[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:15287
The Human Interface Device Access service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15282
The startup type of the client-side Domain Name Service cache (aka DNS Client) service should be correct.

oval:org.secpod.oval:def:15286
The 'Do not Use Temp folders per Session' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15283
The Upload Manager service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15298
The 'Do Not Allow New Client Connections' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15292
The startup type of the IIS Admin service should be correct.

oval:org.secpod.oval:def:15267
The startup type of the Task Scheduler service should be correct.

oval:org.secpod.oval:def:15268
The startup type of the Automatic Update service should be correct.

oval:org.secpod.oval:def:15271
The startup type of the Remote Access Auto connection Manager service should be correct.

oval:org.secpod.oval:def:15087
The startup type of the .NET Framework service should be correct.

oval:org.secpod.oval:def:15090
The startup type of the Net Logon service should be correct.

oval:gov.nist.usgcb.xp:def:6132
Background Intelligent Transfer Service (a.k.a. BITS)

oval:gov.nist.usgcb.xp:def:6120
Disable IE security prompt for Windows Installer scripts

oval:org.secpod.oval:def:15212
The DHCP Client service should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.xp:def:6572
Turn off downloading of print drivers over HTTP

oval:gov.nist.usgcb.xp:def:6571
Turn off printing over HTTP

oval:gov.nist.usgcb.xp:def:6570
Turn off Search Companion content file updates

oval:gov.nist.usgcb.xp:def:6564
Solicited Remote Assistance

oval:gov.nist.usgcb.xp:def:6567
Turn off the "Publish to Web" task for files and folders

oval:gov.nist.usgcb.xp:def:6569
Turn off the Windows Messenger Customer Experience Improvement Program

oval:gov.nist.usgcb.xp:def:6568
Turn off Internet download for Web publishing and online ordering wizards

oval:org.secpod.oval:def:15245
The Network Connections service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15243
The System Event Notification service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15241
The Smart Card Helper service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15240
The Secondary Logon service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15258
The 'Do not Delete Temp folder on exit' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15223
The startup type of the SNMP Service service should be correct.

oval:org.secpod.oval:def:15221
Show Shared Internet Connection Access UI should be properly configured.

oval:gov.nist.usgcb.xp:def:3366994
Display Error Notification

oval:gov.nist.usgcb.xp:def:3366993
Prohibit use of Internet Connection Sharing on your DNS domain network

oval:gov.nist.usgcb.xp:def:3366992
Prohibit use of Internet Connection Firewall on your DNS domain network

oval:gov.nist.usgcb.xp:def:3366991
Prohibit installation and configuration of Network Bridge on your DNS domain network

oval:org.secpod.oval:def:15232
The 'Maximum User Ticket Lifetime' policy should be set correctly.

oval:org.secpod.oval:def:15236
The Telephony service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15229
Local volumes should be formatted correctly.

oval:gov.nist.usgcb.xp:def:6503
Hide mechanisms to remove zone information

oval:gov.nist.usgcb.xp:def:6502
Do not preserve zone information in file attachments

oval:gov.nist.usgcb.xp:def:2121


oval:gov.nist.usgcb.xp:def:6719
WMI Performance Adapter should be configured to start "Manual"

oval:gov.nist.usgcb.xp:def:2111
Error Reporting Service should be disabled

oval:gov.nist.usgcb.xp:def:109
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)

oval:org.secpod.oval:def:15166
The Windows Time service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15179
The Windows Image Acquisition (WIA) service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15143
The 'Do Not Automatically Start Windows Messenger' policy should be set correctly.

oval:org.secpod.oval:def:15382
The 'Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box' setting should be configured correctly.

oval:org.secpod.oval:def:15141
The startup type of the Simple TCP/IP service should be correct.

oval:org.secpod.oval:def:15159
The Removable Storage service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15150
The startup type of the SNMP Trap Service service should be correct.

oval:org.secpod.oval:def:15154
The 'Always Install with Elevated Privileges' policy should be set correctly.

oval:org.secpod.oval:def:15187
The 'Do Not Allow Windows Messenger to be Run' policy should be set correctly.

