[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:gov.nist.usgcb.vista:def:6033
Domain member: Digitally encrypt or sign secure channel data (when possible)

oval:org.secpod.oval:def:14486
The 'Maximum tolerance for computer clock synchronization' policy should be set correctly.

oval:org.secpod.oval:def:14483
The "Maximum Service Ticket Litfetime" policy should be set correctly.

oval:gov.nist.USGCB.vistafirewall:def:6518
Display a Notification - Domain Profile

oval:gov.nist.usgcb.vista:def:6106
Determines if an anonymous user can request security identifier (SID) attributes for another user.

oval:gov.nist.usgcb.vista:def:6099
Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders

oval:gov.nist.usgcb.vista:def:8035
Auditing of "Policy Change: Authentication Policy Change" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6095
Network Security: LDAP client signing requirements

oval:gov.nist.usgcb.vista:def:8032
Auditing of "Object Access: Registry" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6096
Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients

oval:gov.nist.usgcb.vista:def:6097
Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers

oval:gov.nist.usgcb.vista:def:8034
Auditing of "Policy Change: Audit Policy Change" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6098
Recovery Console: Allow Automatic Administrative Logon

oval:gov.nist.usgcb.vista:def:6094
Network Security: LAN Manager Authentication Level

oval:gov.nist.usgcb.vista:def:8047
Auditing of "System: System Integrity" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8043
Auditing of "System: Ipsec Driver" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8042
Sensitive Privilege Use

oval:gov.nist.usgcb.vista:def:6077
Network access: Restrict anonymous access to Named Pipes and Shares

oval:gov.nist.usgcb.vista:def:6079
Network access: Sharing and security model for local accounts

oval:gov.nist.usgcb.vista:def:6073
Network access: Let Everyone permissions apply to anonymous users

oval:gov.nist.usgcb.vista:def:6074
Network access: Named Pipes that can be accessed anonymously

oval:gov.nist.usgcb.vista:def:6075
Network access: Remotely accessible registry paths

oval:gov.nist.usgcb.vista:def:6076
Network access: Remotely accessible registry paths and sub paths

oval:gov.nist.usgcb.vista:def:6070
Network access: Do not allow anonymous enumeration of SAM accounts

oval:gov.nist.usgcb.vista:def:6071
Network access: Do not allow anonymous enumeration of SAM accounts and shares

oval:gov.nist.usgcb.vista:def:6072
Network access: Do not allow storage of credentials or .NET Passports for network authentication

oval:gov.nist.usgcb.vista:def:8019
Auditing of "Logon/Logoff: Logoff" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8026
Auditing of "Object Access: File System" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8020
Auditing of "Logon/Logoff: Logon" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8022
Auditing of "Logon/Logoff: Special Logon" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6080
Network security: Do not store LAN Manager hash value on next password change

oval:gov.nist.usgcb.vista:def:6081
Network security: Force logoff when logon hours expire

oval:org.secpod.oval:def:7710
The Screen Saver Executable Name setting should be configured correctly for the current user.

oval:gov.nist.usgcb.vista:def:6055
MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)

oval:gov.nist.usgcb.vista:def:6056
MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS)

oval:gov.nist.usgcb.vista:def:6057
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes

oval:gov.nist.usgcb.vista:def:6051
Microsoft network server: Digitally sign communications (always)

oval:gov.nist.usgcb.vista:def:6052
Microsoft network server: Digitally sign communications (if client agrees)

oval:gov.nist.usgcb.vista:def:6053
Microsoft network server: Disconnect clients when logon hours expire

oval:gov.nist.usgcb.vista:def:6054
MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)

oval:gov.nist.usgcb.vista:def:6050
Microsoft network server: Amount of idle time required before suspending session

oval:gov.nist.usgcb.vista:def:6059
MSS: (KeepAliveTime)How often keep-alive packets are sent in milliseconds

oval:gov.nist.usgcb.vista:def:8002
Auditing of "Account Management: Computer Account Management" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6068
MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)

oval:gov.nist.usgcb.vista:def:8005
Auditing of "Account Management: Security Group Management" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6069
MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning

oval:gov.nist.usgcb.vista:def:8004
Auditing of "Account Management: Other Account Management Events" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6062
MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended)

oval:gov.nist.usgcb.vista:def:6063
MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended)

oval:gov.nist.usgcb.vista:def:6064
MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)

oval:gov.nist.usgcb.vista:def:6065
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:gov.nist.usgcb.vista:def:6061
MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers

oval:gov.nist.usgcb.vista:def:20012
Allowing source routed network traffic allows attackers to obscure their identity and location.

