:8455
Disallow Installation of Printers Using Kernel-mode Drivers should be properly configured.

oval:org.secpod.oval:def:8456
The "Number of Previous Logons to Cache" policy should be set correctly.

oval:org.secpod.oval:def:8457
The "Do not Use Temp folders per Session" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8450
The "Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders" policy should be set correctly.

oval:org.secpod.oval:def:8451
The "Allow Reconnection from Original Client Only" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8452
Automatic Logon should be properly configured.

oval:org.secpod.oval:def:8453
The "Enforce user logon restrictions" policy should be set correctly.

oval:org.secpod.oval:def:8425
This setting requires users to wait for a certain number of days before changing their password again.

oval:org.secpod.oval:def:10095
Auditing of 'process tracking' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10096
If the System log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep.

oval:org.secpod.oval:def:8426
Always Wait for the Network at Computer Startup and Logon should be properly configured.

oval:org.secpod.oval:def:10097
The 'Secure Channel: Digitally Sign Secure Channel Data (When Possible)' policy should be set correctly.

oval:org.secpod.oval:def:8428
The "log on locally" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10098
The startup type of the Remote Access Auto connection Manager service should be correct.

oval:org.secpod.oval:def:8421
The "deny logon locally" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10099
The 'Anonymous access to the security event log' policy should be set correctly.

oval:org.secpod.oval:def:8422
The "create a pagefile" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8423
The "increase scheduling priority" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8424
The "deny logon as a service" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10090
The 'restrict guest access to system log' policy should be set correctly.

oval:org.secpod.oval:def:8429
The "reset account lockout counter after" policy should meet minimum requirements.

oval:org.secpod.oval:def:10091
The startup type of the World Wide Web Publishing service should be correct.

oval:org.secpod.oval:def:10092
The correct service permissions for the Messenger service should be assigned.

oval:org.secpod.oval:def:10093
The startup type of the Simple TCP/IP service should be correct.

oval:org.secpod.oval:def:10094
The system log maximum size should be configured correctly..

oval:org.secpod.oval:def:7691
The Screen Saver Executable Name setting should be configured correctly for the current user.

oval:org.secpod.oval:def:7692
The Screen Saver timeout setting should be configured correctly.

oval:org.secpod.oval:def:8420
The "maximum password age" policy should meet minimum requirements.

oval:org.secpod.oval:def:7690
The settings of screen saver should be enabled or disabled as appropriate for the current user.

oval:org.secpod.oval:def:8436
The "Allow undock without having to logon" policy should be set correctly.

oval:org.secpod.oval:def:8437
The "Minimum session security for NTLM SSP based clients" policy should be set correctly.

oval:org.secpod.oval:def:8438
TCP/IP SYN Flood Attack Protection should be properly configured.

oval:org.secpod.oval:def:8439
The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8432
The "Shares that can be accessed anonymously" policy should be set correctly.

oval:org.secpod.oval:def:8433
Autoplay on all Drive Types should be properly configured.

oval:org.secpod.oval:def:8434
The "Allow Solicited Remote Assistance" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8435
The "Refuse machine account password change" policy should be set correctly.

oval:org.secpod.oval:def:8430
The "Terminate session when time limits are reached" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8431
The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly.

oval:org.secpod.oval:def:8403
The "password must meet complexity requirements" policy should be set correctly.

oval:org.secpod.oval:def:8404
The "enforce password history" policy should meet minimum requirements.

oval:org.secpod.oval:def:8405
The "replace a process-level token" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8406
The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly.

oval:org.secpod.oval:def:8400
The "minimum password length" policy should meet minimum requirements.

oval:org.secpod.oval:def:8401
The "Shut Down system immediately if unable to log security audits" policy should be set correctly.

oval:org.secpod.oval:def:8402
The "Use FIPS compliant algorithms for encryption, hashing, and signing" policy should be set correctly.

oval:org.secpod.oval:def:8407
The "restore files and directories" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8408
The "enable computer and user accounts to be trusted for delegation" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8409
The "Require Strong (Windows 2000 or later) Session Key" policy should be set correctly.

oval:org.secpod.oval:def:7688
The Password protect the screen saver setting should be configured correctly.

oval:org.secpod.oval:def:8414
The "Create a token object" user right should be assigned to the correct accounts. The "Create a token object" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:5025
If virtualization technologies are used, verify that only one primary function is implemented per virtual system component or device.

oval:org.secpod.oval:def:8415
The "allow logon through Terminal Services" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:5024
Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)

oval:org.secpod.oval:def:5023
For wireless environments connected to the cardholder data environment or transmitting cardholder data, change wireless vendor defaults, including but not limited to default wireless encryption keys, passwords, and SNMP community strings.