oval:org.secpod.oval:def:15194
The 'Maximum Service Ticket Litfetime' policy should be set correctly.

oval:org.secpod.oval:def:15322
The Cryptographic Services service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15321
The 'Enable Keep-Alive Messages' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15327
The Remote Procedure Call (RPC) service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15319
The Remote Access Connection Manager service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15317
Disallow Installation of Printers Using Kernel-mode Drivers should be properly configured.

oval:org.secpod.oval:def:15333
The Performance Logs and Alerts service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15334
The Volume Shadow Copy service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15331
Administrative Shares should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15332
The Event Log service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15337
The Windows Installer service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15338
The Windows Management Instrumentation service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15335
The Remote Procedure Call (RPC) Locator service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15336
The Distributed Link Tracking Client service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15300
The startup type of the Remote Registry service should be correct.

oval:org.secpod.oval:def:15301
Automatic Execution of the System Debugger should be properly configured.

oval:org.secpod.oval:def:15302
The startup type of the Internet Connection Firewall service should be correct.

oval:org.secpod.oval:def:15303
The Application Management service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15311
The 'Cache Transforms in Secure Location' policy should be set correctly.

oval:org.secpod.oval:def:15312
Computer Browser ResetBrowser Frames should be properly configured.

oval:org.secpod.oval:def:15315
The Security Accounts Manager service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15314
The Logical Disk Manager Administrative service should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.xp:def:6682
Turn Off the "Order Prints" Picture Task

oval:gov.nist.usgcb.xp:def:6681
Turn Off Registration if URL Connection is Referring to Microsoft.com

oval:gov.nist.usgcb.xp:def:6683
Turn off Windows Error Reporting

oval:gov.nist.usgcb.xp:def:6686
Always Use Classic Logon

oval:org.secpod.oval:def:15308
The 'Maximum User Renewal Lifetime' policy should be set correctly.

oval:org.secpod.oval:def:15309
The MS Software Shadow Copy Provider service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15306
The startup type of the NTLM Security Support Provider service should be correct.

oval:org.secpod.oval:def:15366
The 'Turn Off Windows Movie Maker Online Web Links' setting should be configured correctly.

oval:org.secpod.oval:def:15364
The 'Turn off downloading of enclosures' setting should be configured correctly.

oval:org.secpod.oval:def:15365
The 'Internet Explorer Maintenance Policy Processing - Allow processing across a slow network connection' setting should be configured correctly.

oval:org.secpod.oval:def:15368
The 'Turn Off Windows Movie Maker Saving to Online Video Hosting Provider' setting should be configured correctly.

oval:org.secpod.oval:def:15369
Turn off Windows Update device driver searching

oval:org.secpod.oval:def:15120
The System Restore service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15363
The 'Prevent Desktop Shortcut Creation' setting for Windows Media Player should be configured correctly.

oval:org.secpod.oval:def:15360
The Logical Disk Manager service should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.xp:def:6680
Turn Off Internet File Association Service

oval:org.secpod.oval:def:15361
The 'Turn Off Windows Movies Maker Automatic Codec Downloads' setting should be configured correctly.

oval:gov.nist.usgcb.xp:def:6672
Registry Policy Processing

oval:gov.nist.usgcb.xp:def:6675
Turn Off Event Views "Events.asp" Links

oval:gov.nist.usgcb.xp:def:6679
Turn Off Internet Connection Wizard if URL Connection is Referring to Microsoft.com

oval:org.secpod.oval:def:15119
The Help and Support service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15136
Autoplay for Default User should be properly configured.

oval:org.secpod.oval:def:15133
The 'Do Not Allow Local Administrators to Customize Permissions' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15375
The 'Do not allow drive redirection' setting should be configured correctly for Terminal Services.

oval:org.secpod.oval:def:15376
The 'Remove Security tab' setting should be configured correctly.

oval:org.secpod.oval:def:15138
The startup type of the Remote Shell service should be correct.

oval:org.secpod.oval:def:15370
The 'Turn Off Automatic Root Certificates Update' setting should be configured correctly.

oval:org.secpod.oval:def:15131
The Workstation service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15371
The 'Don't Display the Getting Started Welcome Screen at Logon' setting should be configured correctly.

