[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77982

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:gov.nist.usgcb.windowsseven:def:301
configure automatic updates

oval:gov.nist.usgcb.windowsseven:def:300
Prevents users from being prompted to update Windows Media Player. This policy prevents the Player from being updated and prevents users with administrator rights from being prompted to update the Player if an updated version is available. The Check for Player Updates command on the Help menu in the ...

oval:gov.nist.USGCB.win7firewall:def:20922
Allow Unicast Response - Private Profile

oval:gov.nist.USGCB.win7firewall:def:20929
The log file size limit for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.win7firewall:def:20928
The log file path and name for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.win7firewall:def:20933
Allow Unicast Response - Public Profile

oval:gov.nist.USGCB.win7firewall:def:20931
Apply Local Connection Security Rules - Public Profile

oval:gov.nist.USGCB.win7firewall:def:20936
Outbound Connections - Public Profile

oval:gov.nist.usgcb.windowsseven:def:143
Fax Service State

oval:gov.nist.usgcb.windowsseven:def:145
HomeGroup Provider Service State

oval:gov.nist.usgcb.windowsseven:def:147
Parental Controls Service State

oval:gov.nist.usgcb.windowsseven:def:146
Media Center Extender Service State

oval:gov.nist.USGCB.win7firewall:def:20907
The log file size limit for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.win7firewall:def:20906
The log file path and name for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.win7firewall:def:20911
Allow Unicast Response - Domain Profile

oval:gov.nist.USGCB.win7firewall:def:20918
The log file size limit for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.win7firewall:def:20917
The log file path and name for the Windows Firewall should be configured correctly for the Private Profile.

oval:org.secpod.oval:def:14613
The Windows Connect 'In-band 802.11 Wi-Fi' setting should be configured correctly.

oval:org.secpod.oval:def:14796
The 'Installation and Configuration of Network Bridge' on the DNS Domain Network should be properly configured.

oval:org.secpod.oval:def:14566
The 'Do not preserve zone information in file attachments' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:100204
turn off windows mail

oval:gov.nist.usgcb.windowsseven:def:100203
disable communities

oval:gov.nist.usgcb.windowsseven:def:100201
Do not run digital locker

oval:org.secpod.oval:def:14768
The 'System settings: Optional subsystems' setting should be configured correctly.

oval:org.secpod.oval:def:14783
The 'Prevent access to registry editing tools' setting should be configured correctly.

oval:org.secpod.oval:def:14784
The 'Hide mechanisms to remove zone information' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:72
Interactive logon: Message title for users attempting to log on

oval:gov.nist.USGCB.win7firewall:def:20927
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.win7firewall:def:20926
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Public Profile.

oval:org.secpod.oval:def:14692
Auditing of 'Audit privilege use' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:142
Bluetooth Support Service State

oval:gov.nist.usgcb.windowsseven:def:144
HomeGroup Listener Service State

oval:gov.nist.usgcb.windowsseven:def:191
Auditing of Policy Change: Audit Policy Change events on success should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.win7firewall:def:20905
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.win7firewall:def:20904
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.win7firewall:def:20916
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.win7firewall:def:20915
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Private Profile.

oval:org.secpod.oval:def:14746
Auditing of 'Audit logon events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14728
Auditing of 'Audit directory service access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14744
Auditing of 'Audit process tracking' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14741
Auditing of 'Audit account logon events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14742
Auditing of 'Audit account management' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:85
Determines if an anonymous user can request security identifier (SID) attributes for another user.

oval:org.secpod.oval:def:14558
The 'Require trusted path for credential entry' setting should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:100202
disable remote desktop

oval:org.secpod.oval:def:14661
The 'MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended)' setting should be configured correctly.

oval:org.secpod.oval:def:14719
Auditing of 'Audit policy change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14716
Auditing of 'Audit object access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7972
Anti-virus is installed and up-to-date

oval:org.secpod.oval:def:5645
Verify that all users are assigned a unique ID for access to system components or cardholder data and also verify that users are authenticated using unique ID and additional authentication (for example, a password) for access to the cardholder data environment.