oval:org.secpod.oval:def:8416
The "Require Domain Controller authentication to unlock workstation" policy should be set correctly.

oval:org.secpod.oval:def:8417
IRDP should be properly configured.

oval:org.secpod.oval:def:8410
The "Allow Server Operators to Schedule Tasks" policy should be set correctly.

oval:org.secpod.oval:def:8411
The "act as part of the operating system" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8412
The "generate security audits" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:7687
The Password protect the screen saver setting should be configured correctly.

oval:org.secpod.oval:def:8413
The startup type of the Messenger service should be correct.

oval:org.secpod.oval:def:8418
The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly.

oval:org.secpod.oval:def:8419
Display Last User Name in Logon Screen should be properly configured.

oval:org.secpod.oval:def:5021
Malicious software, commonly referred to as malware including viruses, worms, and Trojans enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Ant ...

oval:org.secpod.oval:def:7893
Account lockout threshold is the profile defined number of invalid logon attempts

oval:org.secpod.oval:def:7894
The "account lockout duration" policy should meet minimum requirements.

oval:org.secpod.oval:def:10150
The 'Allow automatic updates immediate installation' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10151
The 'Do Not Allow Local Administrators to Customize Permissions' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:10152
The 'Disable Periodic Check For Internet Explorer Software Updates' setting should be configured correctly.

oval:org.secpod.oval:def:10153
The 'Audit the use of backup and restore privilege' policy should be set correctly.

oval:org.secpod.oval:def:10033
The 'deny logon as a batch job' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10154
Administrative Shares should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10155
The 'Maximum User Renewal Lifetime' policy should be set correctly.

oval:org.secpod.oval:def:10034
The startup type of the Automatic Update service should be correct.

oval:org.secpod.oval:def:10156
Automatic Reboot After System Crash should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10035
The startup type of the Internet Connection Sharing service should be correct.

oval:org.secpod.oval:def:10036
The correct service permissions for the SNMP Trap service should be assigned.

oval:org.secpod.oval:def:10157
Use of the built-in Administrator account should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10147
The 'Always Install with Elevated Privileges' policy should be set correctly.

oval:org.secpod.oval:def:10148
The 'Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)' policy should be set correctly.

oval:org.secpod.oval:def:10149
The 'Enable User to Patch Elevated Products' policy should be set correctly.

oval:org.secpod.oval:def:10040
The startup type of the Terminal Services service should be correct.

oval:org.secpod.oval:def:10161
Authentication requirements for RPC clients should be configured appropriately.

oval:org.secpod.oval:def:10041
The 'Allow Administrator to Install from Terminal Services Session' policy should be set correctly.

oval:org.secpod.oval:def:10162
The 'Interactive logon: Requre smart card' setting should be configured correctly.

oval:org.secpod.oval:def:10042
The 'Prevent Codec Download' policy should be set correctly for Windows MediaPlayer.

oval:org.secpod.oval:def:10163
The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly.

oval:org.secpod.oval:def:10043
The 'Allow System to be Shut Down Without Having to Log On' policy should be set correctly.

oval:org.secpod.oval:def:10164
Kerberos and RSVP Traffic Protected by IPSec should be properly configured.

oval:org.secpod.oval:def:10044
TCP/IP Dead Gateway Detection should be properly configured.

oval:org.secpod.oval:def:10045
The 'restrict guest access to security log' policy should be set correctly.

oval:org.secpod.oval:def:10046
The 'Security Zones: Do Not Allow Users to Add/Delete Sites' setting should be configured correctly.

oval:org.secpod.oval:def:10047
The startup type of the Telnet service should be correct.

oval:org.secpod.oval:def:10160
The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10037
The correct service permissions for the Alerter service should be assigned.

oval:org.secpod.oval:def:10158
RPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10159
System availability to Master Browser should be properly configured.

oval:org.secpod.oval:def:10038
The 'Restrict Floppy Access to Locally Logged-On User Only' policy should be set correctly.

oval:org.secpod.oval:def:10039
Auditing of 'directory service access' events on success should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:10130
The startup type of the Background Intelligent Transfer Service (BITS) service should be correct.

oval:org.secpod.oval:def:10131
The startup type of the .NET Framework service should be correct.

oval:org.secpod.oval:def:8388
The "Do Not Automatically Start Windows Messenger" policy should be set correctly.

oval:org.secpod.oval:def:10132
The correct service permissions for the ClipBook service should be assigned.

oval:org.secpod.oval:def:8389
The "access this computer from the network" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10133
The 'Do Not Allow Windows Messenger to be Run' policy should be set correctly.

