Download
| Alert*
oval:org.secpod.oval:def:8454
The "LAN Manager Authentication Level" policy should be set correctly. oval:org.secpod.oval:def:7688 The Password protect the screen saver setting should be configured correctly. oval:org.secpod.oval:def:8384 The "Maximum Service Ticket Lifetime" policy should be set correctly. oval:org.secpod.oval:def:8364 The built-in Administrator account should be correctly named. oval:org.secpod.oval:def:8482 The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured properly. oval:org.secpod.oval:def:8492 The "Prevent System Maintenance of Computer Account Password" policy should be set correctly. oval:org.secpod.oval:def:8461 The "Disable Media Player for automatic updates" policy should be set correctly. oval:org.secpod.oval:def:8453 The "Enforce user logon restrictions" policy should be set correctly. oval:org.secpod.oval:def:8439 The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8477 The "Set Client connection Encryption Level" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8450 The "Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders" policy should be set correctly. oval:org.secpod.oval:def:8431 The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly. oval:org.secpod.oval:def:8471 The "Disconnect clients when logon hours expire" policy should be set correctly. oval:org.secpod.oval:def:8479 The "Remote Control Settings" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8435 The "Refuse machine account password change" policy should be set correctly. oval:org.secpod.oval:def:8489 The Security Audit log warning level should be properly configured. oval:org.secpod.oval:def:8463 The "Remotely accessible registry paths" policy should be set correctly. The "Remotely accessible registry paths" policy should be set correctly. oval:org.secpod.oval:def:8445 The "Limit Users to One Remote Session" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8486 The "Remotely accessible registry paths and subpaths" policy should be set correctly. oval:org.secpod.oval:def:8421 The "deny logon locally" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8424 The "deny logon as a service" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8481 The number of retransmissions sent of TCP data segments before the connection is dropped should be set correctly. oval:org.secpod.oval:def:8452 Automatic Logon should be properly configured. oval:org.secpod.oval:def:8456 The "Number of Previous Logons to Cache" policy should be set correctly. oval:org.secpod.oval:def:8480 The "Create global objects" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8470 The "Prevent Users from Installing Printer Drivers" policy should be set correctly. oval:org.secpod.oval:def:8433 Autoplay on all Drive Types should be properly configured. oval:org.secpod.oval:def:8448 The "Message text for users attempting to log on" policy should be set correctly. oval:org.secpod.oval:def:8423 The "increase scheduling priority" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8472 Safe DLL Search Mode should be properly configured. oval:org.secpod.oval:def:8478 The "Let Everyone permissions apply to anonymous users" policy should be set correctly. oval:org.secpod.oval:def:8468 The "Minimum session security for NTLM SSP based servers" policy should be set correctly. oval:org.secpod.oval:def:8443 The "Do not store LAN Manager hash value on next password change" policy should be set correctly. oval:org.secpod.oval:def:8483 The "Impersonate a client after authentication" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8491 The time in seconds before the screen saver grace period expires (ScreenSaverGracePeriod) setting should be configured correctly. oval:org.secpod.oval:def:8442 The behavior surrounding Anonymous users' ability to display lists of SAM accounts should be correct. oval:org.secpod.oval:def:8432 The "Shares that can be accessed anonymously" policy should be set correctly. oval:org.secpod.oval:def:8447 The "Set time limit for idle sessions" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8460 The "Force logoff when logon hours expire" policy should be set correctly. oval:org.secpod.oval:def:8436 The "Allow undock without having to logon" policy should be set correctly. oval:org.secpod.oval:def:8476 The "Users Prompted to Change Password Before Expiration" policy should be set correctly. oval:org.secpod.oval:def:8422 The "create a pagefile" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8446 The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly. oval:org.secpod.oval:def:8444 The "Digitally Sign Client Communication (Always)" policy should be set correctly. oval:org.secpod.oval:def:8464 The "Secure Channel: Digitally Encrypt or Sign Secure Channel Data (Always)" policy should be set correctly. oval:org.secpod.oval:def:8474 The "Unsigned Driver Installation Behavior" policy should be set correctly. The "Unsigned Driver Installation Behavior" policy should be set correctly. oval:org.secpod.oval:def:8430 The "Terminate session when time limits are reached" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8469 The amount of idle time required before disconnecting a session should be set correctly. oval:org.secpod.oval:def:8473 The "Limit Number of Connections" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8466 Disable saving of dial-up passwords should be properly configured. oval:org.secpod.oval:def:8488 The number of SYN-ACK retransmissions sent when attempting to respond to a SYN request should be configured correctly. oval:org.secpod.oval:def:8475 The "LDAP server signing requirements" policy should be set correctly. oval:org.secpod.oval:def:8428 The "log on locally" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8425 This