oval:org.secpod.oval:def:5646
Verify that inactive accounts over 90 days old are either removed or disabled.

oval:gov.nist.usgcb.windowsseven:def:225
Specify Search Order for device driver source locations

oval:gov.nist.usgcb.windowsseven:def:231
Turn off handwriting personalization data sharing

oval:gov.nist.usgcb.windowsseven:def:230
Turn Off Event Views "Events.asp" Links

oval:gov.nist.usgcb.windowsseven:def:233
Turn Off Internet Connection Wizard if URL Connection is Referring to Microsoft.com

oval:gov.nist.usgcb.windowsseven:def:232
Turn Off Handwriting Reconition Error Reporting

oval:gov.nist.usgcb.windowsseven:def:235
Turn Off Internet File Association Service

oval:gov.nist.usgcb.windowsseven:def:237
Turn Off Registration if URL Connection is Referring to Microsoft.com

oval:gov.nist.usgcb.windowsseven:def:239
Turn Off the "Order Prints" Picture Task

oval:gov.nist.usgcb.windowsseven:def:243
Turn off Windows Error Reporting

oval:gov.nist.usgcb.windowsseven:def:245
Always Use Classic Logon

oval:gov.nist.usgcb.windowsseven:def:208
Turn on Responder (RSPNDR) driver

oval:gov.nist.usgcb.windowsseven:def:207
Turn on Mapper I/O (LLTDIO) driver

oval:gov.nist.usgcb.windowsseven:def:209
Turn Off Microsoft Peer-to-Peer Networking Services

oval:gov.nist.usgcb.windowsseven:def:210
Prohibit installation and configuration of Network Bridge on your DNS domain network

oval:gov.nist.usgcb.windowsseven:def:213
Route all traffic through the internal network

oval:gov.nist.usgcb.windowsseven:def:212
Require domain users to elevate when setting a network's location

oval:gov.nist.usgcb.windowsseven:def:215
ISATAP State

oval:gov.nist.usgcb.windowsseven:def:214
6to4 State

oval:gov.nist.usgcb.windowsseven:def:217
The IP HTTPS state setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:219
Prohibit Access of the Windows Connect Now Wizards

oval:gov.nist.usgcb.windowsseven:def:218
Configuration of Wireless Settings Using Windows Connect Now

oval:gov.nist.usgcb.windowsseven:def:220
Extend Point and Print connection to search Windows Update and use alternate cooection if needed

oval:gov.nist.usgcb.windowsseven:def:222
Do not send a Windows Error Report when a generic driver is installed on a device

oval:gov.nist.usgcb.windowsseven:def:224
Prevent device metadata retrieval from internet

oval:gov.nist.usgcb.windowsseven:def:223
Do not create system restore point when new device driver installed

oval:gov.nist.usgcb.windowsseven:def:269
Turn Off Downloading of Game Information

oval:org.secpod.oval:def:14593
The startup type of the 'WWAN AutoConfig service' should be correct.

oval:gov.nist.usgcb.windowsseven:def:270
Turn off game updates

oval:gov.nist.usgcb.windowsseven:def:279
Do not delete temp folder upon exit

oval:gov.nist.usgcb.windowsseven:def:280
Do not use tempoary folders per session

oval:gov.nist.usgcb.windowsseven:def:281
Turn off downloading of enclosures

oval:gov.nist.usgcb.windowsseven:def:284
Prevent indexing uncached Exchange folders

oval:gov.nist.usgcb.windowsseven:def:283
Allow indexing of encrypted files

oval:gov.nist.usgcb.windowsseven:def:286
When Windows Defender detects software or changes by software not yet classified for risks, you see how other members responded to the alert. In turn, the action you apply help other members choose how to respond. Your actions also help Microsoft choose which software to investigate for potential th ...

oval:gov.nist.usgcb.windowsseven:def:285
Prevent Windows Anytime Upgrade from running

oval:gov.nist.usgcb.windowsseven:def:288
If this setting is enabled, Windows Error Reporting will not send any problem information to Microsoft. Additionally, solution information will not be available in the Problem Reports and Solutions control panel.