oval:org.secpod.oval:def:10134
The 'Reschedule Automatic Updates scheduled installations' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10135
The correct service permissions for the Fax service should be assigned.

oval:org.secpod.oval:def:10125
The startup type of the Remote Registry service should be correct.

oval:org.secpod.oval:def:8384
The "Maximum Service Ticket Lifetime" policy should be set correctly.

oval:org.secpod.oval:def:8385
The "create permanent shared objects" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10126
The startup type of the Indexing service should be correct.

oval:org.secpod.oval:def:8386
The "Digitally Sign Server Communication (Always)" policy should be set correctly.

oval:org.secpod.oval:def:10127
The startup type of the Routing and Remote Access service should be correct.

oval:org.secpod.oval:def:8387
Background Refresh of Group Policy should be properly configured.

oval:org.secpod.oval:def:10128
The startup type of the Alerter service should be correct.

oval:org.secpod.oval:def:8380
The "Digitally Sign Server Communication (When Possible)" policy should be set correctly.

oval:org.secpod.oval:def:10129
The correct service permissions for the Automatic Updates service should be assigned.

oval:org.secpod.oval:def:8381
The "log on as a batch job" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8382
The "modify firmware environment values" user right should be assigned to the correct accounts. The "modify firmware environment values" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8383
IP Source Routing should be properly configured.

oval:org.secpod.oval:def:10140
The 'Hide Property Pages' policy should be set correctly for the Task Scheduler.

oval:org.secpod.oval:def:10141
The 'Specify intranet Microsoft update service location' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10142
TCP/IP PMTU Discovery should be properly configured.

oval:org.secpod.oval:def:8399
The "Do not allow storage of credentials or .NET Passports" policy should be set correctly.

oval:org.secpod.oval:def:10143
Automatic updates should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10144
The 'Prohibit New Task Creation' policy should be set correctly for the Task Scheduler.

oval:org.secpod.oval:def:10145
The 'Audit the access of global system objects' policy should be set correctly.

oval:org.secpod.oval:def:10146
The startup type of the Removable Storage service should be correct.

oval:org.secpod.oval:def:8390
The "log on as a service" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8395
The "synchronize directory service data" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10136
The 'Always Prompt Client for Password upon Connection' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8396
The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly.

oval:org.secpod.oval:def:10137
The correct service permissions for the Remote Desktop Help Session Manager service should be assigned.

oval:org.secpod.oval:def:10138
The 'Restrict CD-ROM Access to Locally Logged-On User Only' policy should be set correctly.

oval:org.secpod.oval:def:8397
The "bypass traverse checking" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10139
The 'Make Proxy Settings Per-Machine (Rather Then Per-User)' setting should be configured correctly.

oval:org.secpod.oval:def:8391
The "shut down the system" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8392
The "add workstations to domain" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8393
The "Limit local account user of blank passwords to console logon only" policy should be set correctly.

oval:org.secpod.oval:def:8394
The "force shutdown from a remote system" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10073
The behavior surrounding Anonymous SID/Name translation should be correct.

oval:org.secpod.oval:def:10074
The 'Security Zones: Use Only Machine Settings' setting should be configured correctly.

oval:org.secpod.oval:def:10075
The 'when maximum log size is reached' property should be set correctly for the System log.

oval:org.secpod.oval:def:10076
Auditing of 'account management' events on success should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:8366
The "back up files and directories" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10077
The startup type of the Remote Access Auto connection Manager service should be correct.

oval:org.secpod.oval:def:8487
The "System cryptography: Force strong key protection for user keys stored on the computer" policy should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8367
The "Send Unencrypted Password to Connect to Third-Party SMB Servers" policy should be set correctly.

oval:org.secpod.oval:def:10078
The correct service permissions for the FTP Publishing service should be assigned.

oval:org.secpod.oval:def:8488
The number of SYN-ACK retransmissions sent when attempting to respond to a SYN request should be configured correctly.

oval:org.secpod.oval:def:10079
The "deny logon through Terminal Services" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8368
The "Set time limit for disconnected sessions" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8489
The Security Audit log warning level should be properly configured.

oval:org.secpod.oval:def:8369
Use of the built-in Guest account should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10070
Auditing of 'privilege use' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:10071
The startup type of the Simple Mail Transport Protocol (SMTP) service should be correct.

oval:org.secpod.oval:def:10072
Auditing of 'logon' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8362
The "LDAP client signing requirements" policy should be set correctly.

oval:org.secpod.oval:def:8483
The "Impersonate a client after authentication" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8363
The "take ownership of files or other objects" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8484
The "Registry policy processing" policy should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8364
The built-in Administrator account should be correctly named.

