[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:18315
Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.

oval:org.secpod.oval:def:18314
The CNG key isolation service is hosted in the LSA process.

oval:org.secpod.oval:def:18435
The Policy Change audit category determines whether to audit every incident of a change to user rights assignment policies, Windows Firewall policies, Trust policies, or changes to the Audit policy itself.

oval:org.secpod.oval:def:18434
Creates, manages, and removes X.509 certificates for applications such as S/MIME and SSL.

oval:org.secpod.oval:def:18313
Provides launch functionality for DCOM services.

oval:org.secpod.oval:def:18312
Manages user-mode driver host processes.

oval:org.secpod.oval:def:18433
The Detailed Tracking audit category determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. This setting deals with the DPAPI Activity.

oval:org.secpod.oval:def:18319
Processes application compatibility cache requests for applications as they are launched

oval:org.secpod.oval:def:18318
Enables DNS clients to resolve DNS names by answering DNS queries and dynamic DNS update requests.

oval:org.secpod.oval:def:18317
This service hosts the DS Role Server used for DC promotion, demotion, and cloning.

oval:org.secpod.oval:def:18438
Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.

oval:org.secpod.oval:def:18437
Maintains a secure channel between this computer and the domain controller for authenticating users and services.

oval:org.secpod.oval:def:18316
Determines and verifies the identity of an application.

oval:org.secpod.oval:def:18311
Specify the maximum log file size for Application (KB)

oval:org.secpod.oval:def:18432
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.

oval:org.secpod.oval:def:18431
Optimizes performance of applications by caching commonly used font data.

oval:org.secpod.oval:def:18310
This policy setting determines whether a user can log on to a Windows domain using cached account information.

oval:org.secpod.oval:def:18430
This policy setting determines whether packet signing is required by the SMB client component.

oval:org.secpod.oval:def:10940
The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ...

oval:org.secpod.oval:def:18309
The policy setting for this audit category determines whether to audit MPSSVC Rule-Level Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18205
Provides user experience theme management.

oval:org.secpod.oval:def:18326
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the IPsec Extended Mode settings.

oval:org.secpod.oval:def:18446
Controls whether computer receives unicast responses to its outgoing multicast or broadcast messages.

oval:org.secpod.oval:def:18445
The entry appears as MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning in the SCE.

oval:org.secpod.oval:def:18324
Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices.

oval:org.secpod.oval:def:18203
Provides four management services: Catalog Database Service, Protected Root Service, Automatic Root Certificate Update Service, and Key Service.

oval:org.secpod.oval:def:18444
This policy setting determines whether a computer can be shut down when a user is not logged on.

oval:org.secpod.oval:def:18323
Allows the system to be configured to lock the user desktop upon smart card removal.

oval:org.secpod.oval:def:18202
Enables the detection, download, and installation of updates for Windows and other programs.

oval:org.secpod.oval:def:18209
The entry appears as MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) in the SCE.

oval:org.secpod.oval:def:18329
This policy setting determines whether a domain member should attempt to negotiate encryption for all secure channel traffic that it initiates.

oval:org.secpod.oval:def:18328
Specify the maximum log file size for System (KB)

oval:org.secpod.oval:def:18207
This service performs IEEE 802.1X authentication on Ethernet interfaces.

oval:org.secpod.oval:def:18449
This policy setting audits Account Management events.

oval:org.secpod.oval:def:18448
This policy setting determines whether the virtual memory pagefile is cleared when the system is shut down.

oval:org.secpod.oval:def:18206
Enables you to synchronize folders on multiple servers across local or wide area network (WAN) network connections.

oval:org.secpod.oval:def:18201
Provides DirectAccess status notification for UI components

oval:org.secpod.oval:def:18443
This policy setting in the System audit category determines whether to audit System Integrity changes on computers that are running Windows Vista.

oval:org.secpod.oval:def:18322
This policy setting for the DS Access audit category enables reports to result when replication between two domain controllers starts and ends.

oval:org.secpod.oval:def:18321
This policy setting determines if the server side SMB service is able to sign SMB packets if it is requested to do so by a client that attempts to establish a connection.

oval:org.secpod.oval:def:18200
Logs, monitors, and manages DirectAccess and VPN connections to the server.

oval:org.secpod.oval:def:18442
The Account Logon audit category generates events for credential validation. These events occur on the computer that is authoritative for the credentials.

oval:org.secpod.oval:def:18441
Performs TCP/IP configuration for DHCP clients, including dynamic assignments of IP addresses, specification of the WINS and DNS servers, and connection-specific DNS names.

oval:org.secpod.oval:def:18320
Remote Desktop Configuration service (RDCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context.

oval:org.secpod.oval:def:18440
The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer.

oval:org.secpod.oval:def:18414
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the Logoff event settings.

oval:org.secpod.oval:def:18413
Maintains links between NTFS files within a computer or across computers in a network.

oval:org.secpod.oval:def:18412
Provides administrative services for IIS, for example configuration history and Application Pool account mapping.

oval:org.secpod.oval:def:18411
Provides a mechanism to exchange data between the virtual machine and the operating system running on the physical computer.