oval:gov.nist.usgcb.xp:def:6662
Turn Off Microsoft Peer-to-Peer Networking Services

oval:org.secpod.oval:def:15344
The Themes service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15345
The Windows Management Instrumentation Driver Extensions service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15100
Autoplay for Current User should be properly configured.

oval:org.secpod.oval:def:15348
The 'Maximum tolerance for computer clock synchronization' policy should be set correctly.

oval:org.secpod.oval:def:15106
The 'Allow Reconnection from Original Client Only' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15349
The Server service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15346
The Protected Storage service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15347
The QoS RSVP service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15341
The Distributed Transaction Coordinator service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15339
The Application Layer Gateway service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15355
The Windows Audio service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15114
The startup type of the Print Services for Unix service should be correct.

oval:org.secpod.oval:def:15356
The Network Location Awareness (NLA) service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15353
The Smart Card service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15112
The startup type of the Remote Desktop Help Session Manager service should be correct.

oval:org.secpod.oval:def:15354
The IPSEC Services service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15359
The Portable Media Serial Number Service service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15351
The Infrared Monitor service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15350
The Uninterruptable Power Supply service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15108
The startup type of the Simple Mail Transport Protocol (SMTP) service should be correct.

oval:gov.nist.usgcb.xp:def:2271


oval:gov.nist.usgcb.xp:def:100212
do not display install updates and shut down

oval:gov.nist.usgcb.xp:def:100214
reschedule automatic updates

oval:gov.nist.usgcb.xp:def:100213
no auto restart with logged on users

oval:gov.nist.usgcb.xp:def:6600
Set client connection encryption level

oval:gov.nist.usgcb.xp:def:612261221
Do Not Show First Use Dialog Boxes This policy prevents the Privacy Options and Installation Options dialog boxes from being displayed the first time a user starts Windows Media Player. This policy prevents the dialog boxes which allow users to select privacy, file types, and other desktop options f ...

oval:gov.nist.usgcb.xp:def:612261222
Prevents users from being prompted to update Windows Media Player. This policy prevents the Player from being updated and prevents users with administrator rights from being prompted to update the Player if an updated version is available. The Check for Player Updates command on the Help menu in the ...

oval:gov.nist.usgcb.xp:def:216
Messenger Service should be disabled

oval:gov.nist.usgcb.xp:def:219
Routing and Remote Access Service should be disabled

oval:gov.nist.usgcb.xp:def:211
Computer Browser Service should be disabled

oval:gov.nist.usgcb.xp:def:210
ClipBook Service should be disabled

oval:gov.nist.usgcb.xp:def:213
FTP Publishing Service should be disabled

oval:gov.nist.usgcb.xp:def:212
Fax Service should be disabled

oval:gov.nist.usgcb.xp:def:215
Indexing Service should be disabled

oval:gov.nist.usgcb.xp:def:209
Alerter Service should be disabled

oval:gov.nist.usgcb.xp:def:228
World Wide Web Publishing Service should be disabled

oval:gov.nist.usgcb.xp:def:2881
Disabling this setting will prevent all wireless wi-fi interfaces from working unless a third party management software is used to manage the device. This will not be an issue on managed desktops but will impact mobile devices.

oval:gov.nist.usgcb.xp:def:227
Universal Plug and Play Device Host Service should be disabled

oval:gov.nist.usgcb.xp:def:223
Simple Service Discovery Protocol (SSDP) Discovery Service should be disabled

oval:gov.nist.usgcb.xp:def:226
Telnet Services Service should be disabled

oval:gov.nist.usgcb.xp:def:225
Telnet Service should be disabled

oval:gov.nist.usgcb.xp:def:246
Network DDE Share Database Manager (DSDM) Service should be disabled

oval:gov.nist.usgcb.xp:def:245
Network Dynamic Data Exchange (DDE) Service should be disabled

oval:gov.nist.USGCB.xpfirewall:def:5113
The Windows Firewall: Allow local port exceptions setting allows administrators to use the Windows Firewall component in Control Panel to define a local port exceptions list. Windows Firewall can use two port exceptions lists; the other is defined by the Windows Firewall: Define port exceptions poli ...