setting requires users to wait for a certain number of days before changing their password again. oval:org.secpod.oval:def:8465 The built-in Guest account should be correctly named. oval:org.secpod.oval:def:8438 TCP/IP SYN Flood Attack Protection should be properly configured. oval:org.secpod.oval:def:8420 The "maximum password age" policy should meet minimum requirements. oval:org.secpod.oval:def:8462 MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes oval:org.secpod.oval:def:8426 Always Wait for the Network at Computer Startup and Logon should be properly configured. oval:org.secpod.oval:def:8487 The "System cryptography: Force strong key protection for user keys stored on the computer" policy should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8459 The "Require Case Insensitivity for Non-Windows Sybsystems" policy should be set correctly. oval:org.secpod.oval:def:8458 The "Named Pipes that can be accessed anonymously" policy should be set correctly. oval:org.secpod.oval:def:8437 The "Minimum session security for NTLM SSP based clients" policy should be set correctly. oval:org.secpod.oval:def:8490 The "Digitally Sign Client Communication (When Possible)" policy should be set correctly. oval:org.secpod.oval:def:8387 Background Refresh of Group Policy should be properly configured. oval:org.secpod.oval:def:8360 The TCP/IP KeepAlive Time should be set correctly. oval:org.secpod.oval:def:8415 The "allow logon through Terminal Services" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8362 The "LDAP client signing requirements" policy should be set correctly. oval:org.secpod.oval:def:8390 The "log on as a service" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8357 The "store password using reversible encryption for all users in the domain" policy should be set correctly. oval:org.secpod.oval:def:8365 The "profile single process" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8386 The "Digitally Sign Server Communication (Always)" policy should be set correctly. oval:org.secpod.oval:def:8368 The "Set time limit for disconnected sessions" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8379 The "adjust memory quotas for a process" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8401 The "Shut Down system immediately if unable to log security audits" policy should be set correctly. oval:org.secpod.oval:def:8403 The "password must meet complexity requirements" policy should be set correctly. oval:org.secpod.oval:def:8391 The "shut down the system" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8409 The "Require Strong (Windows 2000 or later) Session Key" policy should be set correctly. oval:org.secpod.oval:def:8393 The "Limit local account user of blank passwords to console logon only" policy should be set correctly. oval:org.secpod.oval:def:7893 The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ... oval:org.secpod.oval:def:8358 The "remove computer from docking station" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8369 Use of the built-in Guest account should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8367 The "Send Unencrypted Password to Connect to Third-Party SMB Servers" policy should be set correctly. oval:org.secpod.oval:def:8378 The "Sharing and security model for local accounts" policy should be set correctly. oval:org.secpod.oval:def:8416 The "Require Domain Controller authentication to unlock workstation" policy should be set correctly. oval:org.secpod.oval:def:8382 The "modify firmware environment values" user right should be assigned to the correct accounts. The "modify firmware environment values" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8359 The "Message title for users attempting to log on" policy should be set correctly. oval:org.secpod.oval:def:8396 The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly. oval:org.secpod.oval:def:8363 The "take ownership of files or other objects" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:7687 The Password protect the screen saver setting should be configured correctly. oval:org.secpod.oval:def:8394 The "force shutdown from a remote system" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8392 The "add workstations to domain" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8402 The "Use FIPS compliant algorithms for encryption, hashing, and signing" policy should be set correctly. oval:org.secpod.oval:def:8411 The "act as part of the operating system" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8372 The "Default owner for objects created by members of the Administrators group" policy should be set correctly. oval:org.secpod.oval:def:8361 TCP/IP NetBIOS Name Release on Request Prevented should be properly configured. oval:org.secpod.oval:def:8383 IP Source Routing should be properly configured. oval:org.secpod.oval:def:8419 Display Last User Name in Logon Screen should be properly configured. oval:org.secpod.oval:def:8375 The "profile system performance" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:7690 The settings of screen saver should be enabled or disabled as appropriate for the current user. oval:org.secpod.oval:def:8355 The "debug programs" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8397 The "bypass traverse checking" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:7691 The Screen Saver Executable Name setting should be configured correctly for the current user. oval:org.secpod.oval:def:8406 The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly. oval:org.secpod.oval:def:8404 The "enforce password history" policy should meet minimum requirements. oval:org.secpod.oval:def:8374 The "Maximum machine account password age" policy should be set correctly. oval:org.secpod.oval:def:8405 The "replace a