oval:org.secpod.oval:def:18418
Provides secure remote connectivity to remote computers on your corporate network, from anywhere on the Internet.

oval:org.secpod.oval:def:18416
Enables Network Access Protection (NAP) functionality on client computers.

oval:org.secpod.oval:def:18415
Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.

oval:org.secpod.oval:def:18410
Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.

oval:org.secpod.oval:def:10925
The entry appears as MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended) in the SCE.

oval:org.secpod.oval:def:10926
This policy setting determines whether the LAN Manager (LM) hash value for the new password is stored when the password is changed.

oval:org.secpod.oval:def:10927
Network security: Minimum session security for NTLM SSP based (including secure RPC) client applications.

oval:org.secpod.oval:def:10928
Network security: Minimum session security for NTLM SSP based (including secure RPC) server applications.

oval:org.secpod.oval:def:10929
This setting requires if users need to maintain certain complexity or not.

oval:org.secpod.oval:def:18409
Determines whether case insensitivity is enforced for all subsystems. Example is case insensitivity for other subsystems, such as the Portable Operating System Interface for UNIX (POSIX) which are normally case sensitive.

oval:org.secpod.oval:def:18408
This policy setting audits Application Group Management events.

oval:org.secpod.oval:def:10921
Disable this policy setting to prevent the SMB redirector from sending plaintext passwords during authentication to third-party SMB servers that do not support password encryption.

oval:org.secpod.oval:def:10922
This policy setting allows you to specify the amount of continuous idle time that must pass in an SMB session before the session is suspended because of inactivity.

oval:org.secpod.oval:def:10923
This setting requires users to wait for a certain number of days before changing their password again.

oval:org.secpod.oval:def:10924
This policy setting determines the least number of characters that make up a password for a user account.

oval:org.secpod.oval:def:18304
Enables client computers to print to the Line Printer Daemon (LPD) service on this server using TCP/IP and the Line Printer Remote (LPR) protocol.

oval:org.secpod.oval:def:18425
Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.

oval:org.secpod.oval:def:18303
The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering.

oval:org.secpod.oval:def:18424
Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package.

oval:org.secpod.oval:def:18423
This policy setting determines whether digital certificates are processed when software restriction policies are enabled and a user or process attempts to run software with an .exe file name extension.

oval:org.secpod.oval:def:18301
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the special settings defined in the Windows Vista Security Guide.

oval:org.secpod.oval:def:18308
Provides Web connectivity and administration through the Internet Information Services Manager.

oval:org.secpod.oval:def:18429
The entry appears as MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) in the SCE.

oval:org.secpod.oval:def:18307
This policy setting allows administrators to enable the more precise auditing capabilities present in Windows Vista. Uses subcategory setting to override audit policy categories.

oval:org.secpod.oval:def:18428
The policy setting for this audit category determines whether to audit Filtering Platform Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18427
Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks.

oval:org.secpod.oval:def:18306
This settings determines whether to audit the event of a user who accesses an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Other Object Access events.

oval:org.secpod.oval:def:18426
Provides a mechanism to shut down the operating system of this virtual machine from the management interfaces on the physical computer.

oval:org.secpod.oval:def:18305
This policy setting controls whether application write failures are redirected to defined registry and file system locations.

oval:org.secpod.oval:def:18421
This setting determines the behavior for outbound connections that do not match an outbound firewall rule.

oval:org.secpod.oval:def:18420
The registry value entry AutoAdminLogon was added to the template file in the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ registry key

oval:org.secpod.oval:def:10930
The Password protect the screen saver setting should be configured correctly.

oval:org.secpod.oval:def:10931
This setting holds if we need to store passwords using reversible encryption.

oval:org.secpod.oval:def:18419
Enables the detection, download and installation of device-related software. If this service is disabled devices may be configured with outdated software and may not work correctly.

oval:org.secpod.oval:def:10932
Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ...

oval:org.secpod.oval:def:10933
The Screen Saver timeout setting should be configured correctly.

oval:org.secpod.oval:def:18238
Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management.

oval:org.secpod.oval:def:18479
Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network.

oval:org.secpod.oval:def:18358
This policy setting audits Other Account Management events.

oval:org.secpod.oval:def:18236
This policy setting determines if the server side SMB service is required to perform SMB packet signing.

oval:org.secpod.oval:def:18357
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the IPsec Main Mode settings.

oval:org.secpod.oval:def:18478
This setting determines whether to audit the event of a user who accesses an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It targets application generated events.

oval:org.secpod.oval:def:18356
Control Event Log behavior when the log file reaches its maximum size for Security (KB)

oval:org.secpod.oval:def:18477
This policy setting determines whether members of the Server Operators group are allowed to submit jobs by means of the AT schedule facility.

oval:org.secpod.oval:def:18235
Manages audio devices for the Windows Audio service.

oval:org.secpod.oval:def:18239
The Intersite Messaging service enables message exchanges between computers that run Windows Server sites.

oval:org.secpod.oval:def:18230
This policy setting controls whether the elevation request prompt is displayed on the interactive user's desktop or the secure desktop.