oval:gov.nist.usgcb.windowsseven:def:287
If this setting is enabled Windows Error Reporting events will not be logged to the system event log.

oval:gov.nist.usgcb.windowsseven:def:289
Display Error Notification

oval:org.secpod.oval:def:14574
The "Turn off Help Ratings" setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:249
Solicited Remote Assistance

oval:org.secpod.oval:def:14577
The 'Configure Windows NTP Client\EventLogFlags' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:250
Turn on session logging

oval:gov.nist.usgcb.windowsseven:def:253
Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider

oval:gov.nist.usgcb.windowsseven:def:255
Enable/Disable PerfTrack

oval:gov.nist.usgcb.windowsseven:def:254
Troubleshooting: Allow user to access online troubleshooting content on Microsoft servers from the Troubleshooting Control Panel (via Windows Online Troubleshooting Service - WOTS)

oval:gov.nist.usgcb.windowsseven:def:257
Turn off Program Inventory

oval:org.secpod.oval:def:14585
The 'Turn off Windows Update device driver search prompt' setting should be configured correctly.

oval:org.secpod.oval:def:14583
The 'Turn Off Automatic Root Certificates Update' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:262
Override the More Gadgets Lnk

oval:gov.nist.usgcb.windowsseven:def:264
Turn Off User Installed Windows Sidebar Gadgets

oval:gov.nist.usgcb.windowsseven:def:263
Sidebar gadgets can be deployed as compressed files, either digitally signed or unsigned. If you enable this setting, Windows Sidebar will not extract any gadgets that have not been digitally signed. If you disable or do not configure this setting, Window

oval:gov.nist.usgcb.windowsseven:def:290
If this setting is enabled any additional data requests from Microsoft in response to a Windows Error Reporting event will be automatically declined without notice to the user.

oval:gov.nist.usgcb.windowsseven:def:293
Turn off shell protocol protected mode

oval:gov.nist.usgcb.windowsseven:def:292
Turn off Heap termination on corruption

oval:gov.nist.usgcb.windowsseven:def:297
This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor.

oval:gov.nist.usgcb.windowsseven:def:299
Do Not Show First Use Dialog Boxes This policy prevents the Privacy Options and Installation Options dialog boxes from being displayed the first time a user starts Windows Media Player. This policy prevents the dialog boxes which allow users to select privacy, file types, and other desktop options f ...

oval:gov.nist.usgcb.windowsseven:def:298
Prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet). When enabled, Windows Media DRM is prevented from accessing the Internet (or intranet) for license acquisition and security upgrades.

oval:gov.nist.usgcb.windowsseven:def:20011
This policy setting controls the level of validation a computer with shared folders or printers (the server) performs on the service principal name (SPN) that is provided by the client computer when it establishes a session using the server message block (SMB) protocol.

oval:org.secpod.oval:def:14627
Auditing of 'Audit system events' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:109
Shutdown: Clear Virtual Memory Pagefile

oval:gov.nist.usgcb.windowsseven:def:229
Turn off downloading of print drivers over HTTP

oval:gov.nist.usgcb.windowsseven:def:112
System objects: Strengthen default permissions of internal system objects

oval:gov.nist.usgcb.windowsseven:def:111
System objects: Require case insensitivity for non-Windows subsystems

oval:gov.nist.usgcb.windowsseven:def:234
Turn off Internet download for Web publishing and online ordering wizards

oval:gov.nist.usgcb.windowsseven:def:236
Turn off printing over HTTP

oval:gov.nist.usgcb.windowsseven:def:123
MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)

oval:gov.nist.USGCB.win7firewall:def:20925
Outbound Connections - Private Profile

oval:gov.nist.usgcb.windowsseven:def:129
MSS: (KeepAliveTime)How often keep-alive packets are sent in milliseconds

oval:gov.nist.usgcb.windowsseven:def:135
MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)

oval:gov.nist.usgcb.windowsseven:def:259
Turn off Autoplay is set correctly.