oval:gov.nist.usgcb.vista:def:20014
MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default).

oval:gov.nist.usgcb.vista:def:20019
This setting was added to Windows Vista SP1 specifically to enable Remote Assistance. It allows certain applications stored in secure folders, such as system32, to bypass the secure desktop so that they can function as designed. Enabling this setting will lower security slightly but enable Remote As ...

oval:gov.nist.usgcb.vista:def:8006
Auditing of "Account Management: User Account Management" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8008
Auditing of "Detailed Tracking: Process Creation" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6034
Domain member: Digitally encrypt or sign secure channel data (always)

oval:gov.nist.usgcb.vista:def:242
This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.vista:def:6035
Domain member: Digitally sign secure channel data (when possible)

oval:gov.nist.usgcb.vista:def:243
This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.vista:def:6036
Domain member: Disable machine account password changes

oval:gov.nist.usgcb.vista:def:6030
Devices: Prevent users from installing printer drivers

oval:gov.nist.usgcb.vista:def:6031
Devices: Restrict CD-ROM access to locally logged-on user only

oval:gov.nist.usgcb.vista:def:6032
Devices: Restrict Floppy access to locally logged-on user only

oval:gov.nist.usgcb.vista:def:100213
The "No auto-restart for scheduled Automatic Updates installations

oval:gov.nist.usgcb.vista:def:100214
reschedule automatic updates

oval:gov.nist.usgcb.vista:def:116
MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering

oval:gov.nist.usgcb.vista:def:6037
Domain member: Maximum machine account password age

oval:gov.nist.usgcb.vista:def:6038
Domain member: Require strong (Windows 2000 or later) session key

oval:gov.nist.usgcb.vista:def:6039
Interactive logon: Do not display last user name

oval:gov.nist.usgcb.vista:def:6044
Interactive logon: Prompt user to change password before expiration

oval:gov.nist.usgcb.vista:def:100205
do not process the run once list

oval:gov.nist.usgcb.vista:def:6045
Interactive logon: Require Domain Controller authentication to unlock workstation

oval:gov.nist.usgcb.vista:def:100208
configure automatic updates

oval:gov.nist.usgcb.vista:def:6046
Interactive logon: Require Domain Controller authentication to unlock workstation

oval:gov.nist.usgcb.vista:def:6047
Microsoft network client: Digitally sign communications (always)

oval:gov.nist.usgcb.vista:def:6040
Interactive logon: Do not require CTRL+ALT+DEL

oval:gov.nist.usgcb.vista:def:6041
Interactive logon: Message text for users attempting to log on

oval:gov.nist.usgcb.vista:def:6042
Interactive logon: Message title for users attempting to log on

oval:gov.nist.usgcb.vista:def:6043
Interactive logon: Number of previous logons to cache (in case domain controller is not available)

oval:org.secpod.oval:def:7708
Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ...

oval:gov.nist.usgcb.vista:def:6048
Microsoft network client: Digitally sign communications (if server agrees)

oval:gov.nist.usgcb.vista:def:6049
Microsoft network client: Send unencrypted password to third-party SMB servers

oval:org.secpod.oval:def:14473
Auditing of 'Logon/Logoff: Account Lockout' events on success should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.vistafirewall:def:6530
Inbound Connections - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6531
Outbound Connections - Public Profile

oval:org.secpod.oval:def:14478
Auditing of 'Logon/Logoff: IPsec Extended Mode' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14472
Auditing of 'Object Access: Filtering Platform Packet Drop' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14470
Auditing of 'Privilege Use: Privilege Use: Other Privilege Use Events' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.vistafirewall:def:6532
Display a Notification - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6411
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6533
Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Public Profile.

oval:gov.nist.USGCB.vistafirewall:def:6412
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6534
Apply Local Firewall Rules - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6413
The log file path and name for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6535
Apply Local Connection Security Rules - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6414
The log file size limit for the Windows Firewall should be configured correctly for the Private Profile.