oval:org.secpod.oval:def:18470
Serves as the endpoint mapper and COM Service Control Manager.

oval:org.secpod.oval:def:18355
Specify the maximum log file size for Security (KB)

oval:org.secpod.oval:def:18476
Core Windows Service that manages local user sessions.

oval:org.secpod.oval:def:18234
Require a Password when a Computer Wakes (Plugged in)

oval:org.secpod.oval:def:18354
When enabled, this policy setting restricts anonymous access to only those shares and pipes that are named in the Network access: Named pipes that can be accessed anonymously and Network access: Shares that can be accessed anonymously settings.

oval:org.secpod.oval:def:18233
Enables pairing between the system and wired or wireless devices.

oval:org.secpod.oval:def:18475
Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN.

oval:org.secpod.oval:def:18353
Data Deduplication VSS writer guided backup applications to back up volumes with deduplication.

oval:org.secpod.oval:def:18474
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing

oval:org.secpod.oval:def:18232
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the Logon settings.

oval:org.secpod.oval:def:18473
This policy setting makes the Recovery Console SET command available.

oval:org.secpod.oval:def:18231
Manages access to smart cards read by this computer.

oval:org.secpod.oval:def:18249
Allows users to connect interactively to a remote computer.

oval:org.secpod.oval:def:18369
This policy setting specifies the type of challenge/response authentication for network logons. LAN Manager (LM) authentication is the least secure method; it allows encrypted passwords to be cracked because they can be easily intercepted on the network.

oval:org.secpod.oval:def:18248
This policy setting determines what additional permissions are assigned for anonymous connections to the computer

oval:org.secpod.oval:def:18247
Manages audio for Windows-based programs.

oval:org.secpod.oval:def:18368
This policy setting in the DS Access audit category enables reports to result when changes to create, modify, move, or undelete operations are performed on objects in Active Directory Domain Services (AD DS).

oval:org.secpod.oval:def:18246
Manages authentication, authorization, auditing, and accounting for virtual private network (VPN), dial-up, 802.1x wireless or Ethernet switch connection attempts sent by access servers that are compatible with the IETF RADIUS protocol.

oval:org.secpod.oval:def:18488
This service logs unique client access requests in the form of IP addresses and user names of installed products and roles on the local server.

oval:org.secpod.oval:def:18367
This setting controls whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy.

oval:org.secpod.oval:def:18362
Enables scanned documents to be sent from scanners to the scan server and routes them to the correct destinations.

oval:org.secpod.oval:def:18241
Enables a user connection request to be routed to the appropriate Remote Desktop Session Host server in a cluster.

oval:org.secpod.oval:def:18483
This option determines if this computer can receive unicast responses to multicast or broadcast messages that it initiates. Unsolicited unicast responses are blocked regardless of this setting.

oval:org.secpod.oval:def:18240
Manages shadow copy of file shares taken by the VSS file server agent. If this service is stopped, file share shadow copies cannot be managed.

oval:org.secpod.oval:def:18482
This service manages events and event logs.

oval:org.secpod.oval:def:18361
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Handle Manipulation on Windows objects.

oval:org.secpod.oval:def:18481
Select On to allow Windows Firewall to filter network traffic. Select Off to prevent Windows Firewall from using any firewall rules or connection security rules for this profile.

oval:org.secpod.oval:def:18360
This audit category generates events that record the creation and destruction of logon sessions. This setting targets the Logon-Logoff Account Lockout setting.

oval:org.secpod.oval:def:18480
Provides services for configuration, scheduling, and generation of storage reports.

oval:org.secpod.oval:def:18487
Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs.

oval:org.secpod.oval:def:18245
Host process for Function Discovery providers.

oval:org.secpod.oval:def:18366
This policy setting determines the strength of the default discretionary access control list (DACL) for objects.

oval:org.secpod.oval:def:18244
Control Event Log behavior when the log file reaches its maximum size for System (KB)

oval:org.secpod.oval:def:18486
This service manages persistent subscriptions to events from remote sources that support WS-Management protocol.

oval:org.secpod.oval:def:18243
Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device.

oval:org.secpod.oval:def:18364
This is an advanced security setting for the Windows Firewall that you can use to allow unicast responses on computers running Windows Vista or later.

oval:org.secpod.oval:def:18363
Enables this computer to serve as an iSCSI target.

oval:org.secpod.oval:def:18242
Transfers files in the background using idle network bandwidth.

oval:org.secpod.oval:def:18484
This policy setting in the System audit category determines whether to audit IPsec Driver events on computers that are running Windows Vista.

oval:org.secpod.oval:def:18337
Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices.

oval:org.secpod.oval:def:18216
The Detailed Tracking audit category determines whether to audit detailed tracking information for events, such as program activation, process exit, handle duplication, and indirect object access. This setting is focused on RPC events.

oval:org.secpod.oval:def:18458
This policy setting in the System audit category determines whether to audit Security State changes on computers that are running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18457
This setting controls which groups has the right to install printer drivers.

oval:org.secpod.oval:def:18336
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to File System object access processes.

oval:org.secpod.oval:def:18214
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.