oval:gov.nist.usgcb.windowsseven:def:139
MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning

oval:gov.nist.usgcb.windowsseven:def:260
Turn off Autoplay for non-volume devices

oval:gov.nist.usgcb.windowsseven:def:18
Administrators, Users, and Local Service may change the time zone

oval:gov.nist.usgcb.windowsseven:def:17
Administrators and Local Service may change the system time

oval:gov.nist.usgcb.windowsseven:def:291
Turn off Data Execution Protection

oval:gov.nist.usgcb.windowsseven:def:295
Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer.

oval:gov.nist.USGCB.win7firewall:def:20914
Outbound Connections - Domain Profile

oval:gov.nist.usgcb.windowsseven:def:44
Administrators, NT Service\WdiServiceHost may profile the system performance

oval:gov.nist.usgcb.windowsseven:def:45
Users and Administrators may remove the computer from its docking station

oval:gov.nist.usgcb.windowsseven:def:20012
Allowing source routed network traffic allows attackers to obscure their identity and location.

oval:org.secpod.oval:def:14749
The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:20017
Windows 7 and Windows Server 2008 R2 introduce an extension to the Negotiate authentication package, Spnego.dll. In previous versions of Windows, Negotiate decides whether to use Kerberos or NTLM for authentication. The extension SSP for Negotiate, Negoexts, which is treated as an authentication pro ...

oval:gov.nist.usgcb.windowsseven:def:20016
This policy setting allows the system to fall back no a NULL session.

oval:gov.nist.usgcb.windowsseven:def:56
Audit: Audit the use of Backup and Restore privilege

oval:gov.nist.usgcb.windowsseven:def:90
Network access: Named Pipes that can be accessed anonymously

oval:gov.nist.usgcb.windowsseven:def:94
Network access: Shares that can be accessed anonymously

oval:org.secpod.oval:def:14559
The 'Turn off Windows Update device driver searching' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:75
Interactive logon: Require Domain Controller authentication to unlock workstation

oval:org.secpod.oval:def:14811
The 'Do not process the legacy run list' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:200
Auditing of System: IPsec Driver events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:202
Auditing of System: Security State Change events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:105
Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers

oval:org.secpod.oval:def:7711
Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ...

oval:gov.nist.usgcb.windowsseven:def:104
Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients

oval:gov.nist.usgcb.windowsseven:def:107
Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders

oval:org.secpod.oval:def:7712
The Password protect the screen saver setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:106
Recovery Console: Allow Automatic Administrative Logon

oval:gov.nist.usgcb.windowsseven:def:108
Shutdown: Allow System to be Shut Down Without Having to Log On

oval:org.secpod.oval:def:7714
The 'Force specific screen saver' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:110
System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

oval:gov.nist.usgcb.windowsseven:def:114
Behavior of the elevation prompt for administrators in Admin Approval Mode

oval:gov.nist.usgcb.windowsseven:def:113
Admin Approval Mode for the Built-in Administrator account

oval:gov.nist.usgcb.windowsseven:def:116
Detect application installations and prompt for elevation

oval:gov.nist.usgcb.windowsseven:def:115
Behavior of the elevation prompt for standard users

oval:gov.nist.usgcb.windowsseven:def:118
Only elevate UIAccess applications that are installed in secure locations

oval:gov.nist.usgcb.windowsseven:def:238
Turn off Search Companion content file updates

oval:gov.nist.usgcb.windowsseven:def:117
Only elevate executables that are signed and validated

oval:gov.nist.usgcb.windowsseven:def:119
Run all administrators in Admin Approval Mode

oval:gov.nist.usgcb.windowsseven:def:240
Turn off the "Publish to Web" task for files and folders

oval:gov.nist.usgcb.windowsseven:def:121
Virtualize file and registry write failures to per-user locations

oval:gov.nist.usgcb.windowsseven:def:120
Switch to the secure desktop when prompting for elevation

oval:gov.nist.usgcb.windowsseven:def:122
MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)

oval:gov.nist.usgcb.windowsseven:def:246
Require a Password when a Computer Wakes (On Battery)