process-level token" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8417 IRDP should be properly configured. oval:org.secpod.oval:def:8381 The "log on as a batch job" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8377 The "deny access to this computer from the network" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8399 The "Do not allow storage of credentials or .NET Passports" policy should be set correctly. oval:org.secpod.oval:def:8400 The "minimum password length" policy should meet minimum requirements. oval:org.secpod.oval:def:7692 The Screen Saver timeout setting should be configured correctly. oval:org.secpod.oval:def:8395 The "synchronize directory service data" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8414 The "Create a token object" user right should be assigned to the correct accounts. The "Create a token object" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8389 The "access this computer from the network" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8412 The "generate security audits" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8410 The "Allow Server Operators to Schedule Tasks" policy should be set correctly. oval:org.secpod.oval:def:8371 The "lock pages in memory" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8366 The "back up files and directories" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8408 The "enable computer and user accounts to be trusted for delegation" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8385 The "create permanent shared objects" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8407 The "restore files and directories" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8418 The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly. oval:org.secpod.oval:def:10095 Auditing of 'process tracking' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10096 If the System log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:10097 The 'Secure Channel: Digitally Sign Secure Channel Data (When Possible)' policy should be set correctly. oval:org.secpod.oval:def:10099 The 'Anonymous access to the security event log' policy should be set correctly. oval:org.secpod.oval:def:10090 The 'restrict guest access to system log' policy should be set correctly. oval:org.secpod.oval:def:8429 The "reset account lockout counter after" policy should meet minimum requirements. oval:org.secpod.oval:def:10092 The correct service permissions for the Messenger service should be assigned. oval:org.secpod.oval:def:10094 The system log maximum size should be configured correctly.. oval:org.secpod.oval:def:10150 The 'Allow automatic updates immediate installation' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10151 The 'Do Not Allow Local Administrators to Customize Permissions' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:10152 The 'Disable Periodic Check For Internet Explorer Software Updates' setting should be configured correctly. oval:org.secpod.oval:def:10153 The 'Audit the use of backup and restore privilege' policy should be set correctly. oval:org.secpod.oval:def:10033 The 'deny logon as a batch job' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10156 Automatic Reboot After System Crash should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10036 The correct service permissions for the SNMP Trap service should be assigned. oval:org.secpod.oval:def:10157 Use of the built-in Administrator account should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10148 The 'Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)' policy should be set correctly. oval:org.secpod.oval:def:10149 The 'Enable User to Patch Elevated Products' policy should be set correctly. oval:org.secpod.oval:def:10161 Authentication requirements for RPC clients should be configured appropriately. oval:org.secpod.oval:def:10162 The 'Interactive logon: Requre smart card' setting should be configured correctly. oval:org.secpod.oval:def:10042 The 'Prevent Codec Download' policy should be set correctly for Windows MediaPlayer. oval:org.secpod.oval:def:10163 The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly. oval:org.secpod.oval:def:10043 The 'Allow System to be Shut Down Without Having to Log On' policy should be set correctly. oval:org.secpod.oval:def:10164 Kerberos and RSVP Traffic Protected by IPSec should be properly configured. oval:org.secpod.oval:def:10044 TCP/IP Dead Gateway Detection should be properly configured. oval:org.secpod.oval:def:10045 The 'restrict guest access to security log' policy should be set correctly. oval:org.secpod.oval:def:10046 The 'Security Zones: Do Not Allow Users to Add/Delete Sites' setting should be configured correctly. oval:org.secpod.oval:def:10160 The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10037 The correct service permissions for the Alerter service should be assigned. oval:org.secpod.oval:def:10158 RPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10038 The 'Restrict Floppy Access to Locally Logged-On User Only' policy should be set correctly. oval:org.secpod.oval:def:10159 System availability to Master Browser should be properly configured. oval:org.secpod.oval:def:10132 The correct service permissions for the ClipBook service should be assigned. oval:org.secpod.oval:def:10134 The 'Reschedule Automatic Updates scheduled installations' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10135 The correct service permissions for the Fax service should be assigned. oval:org.secpod.oval:def:10129 The correct service permissions for the Automatic Updates service should be assigned. oval:org.secpod.oval:def:10142 TCP/IP PMTU Discovery should be properly configured. oval:org.secpod.oval:def:10143 Automatic updates