oval:org.secpod.oval:def:14487
Auditing of 'Object Access: Certification Services' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6024
Audit the access of global system objects is disabled

oval:gov.nist.usgcb.vista:def:6025
Audit: Audit the use of Backup and Restore privilege

oval:org.secpod.oval:def:14485
Auditing of 'Account Management: Application Group Management' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6021
Accounts: Limit local account use to blank passwords to console logon only

oval:gov.nist.USGCB.vistafirewall:def:6520
Apply Local Firewall Rules - Domain Profile

oval:org.secpod.oval:def:14482
Auditing of 'DS Access: Detailed Directory Service Replication' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14480
Auditing of 'Object Access: SAM' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14481
Auditing of 'Logon/Logoff: IPsec Main Mode' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.vistafirewall:def:6529
Firewall state - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6521
Apply Local Connection Security Rules - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6401
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6522
Firewall state - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6523
Inbound Connections - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6402
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6403
The log file path and name for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6524
Outbound Connections - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6404
The log file size limit for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6525
Display a Notification - Private Profile

oval:gov.nist.usgcb.vista:def:6026
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings

oval:gov.nist.USGCB.vistafirewall:def:6526
Allow Unicast Response - Private Profile

oval:gov.nist.usgcb.vista:def:6027
Audit: Shut down system immediately if unable to log security audits

oval:gov.nist.USGCB.vistafirewall:def:6527
Apply Local Firewall Rules - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6528
Apply Local Connection Security Rules - Private Profile

oval:org.secpod.oval:def:14453
Domain Profile: 'Allow file and printer sharing exception' (SP2 only)

oval:gov.nist.usgcb.vista:def:6595
Disable remote Desktop Sharing

oval:gov.nist.usgcb.vista:def:6596
Do not allow passwords to be saved

oval:org.secpod.oval:def:14451
The 'Display user information when the session is locked' setting should be configured correctly.

oval:org.secpod.oval:def:14452
Access to 'registry editing tools' is set correctly.

oval:org.secpod.oval:def:14457
Domain Profile: 'Allow Remote Desktop exception' (SP2 only)

oval:org.secpod.oval:def:14458
The MSS:(TCPMaxConnectResponseRetransmission) 'SYN-ACK retansmissions' when a connection request is not acknowledged

oval:org.secpod.oval:def:14455
The 'Unicast response to multicast or broadcast requests' should be enabled or disabled as appropriate for the Standard Profile.

oval:org.secpod.oval:def:14450
The 'Windows Firewall: Prohibit notifications' setting should be configured correctly for the Standard Profile.

oval:gov.nist.USGCB.vistafirewall:def:6519
Allow Unicast Response - Domain Profile

oval:gov.nist.usgcb.vista:def:6119
Turn off shell protocol protected mode

oval:gov.nist.usgcb.vista:def:6114
If this setting is enabled Windows Error Reporting events will not be logged to the system event log.

oval:gov.nist.USGCB.vistafirewall:def:6515
Firewall state - Domain Profile

oval:gov.nist.usgcb.vista:def:6599
Always prompt client for password upon connection

oval:gov.nist.usgcb.vista:def:6115
If this setting is enabled, Windows Error Reporting will not send any problem information to Microsoft. Additionally, solution information will not be available in the Problem Reports and Solutions control panel.

oval:gov.nist.USGCB.vistafirewall:def:6517
Outbound Connections - Domain Profile

oval:gov.nist.usgcb.vista:def:6121
Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer.

oval:org.secpod.oval:def:14464
The setup 'log maximum size' should be configured correctly.

oval:gov.nist.usgcb.vista:def:6001
This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password.

oval:gov.nist.usgcb.vista:def:6122
This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor.

oval:org.secpod.oval:def:14462
The 'TCP/IP PMTU Discovery' should be properly configured.

oval:gov.nist.usgcb.vista:def:6003
This policy setting determines the number of days that you must use a password before you can change it.

oval:org.secpod.oval:def:14463
The startup type of the 'Internet Connection Sharing service' should be correct.

oval:org.secpod.oval:def:14466
Auditing of 'Account Management: Distribution Group Management' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14467
Auditing of 'DS Access: Directory Service Replication' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6008
This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon at ...