oval:gov.nist.usgcb.windowsseven:def:204
Auditing of System: System Integrity events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:203
Auditing of System: Security System Extension events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:101
Network security: Force logoff when logon hours expire

oval:gov.nist.usgcb.windowsseven:def:100
Network security: Do not store LAN Manager hash value on next password change

oval:gov.nist.usgcb.windowsseven:def:221
Allow remote access to the PnP interface

oval:gov.nist.usgcb.windowsseven:def:103
Network Security: LDAP client signing requirements

oval:gov.nist.usgcb.windowsseven:def:102
Network Security: LAN Manager Authentication Level

oval:gov.nist.USGCB.win7firewall:def:20921
Apply Local Firewall Rules - Private Profile

oval:gov.nist.USGCB.win7firewall:def:20920
Apply Local Connection Security Rules - Private Profile

oval:gov.nist.USGCB.win7firewall:def:20924
Inbound Connections - Private Profile

oval:org.secpod.oval:def:14591
The 'Encryption Level' option for the Remote Desktop Services 'Set client connection encryption level' setting should be configured correctly.

oval:gov.nist.USGCB.win7firewall:def:20923
Firewall state - Private Profile

oval:gov.nist.usgcb.windowsseven:def:271
Prevent the computer from joining a HomeGroup

oval:gov.nist.usgcb.windowsseven:def:272
Do not allow passwords to be saved

oval:gov.nist.usgcb.windowsseven:def:275
Always prompt client for password upon connection

oval:gov.nist.usgcb.windowsseven:def:277
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:gov.nist.usgcb.windowsseven:def:278
You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min)

oval:gov.nist.usgcb.windowsseven:def:157
Auditing of Account Management: Computer Account Management events on success should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.win7firewall:def:20932
Apply Local Firewall Rules - Public Profile

oval:gov.nist.usgcb.windowsseven:def:159
Auditing of Account Management: Other Account Management Events events on success should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.win7firewall:def:20930
Display a Notification - Public Profile

oval:gov.nist.USGCB.win7firewall:def:20935
Inbound Connections - Public Profile

oval:gov.nist.usgcb.windowsseven:def:161
Auditing of Account Management: User Account Management events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:160
Auditing of Account Management: Security Group Management events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:163
Auditing of Detailed Tracking: Process Creation events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:127
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes

oval:gov.nist.usgcb.windowsseven:def:248
Offer Remote Assistance

oval:gov.nist.usgcb.windowsseven:def:247
Require a Password when a Computer Wakes (Plugged in)

oval:org.secpod.oval:def:14693
Auditing of 'Logon-Logoff: Network Policy Server' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:251
Restrictions for Unauthenticated RPC clients

oval:gov.nist.usgcb.windowsseven:def:130
MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering

oval:gov.nist.usgcb.windowsseven:def:132
MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers

oval:gov.nist.usgcb.windowsseven:def:252
RPC Endpoint Mapper Client Authentication

oval:gov.nist.usgcb.windowsseven:def:134
MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure DefaultGateway addresses (could lead to DoS)

oval:gov.nist.usgcb.windowsseven:def:136
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:gov.nist.usgcb.windowsseven:def:137
MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)

oval:gov.nist.usgcb.windowsseven:def:258
Default behavior for AutoRun

oval:org.secpod.oval:def:14580
The 'Remove CD Burning features' setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:261
Enumerate administrator accounts on elevation

oval:gov.nist.usgcb.windowsseven:def:265
This definition tests the the maximum allowed size of the application log is at least as big as the supplied value.

oval:gov.nist.usgcb.windowsseven:def:268
This definition tests the the maximum allowed size of the system log is at least as big as the supplied value.

oval:gov.nist.usgcb.windowsseven:def:267
This definition tests the the maximum allowed size of the setup log is at least as big as the supplied value.

oval:gov.nist.usgcb.windowsseven:def:192
Auditing of Policy Change: Authentication Policy Change events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:199
Auditing of Privilege Use: Sensitive Privilege Use events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:9
Reversible Password Encryption

oval:gov.nist.usgcb.windowsseven:def:6
This setting requires users to wait for a certain number of days before changing their password again.