oval:org.secpod.oval:def:18335
The entry appears as MSS: (DisableIPSourceRouting) IPv6 source routing protection level (protects against packet spoofing) in the SCE.

oval:org.secpod.oval:def:18456
The policy setting for this audit category determines whether to audit Other Policy Change events on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18334
Resolves RPC interfaces identifiers to transport endpoints.

oval:org.secpod.oval:def:18455
Provides secure storage and retrieval of credentials to users, applications and security service packages.

oval:org.secpod.oval:def:18213
This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel.

oval:org.secpod.oval:def:18219
This policy setting determines whether the LDAP server requires a signature before it will negotiate with LDAP clients.

oval:org.secpod.oval:def:18218
The WebClient service allows Win32 applications to access documents on the Internet.

oval:org.secpod.oval:def:18339
Provides a platform for communication between the virtual machine and the operating system running on the physical computer.

oval:org.secpod.oval:def:18217
Enables identity revocation services for PKI (certificate) based services such as secure e-mail smartcard logon, secure web servers, etc as an online request and response query process.

oval:org.secpod.oval:def:18459
Coordinates transactions between MSDTC and the Kernel Transaction Manager (KTM).

oval:org.secpod.oval:def:18450
Helps the computer run more efficiently by optimizing files on storage drives.

oval:org.secpod.oval:def:18454
The Diagnostic Service Host service enables problem detection, troubleshooting and resolution for Windows components.

oval:org.secpod.oval:def:18212
This policy setting audits Computer Account Management events.

oval:org.secpod.oval:def:18333
The policy setting controls whether to audit users who have accessed the Security Accounts Manager (SAM) object on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18332
AD DS Domain Controller service.

oval:org.secpod.oval:def:18211
Synchronizes the system time of this virtual machine with the system time of the physical computer.

oval:org.secpod.oval:def:18453
Collects and stores configuration information for the network and notifies programs when this information is modified.

oval:org.secpod.oval:def:18210
Maintains an updated list of computers on the network and supplies this list to computers designated as browsers.

oval:org.secpod.oval:def:18452
Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered.

oval:org.secpod.oval:def:18331
The policy setting for this audit category determines whether to audit Authorization Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18451
Enables relative prioritization of work based on system-wide task priorities.

oval:org.secpod.oval:def:18330
Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices.

oval:org.secpod.oval:def:18348
This policy setting controls the behavior of the elevation prompt for standard users on computers running Windows 7, Windows Server 2008 R2, and later versions of Windows.

oval:org.secpod.oval:def:18469
This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests.

oval:org.secpod.oval:def:18226
Control Event Log behavior when the log file reaches its maximum size for Application (KB)

oval:org.secpod.oval:def:18468
Manages and implements Volume Shadow Copies used for backup and other purposes.

oval:org.secpod.oval:def:18347
This policy setting audits logon events other than credential validation and Kerberos Ticket Events.

oval:org.secpod.oval:def:18346
This policy setting controls the behavior of application installation detection for the computer.

oval:org.secpod.oval:def:18225
This settings determines whether to audit the event of a user who accesses an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Registry Object access events.

oval:org.secpod.oval:def:18466
Active Directory Web Services

oval:org.secpod.oval:def:18345
This audit category generates events that record the creation and destruction of logon sessions.

oval:org.secpod.oval:def:18224
This policy setting in the DS Access audit category enables domain controllers to report detailed information about information that replicates between domain controllers.

oval:org.secpod.oval:def:18229
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Kernal Object access processes.

oval:org.secpod.oval:def:18349
Coordinates the communications that are required to use Volume Shadow Copy Service to back up applications and data on this virtual machine from the operating system on the physical computer.

oval:org.secpod.oval:def:18228
This is the setting that turns on or off UAC. Disabling this setting effectively disables UAC.

oval:org.secpod.oval:def:18340
This policy setting determines whether all secure channel traffic that is initiated by the domain member must be signed or encrypted.

oval:org.secpod.oval:def:18461
The 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:18460
This policy setting in the System audit category determines whether to audit Other System events on computers that are running Windows Vista or later versions of Windows.

oval:org.secpod.oval:def:18465
This policy setting determines who is allowed to format and eject removable media.

oval:org.secpod.oval:def:18344
Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.

oval:org.secpod.oval:def:18223
Windows Firewall with Advanced Security uses the settings for this profile to filter network traffic.

oval:org.secpod.oval:def:18343
Manages the assignment of remoteApp and desktop connection resources to users

oval:org.secpod.oval:def:18222
This audit category generates events that record the creation and destruction of logon sessions. This setting targets IPsec Quick Mode settings.

oval:org.secpod.oval:def:18221
Manages the RPC name service database.

oval:org.secpod.oval:def:18463
Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.

oval:org.secpod.oval:def:18341
This policy setting allows the administrator account to automatically log on to the recovery console when it is invoked during startup.

oval:org.secpod.oval:def:18462
Maintains date and time synchronization on all clients and servers in the network.

oval:org.secpod.oval:def:18220
Enables remote users to modify registry settings on this computer.

oval:org.secpod.oval:def:18513
The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component.