oval:gov.nist.usgcb.vista:def:6129
Sidebar gadgets can be deployed as compressed files, either digitally signed or unsigned. If you enable this setting, Windows Sidebar will not extract any gadgets that have not been digitally signed. If you disable or do not configure this setting, Window

oval:org.secpod.oval:def:14459
Standard Profile: 'Define port exceptions' (SP2 only)

oval:gov.nist.usgcb.vista:def:6004
This policy setting checks all new password to ensure that they meet basic requirements for strong password.

oval:gov.nist.usgcb.vista:def:6005
This policy setting determines whether the operating system stores passwords in a way that uses reversible encryption, which provides support for application protocols that require knowledge of the user's password for authentication purposes.

oval:gov.nist.usgcb.vista:def:6126
Prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet). When enabled, Windows Media DRM is prevented from accessing the Internet (or intranet) for license acquisition and security upgrades.

oval:gov.nist.usgcb.vista:def:6006
This policy setting determines the least number of characters that make up a password for a user account.

oval:org.secpod.oval:def:14398
Auditing of 'process tracking' events on success should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6694
Turn on session logging

oval:gov.nist.usgcb.vista:def:6575
Enumerate administrator accounts on elevation

oval:org.secpod.oval:def:14397
The 'application log maximum size' should be configured correctly.

oval:gov.nist.usgcb.vista:def:6690
Require a Password when a Computer Wakes (Plugged)

oval:gov.nist.usgcb.vista:def:6570
Turn off Search Companion content file updates

oval:org.secpod.oval:def:14395
Domain Profile: 'Allow UPnP framework exception' (SP2 only)

oval:org.secpod.oval:def:14393
The 'when maximum log size is reached' property should be set correctly for the System log.

oval:gov.nist.usgcb.vista:def:6100
Shutdown: Allow System to be Shut Down Without Having to Log On

oval:gov.nist.usgcb.vista:def:6101
Shutdown: Clear Virtual Memory Pagefile

oval:gov.nist.usgcb.vista:def:6102
System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

oval:gov.nist.usgcb.vista:def:6104
System objects: Require case insensitivity for non-Windows subsystems

oval:gov.nist.usgcb.vista:def:6105
System objects: Strengthen default permissions of internal system objects

oval:org.secpod.oval:def:14377
The 'restrict guest access to security log' policy should be set correctly.

oval:org.secpod.oval:def:14498
Auditing of 'Object Access: Kernel Object' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14374
Auditing of 'privilege use' events on success should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14496
Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14378
The 'TCP/IP SYN Flood Attack Protection' should be properly configured.

oval:org.secpod.oval:def:14499
Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6670
Turn Off Windows Update Device Driver Search Prompt

oval:gov.nist.usgcb.vista:def:100055
Default behavior for AutoRun

oval:gov.nist.usgcb.vista:def:6563
Offer Remote Assistance

oval:org.secpod.oval:def:14385
The 'restrict guest access to system log' policy should be set correctly.

oval:org.secpod.oval:def:14389
The 'when maximum log size is reached' property should be set correctly for the Application log.

oval:org.secpod.oval:def:14381
Auditing of 'policy change' events on success should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14382
The 'Interactive logon: Requre smart card' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6565
Restrictions for Unauthenticated RPC clients

oval:gov.nist.usgcb.vista:def:6566
RPC Endpoint Mapper Client Authentication

oval:gov.nist.usgcb.vista:def:6689
Require a Password when a Computer Wakes (On Battery)

oval:org.secpod.oval:def:14511
Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14505
Auditing of 'Object Access: Handle Manipulation' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14503
Auditing of 'Policy Change: Filtering Platform Policy Change' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14508
Auditing of 'Policy Change: Other Policy Change Events' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14520
Auditing of 'Logon/Logoff: Other Logon/Logoff Events' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14523
Auditing of 'Object Access: Application Generated' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14403
Auditing of 'account logon' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14400
The 'Turn off Untrusted Content' setting should be configured correctly.

oval:org.secpod.oval:def:14521
Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14401
The 'System availability to Master Browser' should be properly configured.