should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10144 The 'Prohibit New Task Creation' policy should be set correctly for the Task Scheduler. oval:org.secpod.oval:def:10145 The 'Audit the access of global system objects' policy should be set correctly. oval:org.secpod.oval:def:10146 The startup type of the Removable Storage service should be correct. oval:org.secpod.oval:def:10136 The 'Always Prompt Client for Password upon Connection' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:10137 The correct service permissions for the Remote Desktop Help Session Manager service should be assigned. oval:org.secpod.oval:def:10138 The 'Restrict CD-ROM Access to Locally Logged-On User Only' policy should be set correctly. oval:org.secpod.oval:def:10139 The 'Make Proxy Settings Per-Machine (Rather Then Per-User)' setting should be configured correctly. oval:org.secpod.oval:def:10073 The behavior surrounding Anonymous SID/Name translation should be correct. oval:org.secpod.oval:def:10074 The 'Security Zones: Use Only Machine Settings' setting should be configured correctly. oval:org.secpod.oval:def:10075 The 'when maximum log size is reached' property should be set correctly for the System log. oval:org.secpod.oval:def:10078 The correct service permissions for the FTP Publishing service should be assigned. oval:org.secpod.oval:def:10079 The "deny logon through Terminal Services" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10070 Auditing of 'privilege use' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10084 Auditing of 'account logon' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10085 The correct service permissions for the Indexing service should be assigned. oval:org.secpod.oval:def:10087 The 'Security Zones: Do Not Allow Users to Change Policies' setting should be configured correctly. oval:org.secpod.oval:def:10088 The correct service permissions for the NetMeeting service should be assigned. oval:org.secpod.oval:def:10089 The 'when maximum log size is reached' property should be set correctly for the Security log. oval:org.secpod.oval:def:10081 Auditing of 'account management' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10083 The correct service permissions for the SMTP service should be assigned. oval:org.secpod.oval:def:10051 The 'Enable User to Browser for Source While Elevated' policy should be set correctly. oval:org.secpod.oval:def:10052 The correct service permissions for the Remote Registry service should be assigned. oval:org.secpod.oval:def:10054 Auditing of 'privilege use' events on success should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10055 The correct service permissions for the Terminal Services service should be assigned. oval:org.secpod.oval:def:10056 The TCPMaxPortsExhausted setting should be properly configured. oval:org.secpod.oval:def:10057 The correct service permissions for the Printer service should be assigned. oval:org.secpod.oval:def:10058 The 'No auto-restart with logged on users for scheduled automatic updates installations' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10048 Auditing of 'directory service access' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10049 If the Security log's retention method is set to "Overwrite events by days," an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:10062 The 'load and unload device drivers' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10064 The 'perform volume maintenance tasks' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10066 The security log maximum size should be configured correctly.. oval:org.secpod.oval:def:10069 The correct service permissions for the SNMP service should be assigned. oval:org.secpod.oval:def:10061 Auditing of 'object access' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10059 The 'restrict guest access to application log' policy should be set correctly. oval:org.secpod.oval:def:10110 If the Application log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:10111 The correct service permissions for the WWW Publishing service should be assigned. oval:org.secpod.oval:def:10112 The 'manage auditing and security log' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10113 The correct service permissions for the IIS Admin service should be assigned. oval:org.secpod.oval:def:10103 Auditing of 'policy change' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10104 The 'Enable User Control Over Installs' policy should be set correctly. oval:org.secpod.oval:def:10105 The application log maximum size should be configured correctly.. oval:org.secpod.oval:def:10120 The 'Disable Automatic Install of Internet Explorer Components' setting should be configured correctly. oval:org.secpod.oval:def:10122 Auditing of 'logon' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10123 The 'Automatic Updates detection frequency' should be set correctly. oval:org.secpod.oval:def:10124 Auditing of 'system' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10115 The correct service permissions for the Telnet service should be assigned. oval:org.secpod.oval:def:10116 The 'Enable User to Use Media Source While Elevated' policy should be set correctly. oval:org.secpod.oval:def:10117 The behavior surrounding Anonymous users' ability to display lists of SAM accounts and shares should be correct. oval:org.secpod.oval:def:10118 The 'Clear Virtual Memory Pagefile at shutdown' policy should be set correctly. oval:org.secpod.oval:def:7894 The "account lockout duration" policy should meet minimum requirements. oval:org.secpod.oval:def:8376 The "Disable CTRL+ALT+Delete Requirement for Logon" policy should be set correctly. oval:org.secpod.oval:def:8380 The "Digitally Sign Server Communication (When Possible)" policy should be set correctly. |