oval:org.secpod.oval:def:18512
This setting determines the behavior for outbound connections that do not match an outbound firewall rule. If Outbound connections are set to Block and deploy the firewall policy by using a GPO, cannot receive subsequent Group Policy updates.

oval:org.secpod.oval:def:18511
Provides the core file encryption technology used to store encrypted files on NTFS file system volumes.

oval:org.secpod.oval:def:18510
Integrates disparate file shares into a single, logical namespace and manages these logical volumes.

oval:org.secpod.oval:def:18517
The Net.Tcp Port Sharing Service provides the ability for multiple user processes to share TCP ports over the net.tcp protocol.

oval:org.secpod.oval:def:18516
The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules.

oval:org.secpod.oval:def:18515
When this policy setting is enabled, a domain controller must authenticate the domain account used to unlock the computer.

oval:org.secpod.oval:def:18514
Management Service for Remote Desktop Services

oval:org.secpod.oval:def:18508
Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components.

oval:org.secpod.oval:def:18524
Provides automatic IPv6 connectivity over an IPv4 network.

oval:org.secpod.oval:def:18403
Provides notifications for AutoPlay hardware events.

oval:org.secpod.oval:def:18402
Provides services for quota and file screen management.

oval:org.secpod.oval:def:18523
Windows infrastructure service that controls which background tasks can run on the system.

oval:org.secpod.oval:def:18522
This policy setting audits Distribution Group Management events.

oval:org.secpod.oval:def:18521
Loads files to memory for later printing.

oval:org.secpod.oval:def:18400
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.

oval:org.secpod.oval:def:18407
Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.

oval:org.secpod.oval:def:18406
Enables installation, modification, and removal of Windows updates and optional components.

oval:org.secpod.oval:def:18526
When this setting is configured to Enabled, users are not required to use the CTRL+ALT+DEL key combination to log on to the network.

oval:org.secpod.oval:def:18405
do not process the run once list

oval:org.secpod.oval:def:18404
This service opens custom printer dialog boxes and handles notifications from a remote print server or a printer. If you turn off this service you won't be able to see printer extensions or notifications.

oval:org.secpod.oval:def:18525
Provides a common interface and object model to access management information about operating system, devices, applications and services.

oval:org.secpod.oval:def:18520
WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses.

oval:org.secpod.oval:def:10914
The "Domain Controller: Refuse machine account password changes" setting should be configured correctly.

oval:org.secpod.oval:def:10915
The "Domain member: Disable machine account password changes" setting should be configured correctly.

oval:org.secpod.oval:def:10917
The "Domain member: Require strong (Windows 2000 or later) session key" setting should be configured correctly.

oval:org.secpod.oval:def:10918
This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password.

oval:org.secpod.oval:def:10919
The "Interactive logon: Prompt user to change password before expiration" setting should be configured correctly

oval:org.secpod.oval:def:18519
The Diagnostic System Host service enables problem detection, troubleshooting and resolution for Windows components.

oval:org.secpod.oval:def:18518
The policy setting for this audit category determines whether to audit Authentication Policy changes on computers running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:10913
The "Accounts: Limit local account use of blank passwords to console logon only" setting should be configured correctly.

oval:org.secpod.oval:def:18502
This policy setting in the System audit category determines whether to audit Security System Extension changes on computers that are running Windows Vista or later Windows operating systems.

oval:org.secpod.oval:def:18500
This policy setting allows Local System services that use Negotiate to use the computer identity when reverting to NTLM authentication.

oval:org.secpod.oval:def:18506
This setting controls whether local administrators are allowed to create connection security rules that apply with other connection security rules enforced by Group Policy.

oval:org.secpod.oval:def:18504
Allow NTLM to fall back to NULL session when used with LocalSystem.

oval:org.secpod.oval:def:18503
Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices.

oval:org.secpod.oval:def:18279
Registers and updates IP addresses and DNS records for this computer.

oval:org.secpod.oval:def:18274
Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer.

oval:org.secpod.oval:def:18395
This setting controls whether local administrators are allowed to create local firewall rules that apply with other firewall rules enforced by Group Policy.

oval:org.secpod.oval:def:18394
This setting determines the behavior for inbound connections that do not match an inbound firewall rule.

oval:org.secpod.oval:def:18273
This policy setting audits Security Group Management events.

oval:org.secpod.oval:def:18393
This service is responsible for loading and unloading user profiles.

oval:org.secpod.oval:def:18272
This policy setting in the DS Access audit category enables reports to result when Active Directory Domain Services (AD DS) objects are accessed.

oval:org.secpod.oval:def:18392
Facilitates the running of interactive applications with additional administrative privileges.

oval:org.secpod.oval:def:18278
This policy setting determines whether the system shuts down if it is unable to log Security events.

oval:org.secpod.oval:def:18399
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to dropped packet events by the Filtering Pl

oval:org.secpod.oval:def:18277
Provides the interface to backup and restore Windows Internal Database through the Windows VSS infrastructure.

oval:org.secpod.oval:def:18398
Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent).