oval:org.secpod.oval:def:14522
Auditing of 'Object Access: Filtering Platform Connection' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6669
Do not send a Windows Error Report when a generic driver is installed on a device

oval:org.secpod.oval:def:14514
The 'Prohibit use of Internet Connection Firewall on your DNS domain network' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6666
Prohibit Access of the Windows Connect Now Wizards

oval:gov.nist.usgcb.vista:def:6667
Allow remote access to the PnP interface

oval:org.secpod.oval:def:14501
Auditing of 'DS Access: Directory Service Access' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14500
Auditing of 'Logon/Logoff: IPsec Quick Mode' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:65741
Turn off Autoplay is set correctly.

oval:org.secpod.oval:def:14430
The 'Allow undock without having to logon' policy should be set correctly.

oval:org.secpod.oval:def:14436
Standard Profile: 'Do not allow exceptions '(SP2 only)

oval:org.secpod.oval:def:14433
Standard Profile: 'Protect all network connections' (SP2 only)

oval:org.secpod.oval:def:14429
Logon - 'Do not process the legacy run' list

oval:org.secpod.oval:def:14547
The 'CD Burning features in Windows Explorer' should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14426
Auditing of 'directory service access' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14442
The 'DCOM: Machine access Restrictions in Security Descriptor Definition Language (SDDL) syntax' setting should be configured correctly.

oval:org.secpod.oval:def:14440
The 'Windows Firewall: Prohibit notifications' setting should be configured correctly for the Domain Profile.

oval:org.secpod.oval:def:14447
Domain Profile: 'Allow local program exceptions'

oval:org.secpod.oval:def:14444
Standard Profile: 'Allow Remote Desktop exception' (SP2 only)

oval:org.secpod.oval:def:14439
The 'Turn Off Access to All Windows Update Feature' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6504
Notify antivirus programs when opening attachments

oval:org.secpod.oval:def:14437
Standard Profile: 'Allow remote administration exception' (SP2 only)

oval:org.secpod.oval:def:14530
Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14410
Domain Profile: 'Do not allow exceptions' (SP2 only)

oval:org.secpod.oval:def:14534
The 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies' setting should be configured properly.

oval:org.secpod.oval:def:14535
The 'System cryptography: Force strong key protection for user keys stored on the computer' policy should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14414
Auditing of 'system' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14411
The 'when maximum log size is reached' property should be set correctly for the Security log.

oval:org.secpod.oval:def:14532
Auditing of 'Policy Change: MPSSVC Rule-Level Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14412
Domain Profile: 'Define port exceptions' (SP2 only)

oval:org.secpod.oval:def:14406
Domain Profile: 'Allow remote administration'

oval:org.secpod.oval:def:14527
Auditing of 'Object Access: Other Object Access Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14407
The 'system log maximum size' should be configured correctly.

oval:org.secpod.oval:def:14528
Auditing of 'Object Access: File Share' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6714
Prompt for password on resume from hibernate / suspend

oval:org.secpod.oval:def:14404
The 'Log Access For Setup Log' setting should be configured correctly.

oval:org.secpod.oval:def:14525
Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6715
Prevent users from sharing files within their profile

oval:org.secpod.oval:def:14405
The 'restrict guest access to application log' policy should be set correctly.

oval:org.secpod.oval:def:14409
Domain Profile: 'Allow local port exceptions' (SP2 only)

oval:org.secpod.oval:def:14541
The 'Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)' policy should be set correctly.

oval:org.secpod.oval:def:14542
The 'Unsigned Driver Installation Behavior' policy should be set correctly.

oval:org.secpod.oval:def:14421
Auditing of 'account management' events on failure should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14540
The 'Automatic Reboot After System Crash' should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14424
The 'security log maximum size' should be configured correctly.

oval:org.secpod.oval:def:14545
The 'Windows Firewall inbound program exceptions list' should be set appropriately for the Domain Profile.

oval:org.secpod.oval:def:14543
Disable 'saving of dial-up passwords' should be properly configured.

oval:org.secpod.oval:def:14422
The 'Prevent IIS Installation' setting should be configured correctly.

oval:gov.nist.USGCB.vistafirewall:def:6421
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.vistafirewall:def:6422
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Public Profile.

oval:org.secpod.oval:def:14417
Auditing of 'object access' events on failure should be enabled or disabled as appropriate..

oval:gov.nist.USGCB.vistafirewall:def:6423
The log file path and name for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.usgcb.vista:def:6725
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:org.secpod.oval:def:14415
The 'Allowed to Format and Eject Removable NTFS Media' policy should be set correctly.