oval:gov.nist.usgcb.windowsseven:def:5
This forces users to change their passwords regularly.

oval:gov.nist.usgcb.windowsseven:def:8
Password Complexity

oval:gov.nist.usgcb.windowsseven:def:7
Minimum Password Length

oval:gov.nist.usgcb.windowsseven:def:10
Administrators may access this computer from the network. NOTE: This can break IPSec see Microsoft Knowledge Base article 823659 for further guidance

oval:gov.nist.usgcb.windowsseven:def:11
No one has the right to act as part of the operating system

oval:gov.nist.usgcb.windowsseven:def:12
Administrators, LOCAL SERVICE, NETWORK SERVICE may adjust memory quotas for a process

oval:gov.nist.usgcb.windowsseven:def:19
Administrators may create a pagefile

oval:gov.nist.usgcb.windowsseven:def:14
Administrators, Remote Desktop Users are allowed to logon through Terminal Services

oval:gov.nist.USGCB.win7firewall:def:20908
Display a Notification - Domain Profile

oval:gov.nist.usgcb.windowsseven:def:2
Account Lockout Duration

oval:gov.nist.usgcb.windowsseven:def:174
Auditing of Logon-Logoff: Logoff events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:1
Account Lockout Duration

oval:gov.nist.usgcb.windowsseven:def:4
The number of passwords remembered

oval:gov.nist.usgcb.windowsseven:def:3
Reset Account Lockout Counter After

oval:gov.nist.usgcb.windowsseven:def:175
Auditing of Logon-Logoff: Logon events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:178
Auditing of Logon-Logoff: Special Logon events on failure should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.win7firewall:def:20910
Apply Local Firewall Rules - Domain Profile

oval:gov.nist.USGCB.win7firewall:def:20919
Display a Notification - Private Profile

oval:gov.nist.USGCB.win7firewall:def:20913
Inbound Connections - Domain Profile

oval:gov.nist.USGCB.win7firewall:def:20912
Firewall state - Domain Profile

oval:gov.nist.usgcb.windowsseven:def:183
Auditing of Object Access: File System events on success should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.win7firewall:def:20909
Apply Local Connection Security Rules - Domain Profile

oval:gov.nist.usgcb.windowsseven:def:189
Auditing of Object Access:������Registry events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14754
Auditing of 'Object Access:Other Object Access Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14755
Auditing of 'Object Access:Certification Services' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:43
Administrators may profile a single process

oval:gov.nist.usgcb.windowsseven:def:46
LOCAL SERVICE and NETWORK SERVICE may replace a process level token

oval:gov.nist.usgcb.windowsseven:def:40
Noone may modify an object label.

oval:gov.nist.usgcb.windowsseven:def:41
Administrators may modify firmware environment variables

oval:gov.nist.usgcb.windowsseven:def:42
Administrators may perform volume maintenance tasks

oval:org.secpod.oval:def:14747
Auditing of 'Object Access:File Share' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:20010
This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.windowsseven:def:20013
Hiding the computer from the Browse List removes one method attackers might use to gether information about computers on the network.

oval:gov.nist.usgcb.windowsseven:def:48
Administrators and Users may shut down the system

oval:gov.nist.usgcb.windowsseven:def:49
Administrators may take ownership of files or other objects

oval:gov.nist.usgcb.windowsseven:def:20019
This setting was added to Windows Vista SP1 specifically to enable Remote Assistance. It allows certain applications stored in secure folders, such as system32, to bypass the secure desktop so that they can function as designed. Enabling this setting will lower security slightly but enable Remote As ...

oval:gov.nist.usgcb.windowsseven:def:100216
Auditing of Account Logon: Credential Validation events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:20018
This policy setting allows you to specify tdhe allowed encryption types for Kerberos authentication.

oval:gov.nist.usgcb.windowsseven:def:100214
reschedule automatic updates

oval:gov.nist.usgcb.windowsseven:def:100213
no auto restart with logged on users

oval:gov.nist.usgcb.windowsseven:def:20015
This policy setting allows services running as Local System to use the computer identity when negotiating NTLM authentication.