oval:org.secpod.oval:def:18397
Allows the redirection of Printers/Drives/Ports for RDP connections

oval:org.secpod.oval:def:18396
This policy setting determines whether a domain member should attempt to negotiate whether all secure channel traffic that it initiates must be digitally signed.

oval:org.secpod.oval:def:18275
Manages the configuration and tracking of Component Object Model (COM)+-based components.

oval:org.secpod.oval:def:18270
This policy setting determines whether the Transport Layer Security/Secure Sockets Layer (TLS/SSL) Security Provider supports only the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite.

oval:org.secpod.oval:def:18390
This policy setting controls the ability of anonymous users to enumerate SAM accounts as well as shares.

oval:org.secpod.oval:def:18285
Install AppX Packages for all authorized users

oval:org.secpod.oval:def:18284
The Windows Process Activation Service (WAS) provides process activation, resource management and health management services for message-activated applications.

oval:org.secpod.oval:def:18283
Allows administrators to remotely access a command prompt using Emergency Management Services.

oval:org.secpod.oval:def:18282
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems.

oval:org.secpod.oval:def:18289
The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP).

oval:org.secpod.oval:def:18288
Offers routing services to businesses in local area and wide area network environments.

oval:org.secpod.oval:def:18287
This setting determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. This setting is targeted to File Share access operations.

oval:org.secpod.oval:def:18286
Provides infrastructure support for Windows Store.

oval:org.secpod.oval:def:18281
The "Require a Password When a Computer Wakes (On Battery)" machine setting should be configured correctly.

oval:org.secpod.oval:def:18280
The WcsPlugInService service hosts third-party Windows Color System color device module and gamut map model plug-in modules.

oval:org.secpod.oval:def:18259
This setting applies to the Non Sensitive Privilege Use subcategory of events. You can use it to audit users exercising user rights.

oval:org.secpod.oval:def:18258
KDC Proxy Server service runs on edge servers to proxy Kerberos protocol messages to domain controllers on the corporate network.

oval:org.secpod.oval:def:18379
Verifies potential file system corruptions.

oval:org.secpod.oval:def:18378
Provides internal relational database services for use by Windows Server features and roles

oval:org.secpod.oval:def:18499
Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable.

oval:org.secpod.oval:def:18252
Manages software-based volume shadow copies taken by the Volume Shadow Copy service.

oval:org.secpod.oval:def:18494
Monitors the state of this virtual machine by reporting a heartbeat at regular intervals.

oval:org.secpod.oval:def:18251
Provides ordered execution for a group of threads within a specific period of time.

oval:org.secpod.oval:def:18372
Enables a user to configure and schedule automated tasks on this computer.

oval:org.secpod.oval:def:18493
The Detailed Tracking audit category determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. This setting deals with Process Creation.

oval:org.secpod.oval:def:18250
The IIS Admin Service allows administration of IIS components such as FTP, application pools, Web sites, Web service extensions, and both Network News Transfer Protocol (NNTP) and Simple Mail Transfer Protocol (SMTP) virtual servers.

oval:org.secpod.oval:def:18371
This setting controls whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy.

oval:org.secpod.oval:def:18492
The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly.

oval:org.secpod.oval:def:18491
Management service for Hyper-V, provides service to run multiple virtual machines.

oval:org.secpod.oval:def:18370
Enables the download, installation and enforcement of digital licenses for Windows and Windows applications.

oval:org.secpod.oval:def:18377
Monitors system events and notifies subscribers to COM+ Event System of these events.

oval:org.secpod.oval:def:18256
Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear.

oval:org.secpod.oval:def:18498
Detailed Tracking audit category determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. This setting deals with Process Termination.

oval:org.secpod.oval:def:18255
Allows UPnP devices to be hosted on this computer.

oval:org.secpod.oval:def:18376
This setting applies to the Sensitive Privilege Use subcategory of events. You can use it to audit users exercising user rights.

oval:org.secpod.oval:def:18497
Default behavior for AutoRun

oval:org.secpod.oval:def:18375
Provides a network service that processes requests to simulate application of Group Policy settings for a target user or computer in various situations and computes the Resultant Set of Policy settings.

oval:org.secpod.oval:def:18496
This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system.

oval:org.secpod.oval:def:18495
The 'Network access: Named Pipes that can be accessed anonymously' setting should be configured correctly.

oval:org.secpod.oval:def:18374
Propagates certificates from smart cards.

oval:org.secpod.oval:def:18490
This policy setting determines which registry paths and sub-paths will be accessible when an application or process references the WinReg key to determine access permissions.

oval:org.secpod.oval:def:18269
This subcategory is not used.

oval:org.secpod.oval:def:18389
Provides management services for disks, volumes, file systems, and storage arrays.

oval:org.secpod.oval:def:18268
Always install with elevated privileges

oval:org.secpod.oval:def:18263
Maintains and improves system performance over time.

oval:org.secpod.oval:def:18384
This setting controls whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy.

oval:org.secpod.oval:def:18262
This setting enables the prevention of the execution of unsigned or invalidated applications. Before enabling this setting, it is essential that administrators are certain that all required applications are signed and valid.