oval:gov.nist.USGCB.vistafirewall:def:6424
The log file size limit for the Windows Firewall should be configured correctly for the Public Profile.

oval:org.secpod.oval:def:14536
The Windows Firewall 'Windows Firewall: Define inbound program exceptions' policy should be enabled or disabled as appropriate for the Domain Profile.

oval:gov.nist.usgcb.vista:def:6726
You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min)

oval:gov.nist.usgcb.vista:def:6600
Set client connection encryption level

oval:org.secpod.oval:def:14419
The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly.

oval:gov.nist.usgcb.vista:def:6707
Password protect the screen saver

oval:gov.nist.usgcb.vista:def:6708
Screen Saver timeout

oval:gov.nist.usgcb.vista:def:8087
Run all administrators in Admin Approval Mode

oval:gov.nist.usgcb.vista:def:8086
Only elevate UIAccess applications that are installed in secure locations

oval:gov.nist.usgcb.vista:def:8089
Virtualize file and registry write failures to per-user locations

oval:gov.nist.usgcb.vista:def:8088
Switch to the secure desktop when prompting for elevation

oval:gov.nist.usgcb.vista:def:8083
Behavior of the elevation prompt for standard users

oval:gov.nist.usgcb.vista:def:8082
Behavior of the elevation prompt for administrators in Admin Approval Mode

oval:gov.nist.usgcb.vista:def:8085
Only elevate executables that are signed and validated

oval:gov.nist.usgcb.vista:def:8084
Detect application installations and prompt for elevation

oval:gov.nist.usgcb.vista:def:8081
Admin Approval Mode for the Built-in Administrator account

oval:gov.nist.usgcb.vista:def:612261222
Prevents users from being prompted to update Windows Media Player. This policy prevents the Player from being updated and prevents users with administrator rights from being prompted to update the Player if an updated version is available. The Check for Player Updates command on the Help menu in the ...

oval:gov.nist.usgcb.vista:def:60771
Network access: Shares that can be accessed anonymously

oval:gov.nist.usgcb.vista:def:6022
The built-in Administrator account should be correctly named.

oval:gov.nist.usgcb.vista:def:6023
The built-in Guest account should be correctly named.

oval:gov.nist.usgcb.vista:def:662381
The "Change the time zone" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6650
The "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6655
The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6633
The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6648
Administrators may manage the auditing and security log

oval:gov.nist.usgcb.vista:def:6626
The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:662391
The "Increase a process working set" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:662371
The "Modify an object label" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6651
The "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6652
The "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6657
The "Shut down the system (SeShutdownPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6659
The "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6653
The "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6630
The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6631
The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6640
The "Impersonate a client after authentication" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6647
The log-on-as-a-service user right should be assigned to the correct accounts.

oval:gov.nist.usgcb.vista:def:6649
The "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6643
The "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6617
The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6613
The "Allow log on locally" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6616
The "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6612
The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6628
The "Debug programs (SeDebugPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6624
The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6625
The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6627
The "Create permanent shared objects" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6621
The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6623
The "Change the system time (SeSystemTimePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:14533
The 'add workstations to domain' user right should be assigned to the correct accounts.

oval:gov.nist.usgcb.vista:def:6609
The "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:14538
The 'add workstations to domain' user right should be assigned to the correct accounts.

oval:gov.nist.usgcb.vista:def:6658
The "Synchronize directory service data" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6654
The "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6639
The "Generate security audits (SeAuditPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6636
The "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6638
The "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6634
The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6641
The "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6642
Administrators may load and unload device drivers

oval:gov.nist.usgcb.vista:def:6644
The "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6607
The "Access this computer from the network (SeNetworkLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6002
This policy setting defines how long a user can use their password before it expires.

oval:gov.nist.usgcb.vista:def:6007
This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again.

oval:gov.nist.usgcb.vista:def:6009
This policy setting determines the length of time before the Account lockout threshold resets to zero.

CPE    1
cpe:/o:microsoft:windows_vista
CCE    373
CCE-4228-3
CCE-4183-0
CCE-5137-5
CCE-5094-8
...
*XCCDF
xccdf_org.secpod_benchmark_nerc_cip_Windows_Vista

© 2013 SecPod Technologies