oval:gov.nist.USGCB.xpfirewall:def:5103
The Windows Firewall: Allow local program exceptions setting allows administrators to use the Windows Firewall component in Control Panel to define a local program exceptions list. Disabling this policy setting does not allow administrators to define a local program exceptions list, and ensures that ...

oval:gov.nist.USGCB.xpfirewall:def:5108
The Windows Firewall: Allow UPnP framework exception setting allows a computer to receive unsolicited Plug and Play messages sent by network devices, such as routers with built-in firewalls. To receive these messages, Windows Firewall opens TCP port 2869 and UDP port 1900. If you enable this policy ...

oval:gov.nist.USGCB.xpfirewall:def:5106
The Windows Firewall: Allow ICMP exceptions setting defines the set of Internet Control Message Protocol (ICMP) message types that Windows Firewall allows. Utilities can use ICMP messages to determine the status of other computers. For example, Ping uses the echo request message. If you set this pol ...

oval:gov.nist.USGCB.xpfirewall:def:5105
This setting allows file and printer sharing by configuring Windows Firewall to open UDP ports 137 and 138 and TCP ports 139 and 445. If you enable this policy setting, Windows Firewall opens these ports so that the computer can receive print jobs and requests for access to shared files. You must sp ...

oval:org.secpod.oval:def:15289
The 'DCOM: Machine access Restrictions in Security Descriptor Definition Language (SDDL) syntax' setting should be configured correctly.

oval:org.secpod.oval:def:15288
The 'Allow undock without having to logon' policy should be set correctly.

oval:org.secpod.oval:def:15281
The 'enable computer and user accounts to be trusted for delegation' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:15280
The correct service permissions for the Printer service should be assigned.

oval:org.secpod.oval:def:15285
The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly.

oval:org.secpod.oval:def:15284
The correct service permissions for the Remote Desktop Help Session Manager service should be assigned.

oval:org.secpod.oval:def:15299
The correct service permissions for the Universal Plug and Play service should be assigned.

oval:org.secpod.oval:def:15293
TCP/IP PMTU Discovery should be properly configured.

oval:org.secpod.oval:def:15291
The 'Delete Cached Copies of Roaming Profiles' policy should be set correctly.

oval:org.secpod.oval:def:15296
The correct service permissions for the Remote Registry service should be assigned.

oval:org.secpod.oval:def:15297
The correct service permissions for the Background Intelligent Transfer service should be assigned.

oval:org.secpod.oval:def:15294
If the Application log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep.

oval:org.secpod.oval:def:15295
The 'Allow Administrator to Install from Terminal Services Session' policy should be set correctly.

oval:org.secpod.oval:def:15265
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib should be assigned.

oval:org.secpod.oval:def:15269
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum should be assigned.

oval:org.secpod.oval:def:15260
The required permissions for the file %SystemRoot%\System32\Ntbackup.exe should be assigned.

oval:org.secpod.oval:def:15263
The required permissions for the file %SystemRoot%\System32\perfmon.msc should be assigned.

oval:org.secpod.oval:def:15264
The 'Display user information when the session is locked' setting should be configured correctly.

oval:org.secpod.oval:def:15261
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache should be assigned.

oval:org.secpod.oval:def:15262
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ersvc\Security should be assigned.

oval:org.secpod.oval:def:15278
If the Security log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep.

oval:org.secpod.oval:def:15279
The 'Allow Server Operators to Schedule Tasks' policy should be set correctly.

oval:org.secpod.oval:def:15276
System availability to Master Browser should be properly configured.

oval:org.secpod.oval:def:15275
The required permissions for the registry key HKEY_USERS\.DEFAULT should be assigned.

oval:org.secpod.oval:def:15272
The correct service permissions for the SNMP service should be assigned.

oval:org.secpod.oval:def:15273
The correct service permissions for the SNMP Trap service should be assigned.

oval:org.secpod.oval:def:15089
The required permissions for the file %SystemRoot%\System32\RSoP.msc should be assigned.

oval:org.secpod.oval:def:7718
The Password protect the screen saver setting should be configured correctly.