oval:org.secpod.oval:def:18261
Autoplay starts to read from a drive as soon as you insert media in the drive, which causes the setup file for programs or audio media to start immediately.

oval:org.secpod.oval:def:18382
Allows files to be automatically copied and maintained simultaneously on multiple servers.

oval:org.secpod.oval:def:18260
This policy setting controls the behavior of the elevation prompt for administrators on computers running Windows 7, Windows Server 2008 R2, and later versions of Windows.

oval:org.secpod.oval:def:18381
This setting determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to connections to the Filtering Platform.

oval:org.secpod.oval:def:18267
Setting displays notifications to the user when a program is blocked from receiving inbound connections.

oval:org.secpod.oval:def:18388
This policy setting determines whether the account name of the last user to log on to the client computers in your organization will be displayed in each computer's respective Windows logon screen.

oval:org.secpod.oval:def:18387
Removes validated remote access clients from the quarantine network.

oval:org.secpod.oval:def:18266
This policy setting determines which registry paths will be accessible after referencing the WinReg key to determine access permissions to the paths.

oval:org.secpod.oval:def:18386
Creates and maintains client network connections to remote servers using the SMB protocol.

oval:org.secpod.oval:def:18265
Windows Firewall with Advanced Security uses the settings for this profile to filter network traffic.

oval:org.secpod.oval:def:18385
This policy setting determines whether the SMB client will attempt to negotiate SMB packet signing.

oval:org.secpod.oval:def:18264
This setting determines the behavior for outbound connections that do not match an outbound firewall rule. If Outbound connections are set to Block and deploy the firewall policy by using a GPO, cannot receive subsequent Group Policy updates.

oval:org.secpod.oval:def:18380
The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests.

oval:org.secpod.oval:def:18196
Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network.

oval:org.secpod.oval:def:18195
ASP.NET State Service provides support for out-of-process session states for Microsoft ASP.NET, a unified Web development platform.

oval:org.secpod.oval:def:18194
This policy determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to the certification services processes.

oval:org.secpod.oval:def:18199
This policy setting controls whether User Interface Accessibility (UIAccess or UIA) programs can automatically disable the secure desktop for elevation prompts used by a standard user.

oval:org.secpod.oval:def:18198
The Kerberos Key Distribution Center service enables users to log on to the network and be authenticated by the Kerberos version 5 (v5) authentication protocol.

oval:org.secpod.oval:def:18193
The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components.

oval:org.secpod.oval:def:18191
This policy setting controls the ability of anonymous users to enumerate the accounts in the Security Accounts Manager (SAM).

oval:org.secpod.oval:def:18190
Windows notices inactivity of a logon session, and if the amount of inactive time exceeds the inactivity limit, then the screen saver will run, locking the session.

oval:org.secpod.oval:def:18296
Restrict Unauthenticated RPC clients

oval:org.secpod.oval:def:18295
This policy setting determines whether to disconnect users who are connected to the local computer outside their user account's valid logon hours. It affects the SMB component.

oval:org.secpod.oval:def:18294
This service is used to protect data through the Group Data Protection API.

oval:org.secpod.oval:def:18293
This policy setting controls the behavior of Admin Approval Mode for the built-in Administrator account.

oval:org.secpod.oval:def:18179
Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.

oval:org.secpod.oval:def:18299
Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.

oval:org.secpod.oval:def:18297
This policy setting determines what happens when the smart card for a logged on user is removed from the smart card reader.

oval:org.secpod.oval:def:18292
The Data Deduplication service enables the deduplication and compression of data on selected volumes in order to optimize disk space used.

oval:org.secpod.oval:def:18291
Enables remote and delegated management capabilities for administrators to manage the Web server, sites, and applications present on this machine.

oval:org.secpod.oval:def:18186
Supports file, print, and named-pipe sharing over the network for this computer.

oval:org.secpod.oval:def:18185
This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients.

oval:org.secpod.oval:def:18184
Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert.

oval:org.secpod.oval:def:18183
This setting controls whether local administrators are allowed to create connection security rules that apply with other connection security rules enforced by Group Policy.

oval:org.secpod.oval:def:18189
Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.

oval:org.secpod.oval:def:18188
Processes installation, removal, and enumeration requests for software deployed through Group Policy.

oval:org.secpod.oval:def:18187
Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.

oval:org.secpod.oval:def:18182
This policy setting determines how network logons that use local accounts are authenticated.

oval:org.secpod.oval:def:18325
The 'Accounts: Guest account status' setting should be configured correctly.

oval:org.secpod.oval:def:18439
This policy setting allows users to manage the system's volume or disk configuration, which could allow a user to delete a volume and cause data loss as well as a denial-of-service condition.

oval:org.secpod.oval:def:18350
This policy setting determines which users can create symbolic links.

oval:org.secpod.oval:def:18352
This policy setting allows one process or service to start another service or process with a different security access token, which can be used to modify the security access token of that sub-process and result in the escalation of privileges.

oval:org.secpod.oval:def:18485
This policy setting allows users to circumvent file and directory permissions to back up the system.

oval:org.secpod.oval:def:18257
This policy setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they do not have this user right.