oval:org.secpod.oval:def:8485
Anonymous access to Named Pipes and Shares via the network should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8486
The "Remotely accessible registry paths and subpaths" policy should be set correctly.

oval:org.secpod.oval:def:8365
The "profile single process" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8480
The "Create global objects" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8360
The TCP/IP KeepAlive Time should be set correctly.

oval:org.secpod.oval:def:8481
The number of retransmissions sent of TCP data segments before the connection is dropped should be set correctly.

oval:org.secpod.oval:def:8482
The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured properly.

oval:org.secpod.oval:def:8361
TCP/IP NetBIOS Name Release on Request Prevented should be properly configured.

oval:org.secpod.oval:def:10084
Auditing of 'account logon' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:10085
The correct service permissions for the Indexing service should be assigned.

oval:org.secpod.oval:def:10086
The startup type of the Universal Plug and Play Device Host (UPnP) service should be correct.

oval:org.secpod.oval:def:10087
The 'Security Zones: Do Not Allow Users to Change Policies' setting should be configured correctly.

oval:org.secpod.oval:def:8377
The "deny access to this computer from the network" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10088
The correct service permissions for the NetMeeting service should be assigned.

oval:org.secpod.oval:def:8378
The "Sharing and security model for local accounts" policy should be set correctly.

oval:org.secpod.oval:def:10089
The 'when maximum log size is reached' property should be set correctly for the Security log.

oval:org.secpod.oval:def:8379
The "adjust memory quotas for a process" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10080
Installation and Configuration of Network Bridge on the DNS Domain Network should be properly configured.

oval:org.secpod.oval:def:10081
Auditing of 'account management' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:10082
Auditing of 'process tracking' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10083
The correct service permissions for the SMTP service should be assigned.

oval:org.secpod.oval:def:8373
The "Strengthen Default Permissions of Global System Objects" policy should be set correctly.

oval:org.secpod.oval:def:8374
The "Maximum machine account password age" policy should be set correctly.

oval:org.secpod.oval:def:8375
The "profile system performance" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8376
The "Disable CTRL+ALT+Delete Requirement for Logon" policy should be set correctly.

oval:org.secpod.oval:def:8490
The "Digitally Sign Client Communication (When Possible)" policy should be set correctly.

oval:org.secpod.oval:def:8491
The time in seconds before the screen saver grace period expires (ScreenSaverGracePeriod) setting should be configured correctly.

oval:org.secpod.oval:def:8370
The startup type of the NetMeeting Remote Desktop Sharing service should be correct.

oval:org.secpod.oval:def:8371
The "lock pages in memory" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8492
The "Prevent System Maintenance of Computer Account Password" policy should be set correctly.

oval:org.secpod.oval:def:8372
The "Default owner for objects created by members of the Administrators group" policy should be set correctly.

oval:org.secpod.oval:def:8469
The amount of idle time required before disconnecting a session should be set correctly.

oval:org.secpod.oval:def:10051
The 'Enable User to Browser for Source While Elevated' policy should be set correctly.

oval:org.secpod.oval:def:10052
The correct service permissions for the Remote Registry service should be assigned.

oval:org.secpod.oval:def:10053
The startup type of the Background Intelligent Transfer Service (BITS) service should be correct.

oval:org.secpod.oval:def:10054
Auditing of 'privilege use' events on success should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:8465
The built-in Guest account should be correctly named.

oval:org.secpod.oval:def:10055
The correct service permissions for the Terminal Services service should be assigned.

oval:org.secpod.oval:def:10056
The TCPMaxPortsExhausted setting should be properly configured.

oval:org.secpod.oval:def:8466
Disable saving of dial-up passwords should be properly configured.

oval:org.secpod.oval:def:10057
The correct service permissions for the Printer service should be assigned.

oval:org.secpod.oval:def:8467
The "Enable Error Reporting" policy should be set correctly.

oval:org.secpod.oval:def:10058
The 'No auto-restart with logged on users for scheduled automatic updates installations' setting should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8468
The "Minimum session security for NTLM SSP based servers" policy should be set correctly.

oval:org.secpod.oval:def:10050
The startup type of the Print Services for Unix service should be correct.

oval:org.secpod.oval:def:10048
Auditing of 'directory service access' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:10049
If the Security log's retention method is set to "Overwrite events by days," an appropriate value should be set for the number of days' logs to keep.

oval:org.secpod.oval:def:8462
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes

oval:org.secpod.oval:def:8463
The "Remotely accessible registry paths" policy should be set correctly. The "Remotely accessible registry paths" policy should be set correctly.