oval:org.secpod.oval:def:15083
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg should be assigned.

oval:org.secpod.oval:def:7719
The Screen Saver Executable Name setting should be configured correctly for the current user.

oval:org.secpod.oval:def:15084
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scarddrv\Security should be assigned.

oval:org.secpod.oval:def:15081
The required permissions for the directory %SystemRoot%\System32\NTMSData should be assigned.

oval:org.secpod.oval:def:15082
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC\Security\XAKey should be assigned.

oval:org.secpod.oval:def:15088
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wmi\Security should be assigned.

oval:org.secpod.oval:def:15085
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netddedsdm\Security should be assigned.

oval:org.secpod.oval:def:15086
If the System log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep.

oval:org.secpod.oval:def:15080
The required permissions for the file %SystemRoot%\System32\Com\comexp.msc should be assigned.

oval:org.secpod.oval:def:7720
The settings of screen saver should be enabled or disabled as appropriate for the current user.

oval:org.secpod.oval:def:15094
The required permissions for the file %SystemRoot%\System32\dfrg.msc should be assigned.

oval:org.secpod.oval:def:15095
The required permissions for the directory %SystemDrive%\Documents and Settings\Administrator should be assigned.

oval:org.secpod.oval:def:15092
The required permissions for the directory %SystemDrive% should be assigned.

oval:org.secpod.oval:def:15093
The required permissions for the directory %SystemRoot%\Debug\UserMode\userenv.log should be assigned.

oval:org.secpod.oval:def:15098
The required permissions for the file %SystemRoot%\System32\nbstat.exe should be assigned.

oval:org.secpod.oval:def:15099
The correct service permissions for the Routing and Remote Access service should be assigned.

oval:org.secpod.oval:def:15097
The correct service permissions for the NetMeeting service should be assigned.

oval:org.secpod.oval:def:15091
The correct service permissions for the Alerter service should be assigned.

oval:gov.nist.usgcb.xp:def:677
No one is denied logon as a service

oval:org.secpod.oval:def:15073
The required permissions for the file %SystemRoot%\System32\CONFIG should be assigned.

oval:org.secpod.oval:def:15071
The required permissions for the directory %SystemRoot%\Registration\CRMLog should be assigned.

oval:org.secpod.oval:def:15076
The required permissions for the directory %SystemRoot%\System32\dllcache should be assigned.

oval:org.secpod.oval:def:15074
The required permissions for the directory %AllUsersProfile% should be assigned.

oval:org.secpod.oval:def:15201
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony should be assigned.

oval:org.secpod.oval:def:15202
The required permissions for the directory %SystemRoot%\Tasks should be assigned.

oval:org.secpod.oval:def:15200
The required permissions for the file %SystemRoot%\System32\netstat.exe should be assigned.

oval:org.secpod.oval:def:15205
The required permissions for the directory %SystemDrive%\Documents and Settings\Default User should be assigned.

oval:org.secpod.oval:def:15206
The required permissions for the file %SystemDrive%\IO.SYS should be assigned.

oval:org.secpod.oval:def:15203
The required permissions for the directory %SystemRoot%\security should be assigned.

oval:org.secpod.oval:def:15204
The required permissions for the registry key HKEY_USERS\.DEFAULT\Software\Microsoft\SystemCertificates\Root\ProtectedRoots should be assigned.

oval:gov.nist.usgcb.xp:def:6119
Turn off shell protocol protected mode

oval:org.secpod.oval:def:15213
The required permissions for the file %SystemRoot%\Offline Web Pages should be assigned.

oval:org.secpod.oval:def:15210
The required permissions for the file %SystemRoot%\Installer should be assigned.

oval:org.secpod.oval:def:15211
The required permissions for the directory %SystemRoot%\System32\spool\Printers should be assigned.

oval:org.secpod.oval:def:15216
The required permissions for the file %SystemRoot%\System32\runas.exe should be assigned.

oval:org.secpod.oval:def:15217
The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\MediaIndex should be assigned.

oval:org.secpod.oval:def:15214
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UPnP Device Host should be assigned.