oval:gov.nist.usgcb.windowsseven:def:20014
MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default).

oval:gov.nist.usgcb.windowsseven:def:100212
do not display install updates and shut down

oval:gov.nist.usgcb.windowsseven:def:54
Accounts: Rename Guest Account

oval:gov.nist.usgcb.windowsseven:def:55
Audit the access of global system objects is disabled

oval:gov.nist.usgcb.windowsseven:def:57
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings

oval:gov.nist.usgcb.windowsseven:def:51
This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.windowsseven:def:52
Accounts: Limit local account use to blank passwords to console logon only

oval:gov.nist.usgcb.windowsseven:def:53
Accounts: Rename Administrator Account

oval:org.secpod.oval:def:14758
Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:21
Administrators, SERVICE, Local Service and Network Service may Create Global Objects user right

oval:gov.nist.usgcb.windowsseven:def:22
No one is allowed to create permanent shared objects

oval:gov.nist.usgcb.windowsseven:def:23
Administrators may create symbolic links

oval:gov.nist.usgcb.windowsseven:def:20
No one is allowed to create a token object

oval:gov.nist.usgcb.windowsseven:def:29
Guests are denied logon through Terminal Services

oval:gov.nist.usgcb.windowsseven:def:25
Guests are denied access to this computer from the network

oval:org.secpod.oval:def:14729
Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:26
Guests are denied logon as a batch job

oval:gov.nist.usgcb.windowsseven:def:27
No one is denied logon as a service

oval:gov.nist.usgcb.windowsseven:def:28
Guests, and any service accounts are denied logon locally

oval:gov.nist.usgcb.windowsseven:def:32
Administrators, SERVICE, Local Service and Network Service may Impersonate a Client after Authentication

oval:gov.nist.usgcb.windowsseven:def:33
Administrators and Local Service may increase a process working set.

oval:gov.nist.usgcb.windowsseven:def:34
Administrators may increase scheduling priority

oval:gov.nist.usgcb.windowsseven:def:35
Administrators may load and unload device drivers

oval:gov.nist.usgcb.windowsseven:def:30
Administrators may force shutdown from a remote system

oval:gov.nist.usgcb.windowsseven:def:31
LOCAL SERVICE and NETWORK SERVICE may generate security audits

oval:org.secpod.oval:def:14735
Auditing of 'Account Logon: Kerberos Authentication Service' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:37
No one may log on as a batch job

oval:gov.nist.usgcb.windowsseven:def:38
Noone may log on as a service

oval:gov.nist.usgcb.windowsseven:def:39
Administrators may manage the auditing and security log

oval:org.secpod.oval:def:14794
Auditing of 'Object Access: Handle Manipulation' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14553
The 'Allow Remote Shell Access' setting should be configured correctly.

oval:org.secpod.oval:def:14674
The 'Devices: Allowed to format and eject removable media' setting should be configured correctly.

oval:org.secpod.oval:def:14793
Auditing of 'DS Access: Directory Service Access' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14798
Auditing of 'Account Logon: Other Account Logon Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14678
The 'Enable computer and user accounts to be trusted for delegation' user right should be assigned to the appropriate accounts.

oval:org.secpod.oval:def:14799
Auditing of 'Object Access:Application Generated' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14797
Auditing of 'Object Access:Kernel Object' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:80
Microsoft network server: Amount of idle time required before suspending session

oval:gov.nist.usgcb.windowsseven:def:81
Microsoft network server: Digitally sign communications (always)

oval:gov.nist.usgcb.windowsseven:def:82
Microsoft network server: Digitally sign communications (if client agrees)

oval:org.secpod.oval:def:14790
Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:87
Network access: Do not allow anonymous enumeration of SAM accounts and shares

oval:gov.nist.usgcb.windowsseven:def:88
Network access: Do not allow storage of credentials or .NET Passports for network authentication

oval:gov.nist.usgcb.windowsseven:def:89
Network access: Let Everyone permissions apply to anonymous users

oval:gov.nist.usgcb.windowsseven:def:83
Microsoft network server: Disconnect clients when logon hours expire

oval:gov.nist.usgcb.windowsseven:def:86
Network access: Do not allow anonymous enumeration of SAM accounts

oval:org.secpod.oval:def:14789
Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14669
Auditing of 'Logon-Logoff: Account Lockout' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14562
The Windows Explorer 'Remove Security tab' setting should be configured correctly.