oval:org.secpod.oval:def:8464
The "Secure Channel: Digitally Encrypt or Sign Secure Channel Data (Always)" policy should be set correctly.

oval:org.secpod.oval:def:8460
The "Force logoff when logon hours expire" policy should be set correctly.

oval:org.secpod.oval:def:10062
The 'load and unload device drivers' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8359
The "Message title for users attempting to log on" policy should be set correctly.

oval:org.secpod.oval:def:10063
Auditing of 'policy change' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10064
The 'perform volume maintenance tasks' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10065
Auditing of 'account logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:8355
The "debug programs" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:8476
The "Users Prompted to Change Password Before Expiration" policy should be set correctly.

oval:org.secpod.oval:def:10066
The security log maximum size should be configured correctly..

oval:org.secpod.oval:def:10067
The startup type of the ClipBook service should be correct.

oval:org.secpod.oval:def:8357
The "store password using reversible encryption for all users in the domain" policy should be set correctly.

oval:org.secpod.oval:def:10068
The startup type of the IIS Admin service should be correct.

oval:org.secpod.oval:def:8478
The "Let Everyone permissions apply to anonymous users" policy should be set correctly.

oval:org.secpod.oval:def:10069
The correct service permissions for the SNMP service should be assigned.

oval:org.secpod.oval:def:8479
The "Remote Control Settings" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8358
The "remove computer from docking station" user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10060
Auditing of 'object access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10061
Auditing of 'object access' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10059
The 'restrict guest access to application log' policy should be set correctly.

oval:org.secpod.oval:def:8472
Safe DLL Search Mode should be properly configured.

oval:org.secpod.oval:def:8473
The "Limit Number of Connections" policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:8474
The "Unsigned Driver Installation Behavior" policy should be set correctly. The "Unsigned Driver Installation Behavior" policy should be set correctly.

oval:org.secpod.oval:def:8475
The "LDAP server signing requirements" policy should be set correctly.

oval:org.secpod.oval:def:8470
The "Prevent Users from Installing Printer Drivers" policy should be set correctly.

oval:org.secpod.oval:def:8471
The "Disconnect clients when logon hours expire" policy should be set correctly.

oval:org.secpod.oval:def:10110
If the Application log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep.

oval:org.secpod.oval:def:10111
The correct service permissions for the WWW Publishing service should be assigned.

oval:org.secpod.oval:def:10112
The 'manage auditing and security log' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:10113
The correct service permissions for the IIS Admin service should be assigned.

oval:org.secpod.oval:def:10103
Auditing of 'policy change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10104
The 'Enable User Control Over Installs' policy should be set correctly.

oval:org.secpod.oval:def:10105
The application log maximum size should be configured correctly..

oval:org.secpod.oval:def:10106
The startup type of the Print Services for Unix service should be correct.

oval:org.secpod.oval:def:10107
The startup type of the Remote Desktop Help Session Manager service should be correct.

oval:org.secpod.oval:def:10108
The startup type of the Task Scheduler service should be correct.

oval:org.secpod.oval:def:10109
The startup type of the Fax service should be correct.

oval:org.secpod.oval:def:10120
The 'Disable Automatic Install of Internet Explorer Components' setting should be configured correctly.

oval:org.secpod.oval:def:10121
The startup type of the Remote Shell service should be correct.

oval:org.secpod.oval:def:10122
Auditing of 'logon' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10123
The 'Automatic Updates detection frequency' should be set correctly.

oval:org.secpod.oval:def:10124
Auditing of 'system' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10114
The startup type of the FTP Publishing service should be correct.

oval:org.secpod.oval:def:10115
The correct service permissions for the Telnet service should be assigned.

oval:org.secpod.oval:def:10116
The 'Enable User to Use Media Source While Elevated' policy should be set correctly.

oval:org.secpod.oval:def:10117
The behavior surrounding Anonymous users' ability to display lists of SAM accounts and shares should be correct.

oval:org.secpod.oval:def:10118
The 'Clear Virtual Memory Pagefile at shutdown' policy should be set correctly.

oval:org.secpod.oval:def:10119
Auditing of 'system' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:10100
The startup type of the SNMP Service service should be correct.

oval:org.secpod.oval:def:10101
The startup type of the SNMP Trap Service service should be correct.

oval:org.secpod.oval:def:10102
The startup type of the SSDP Discovery service should be correct.

CPE    1
cpe:/o:microsoft:windows_server_2003
CCE    274
CCE-3492-6
CCE-3514-7
CCE-2790-4
CCE-2869-6
...
*XCCDF
xccdf_org.secpod_benchmark_Windows_2003

© 2013 SecPod Technologies