oval:org.secpod.oval:def:15215
The required permissions for the file %SystemRoot%\System32\drwatson.exe should be assigned.

oval:org.secpod.oval:def:15209
The required permissions for the file %SystemDrive%\System Volume Information should be assigned.

oval:org.secpod.oval:def:15207
The required permissions for the directory %SystemRoot%\System32\MSDTC should be assigned.

oval:org.secpod.oval:def:15208
The required permissions for the file %SystemRoot%\System32\ntmsmgr.msc should be assigned.

oval:org.secpod.oval:def:15246
The required permissions for the file %SystemRoot%\System32\devmgmt.msc should be assigned.

oval:org.secpod.oval:def:15244
The correct service permissions for the Indexing service should be assigned.

oval:org.secpod.oval:def:15249
The required permissions for the file %SystemRoot%\System32\wmimgmt.msc should be assigned.

oval:org.secpod.oval:def:15247
The required permissions for the registry key HKEY_USERS\.DEFAULT\Software\Microsoft\NetDDE should be assigned.

oval:org.secpod.oval:def:15248
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles should be assigned.

oval:org.secpod.oval:def:15242
The 'Network access: Restrict anonymous access to named pipes and shares' setting should be configured correctly.

oval:org.secpod.oval:def:15256
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip should be assigned.

oval:org.secpod.oval:def:15254
The required permissions for the directory %SystemRoot%\System32\GroupPolicy should be assigned.

oval:org.secpod.oval:def:15255
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Stisvc\Security should be assigned.

oval:org.secpod.oval:def:15259
Background Refresh of Group Policy should be properly configured.

oval:org.secpod.oval:def:15252
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rpcss\Security should be assigned.

oval:org.secpod.oval:def:15253
The required permissions for the directory %SystemRoot%\System32\Setup should be assigned.

oval:org.secpod.oval:def:15250
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Wmi\Security should be assigned.

oval:org.secpod.oval:def:15224
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries should be assigned.

oval:org.secpod.oval:def:15222
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\clone should be assigned.

oval:org.secpod.oval:def:15227
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer should be assigned.

oval:org.secpod.oval:def:15225
The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\Crypto\RSAHKLMKeys should be assigned.

oval:org.secpod.oval:def:15226
The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft should be assigned.

oval:org.secpod.oval:def:15220
The correct service permissions for the SMTP service should be assigned.

oval:org.secpod.oval:def:15218
The required permissions for the directory %AllUsersProfile%\Documents\desktop.ini should be assigned.

oval:org.secpod.oval:def:15219
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy should be assigned.

oval:org.secpod.oval:def:15235
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC should be assigned.

oval:org.secpod.oval:def:15233
The required permissions for the directory %SystemRoot%\repair should be assigned.

oval:org.secpod.oval:def:15238
The correct service permissions for the ClipBook service should be assigned.

oval:org.secpod.oval:def:15237
The required permissions for the directory %SystemRoot%\System32\ias should be assigned.

oval:org.secpod.oval:def:15231
The required permissions for the file %SystemDrive%\NTBOOTDD.SYS should be assigned.

oval:gov.nist.usgcb.xp:def:176
Guests and SUPPORT_388945a0 are denied logon as a batch job. Note: If the SUPPORT_388945a0 accounts has been renamed perform this check manually.

oval:gov.nist.usgcb.xp:def:175
Guests and SUPPORT_388945a0 are denied access to this computer from the network. Note: If the SUPPORT_388945a0 accounts has been renamed perform this check manually.

oval:gov.nist.usgcb.xp:def:177
Guests, SUPPORT_388945a0, and any service accounts are denied logon locally. Note: If the SUPPORT_388945a0 accounts has been renamed perform this check manually.