oval:org.secpod.oval:def:18436
This policy setting allows a process to assume the identity of any user and thus gain access to the resources that the user is authorized to access.

oval:org.secpod.oval:def:18447
This policy setting allows a user to adjust the maximum amount of memory that is available to a process.

oval:org.secpod.oval:def:18204
This policy setting allows accounts to log on using the task scheduler service.

oval:org.secpod.oval:def:18208
This policy setting determines which users can change the auditing options for files and directories and clear the Security log.

oval:org.secpod.oval:def:18327
This policy setting determines which users or groups have the right to log on as a Terminal Services client.

oval:org.secpod.oval:def:18417
This policy setting allows users to change the amount of processor time that a process uses.

oval:org.secpod.oval:def:18302
This policy setting prohibits users from connecting to a computer from across the network, which would allow users to access and potentially modify data remotely.

oval:org.secpod.oval:def:18422
This setting allows other users on the network to connect to the computer.

oval:org.secpod.oval:def:18300
This policy setting determines which users and groups can change the time and date on the internal clock of the computers in your environment.

oval:org.secpod.oval:def:18237
This policy setting allows users to create directory objects in the object manager.

oval:org.secpod.oval:def:18351
This policy setting allows the user of a portable computer to click Eject PC on the Start menu to undock the computer.

oval:org.secpod.oval:def:18471
This policy setting allows users to change the Trusted for Delegation setting on a computer object in Active Directory.

oval:org.secpod.oval:def:18365
This setting determines which users can change the time zone of the computer.

oval:org.secpod.oval:def:18215
This policy setting determines which users who are logged on locally can use the Shut Down command to shut down the operating system.

oval:org.secpod.oval:def:18338
This security setting determines which users are prevented from logging on at the computer.

oval:org.secpod.oval:def:18227
This policy setting determines which user accounts will have the right to attach a debugger to any process or to the kernel, which provides complete access to sensitive and critical operating system components.

oval:org.secpod.oval:def:18467
This policy setting determines which users can interactively log on to computers in your environment.

oval:org.secpod.oval:def:18509
This policy setting allows users to take ownership of files, folders, registry keys, processes, or threads. This user right bypasses any permissions that are in place to protect objects and give ownership to the specified user.

oval:org.secpod.oval:def:18501
This policy setting determines which users can bypass file, directory, registry, and other persistent object permissions when restoring backed up files and directories.

oval:org.secpod.oval:def:18505
This policy setting allows users to configure the system-wide environment variables that affect hardware configuration. This information is typically stored in the Last Known Good Configuration.

oval:org.secpod.oval:def:18276
This policy setting allows users to change the size of the pagefile.

oval:org.secpod.oval:def:18391
This policy setting allows users to dynamically load a new device driver on a system.

oval:org.secpod.oval:def:18373
This privilege determines which user accounts can modify the integrity label of objects, such as files, registry keys, or processes owned by other users.

oval:org.secpod.oval:def:18253
This policy setting allows a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk.

oval:org.secpod.oval:def:18383
This policy setting allows users to shut down Windows Vista-based computers from remote locations on the network.

oval:org.secpod.oval:def:18197
This policy setting specifies which users can add computer workstations to a specific domain.

oval:org.secpod.oval:def:18192
This policy setting determines whether services can be launched in the context of the specified account.

oval:org.secpod.oval:def:18298
This policy setting determines which user accounts can increase or decrease the size of a process's working set. The working set of a process is the set of memory pages currently visible to the process in physical random access memory (RAM).

oval:org.secpod.oval:def:18290
This policy setting determines which users or processes can generate audit records in the Security log.

oval:org.secpod.oval:def:18472
This policy setting allows users who do not have the special "Traverse Folder" access permission to "pass through" folders when they browse an object path in the NTFS file system or the registry.

oval:org.secpod.oval:def:18489
This security setting determines which users and groups have the authority to synchronize all directory service data.

oval:org.secpod.oval:def:18464
This policy setting determines which accounts will not be able to log on to the computer as a batch job.

oval:org.secpod.oval:def:18342
The policy setting allows programs that run on behalf of a user to impersonate that user (or another specified account) so that they can act on behalf of the user.

oval:org.secpod.oval:def:18271
This policy setting allows a process to create an access token, which may provide elevated rights to access sensitive data.

oval:org.secpod.oval:def:18254
This policy setting determines which users can use tools to monitor the performance of non-system processes. if System Monitor is configured to collect data using Windows Management Instrumentation (WMI) this setting is required.

oval:org.secpod.oval:def:10920
This forces users to change their passwords regularly.

oval:org.secpod.oval:def:10939
This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again.

oval:org.secpod.oval:def:18401
This policy setting determines the length of time before the Account lockout threshold resets to zero.

oval:org.secpod.oval:def:18507
The Account Logon audit category generates events for credential validation.

CPE    1
cpe:/o:microsoft:windows_server_2012:-
CCE    367
CCE-25187-6
CCE-24639-7
CCE-24680-1
CCE-23587-9
...
*XCCDF
xccdf_org.secpod_benchmark_general_Windows_2012

© 2013 SecPod Technologies