oval:org.secpod.oval:def:14565
The Screen Saver timeout setting should be configured correctly.

oval:gov.nist.usgcb.windowsseven:def:91
Network access: Remotely accessible registry paths

oval:gov.nist.usgcb.windowsseven:def:92
Network access: Remotely accessible registry paths and sub paths

oval:gov.nist.usgcb.windowsseven:def:93
Network access: Restrict anonymous access to Named Pipes and Shares

oval:org.secpod.oval:def:14680
Auditing of 'Logon-Logoff: IPsec Main Mode' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:95
Network access: Sharing and security model for local accounts

oval:gov.nist.usgcb.windowsseven:def:100205
do not process the run once list

oval:org.secpod.oval:def:14773
Auditing of 'Logon-Logoff: Other Logon/Logoff Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14771
Auditing of 'Policy Change: Other Policy Change Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14777
Auditing of 'Logon-Logoff: IPsec Quick Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14774
Auditing of 'DS Access: Detailed Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:60
Devices: Prevent users from installing printer drivers

oval:gov.nist.usgcb.windowsseven:def:65
Domain member: Digitally sign secure channel data (when possible)

oval:gov.nist.usgcb.windowsseven:def:66
Domain member: Disable machine account password changes

oval:gov.nist.usgcb.windowsseven:def:67
Domain member: Maximum machine account password age

oval:gov.nist.usgcb.windowsseven:def:68
Domain member: Require strong (Windows 2000 or later) session key

oval:gov.nist.usgcb.windowsseven:def:63
Domain member: Digitally encrypt or sign secure channel data (always)

oval:gov.nist.usgcb.windowsseven:def:64
Domain member: Digitally encrypt or sign secure channel data (when possible)

oval:org.secpod.oval:def:14769
Auditing of 'System: Other System Events' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:69
Interactive logon: Do not display last user name

oval:org.secpod.oval:def:14781
Auditing of 'Logon-Logoff: IPsec Extended Mode' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14787
Auditing of 'Object Access:Filtering Platform Connection' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14664
Auditing of 'Account Management: Application Group Management' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14786
Auditing of 'Object Access:Detailed File Share' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:70
Interactive logon: Do not require CTRL+ALT+DEL

oval:gov.nist.usgcb.windowsseven:def:71
Interactive logon: Message text for users attempting to log on

oval:org.secpod.oval:def:14780
Auditing of 'Account Management: Distribution Group Management' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.windowsseven:def:76
Interactive logon: Require Domain Controller authentication to unlock workstation

oval:gov.nist.usgcb.windowsseven:def:78
Microsoft network client: Digitally sign communications (if server agrees)

oval:gov.nist.usgcb.windowsseven:def:73
Interactive logon: Number of previous logons to cache (in case domain controller is not available)

oval:gov.nist.usgcb.windowsseven:def:74
Interactive logon: Prompt user to change password before expiration

oval:org.secpod.oval:def:14778
Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14779
Auditing of 'DS Access: Directory Service Replication' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14704
Auditing of 'Object Access:Filtering Platform Packet Drop' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14721
Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14712
Auditing of 'Account Logon: Kerberos Service Ticket Operations' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14713
Auditing of 'Policy Change: MPSSVC Rule-Level Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14803
Auditing of 'Object Access:SAM' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14806
Auditing of 'Policy Change: Filtering Platform Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14812
Auditing of 'Privilege Use: Other Privilege Use Events' events on success should be enabled or disabled as appropriate.

CPE    1
cpe:/o:microsoft:windows_7
CCE    337
CCE-10150-1
CCE-8740-3
CCE-10699-7
CCE-9684-2
...
*XCCDF
xccdf_org.secpod_benchmark_Windows_7

© 2013 SecPod Technologies