oval:gov.nist.usgcb.xp:def:170
Administrators may create a pagefile

oval:gov.nist.usgcb.xp:def:172
No one is allowed to create permanent shared objects

oval:gov.nist.usgcb.xp:def:171
No one is allowed to create a token object

oval:gov.nist.usgcb.xp:def:174
Administrators are allowed to debug programs

oval:gov.nist.usgcb.xp:def:165
Administrators and Users are allowed to log on locally

oval:gov.nist.usgcb.xp:def:164
Administrators, LOCAL SERVICE, NETWORK SERVICE may adjust memory quotas for a process

oval:gov.nist.usgcb.xp:def:167
Administrators are allowed to back up files and directories

oval:gov.nist.usgcb.xp:def:168
Administrators and Users may bypass traverse checking

oval:gov.nist.usgcb.xp:def:6504
Notify antivirus programs when opening attachments

oval:gov.nist.usgcb.xp:def:161
Administrators may access this computer from the network. NOTE: This can break IPSec see Microsoft Knowledge Base article 823659 for further guidance

oval:gov.nist.usgcb.xp:def:162
No one has the right to act as part of the operating system

oval:gov.nist.usgcb.xp:def:190
Administrators may profile a single process

oval:gov.nist.usgcb.xp:def:192
Users and Administrators may remove the computer from its docking station

oval:gov.nist.usgcb.xp:def:191
Administrators may profile the system performance

oval:gov.nist.usgcb.xp:def:194
Administrators may restore files and directories

oval:gov.nist.usgcb.xp:def:193
LOCAL SERVICE and NETWORK SERVICE may replace a process level token

oval:gov.nist.usgcb.xp:def:196
Administrators may take ownership of files or other objects

oval:gov.nist.usgcb.xp:def:195
Administrators and Users may shut down the system

oval:gov.nist.usgcb.xp:def:187
Administrators may manage the auditing and security log

oval:gov.nist.usgcb.xp:def:186
LOGON SERVICE and NETWORK SERVICE may log on as a service

oval:gov.nist.usgcb.xp:def:189
Administrators may perform volume maintenance tasks

oval:gov.nist.usgcb.xp:def:188
Administrators may modify firmware environment variables

oval:gov.nist.usgcb.xp:def:180
Administrators may force shutdown from a remote system

oval:gov.nist.usgcb.xp:def:183
Administrators may load and unload device drivers

oval:gov.nist.usgcb.xp:def:182
Administrators may increase scheduling priority

oval:gov.nist.usgcb.xp:def:185
No one may log on as a batch job

oval:gov.nist.usgcb.xp:def:184
No one may lock pages in memory

oval:gov.nist.usgcb.xp:def:118
MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers

oval:gov.nist.usgcb.xp:def:117
MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives

oval:gov.nist.usgcb.xp:def:119
MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames

oval:gov.nist.usgcb.xp:def:112
MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways

oval:gov.nist.usgcb.xp:def:111
MSS: (DisableIPSourceRouting) IP source routing protection level

oval:gov.nist.usgcb.xp:def:113
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes disabled

oval:gov.nist.usgcb.xp:def:107
System objects: Require case insensitivity for non-Windows subsystems

oval:gov.nist.usgcb.xp:def:106
System objects: Default owner for objects created by members of the Administrators group

oval:gov.nist.usgcb.xp:def:101
Recovery console: Allow automatic administrative logon

oval:gov.nist.usgcb.xp:def:100
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers

oval:gov.nist.usgcb.xp:def:103
Shutdown: Allow system to be shut down without having to log on disabled

oval:gov.nist.usgcb.xp:def:102
Recovery console: Allow floppy copy and access to all drives and all folders disabled

oval:gov.nist.usgcb.xp:def:104
Shutdown: Clear virtual memory pagefile

oval:gov.nist.usgcb.xp:def:1662
No one but Administrators and Remote Desktop Users may logon through Terminal Services

oval:gov.nist.usgcb.xp:def:139
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/net1.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:132
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/debug.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:131
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/cacls.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:134
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/eventcreate.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:133
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/edlin.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:135
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/eventtriggers.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:138
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/net.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:130
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/attrib.exe file

oval:gov.nist.usgcb.xp:def:129
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/at.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:128
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/arp.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:121
MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure DefaultGateway addresses

oval:gov.nist.usgcb.xp:def:122
MSS: (SafeDllSearchMode) Enable Safe DLL search mode

oval:gov.nist.usgcb.xp:def:125
MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged

oval:gov.nist.usgcb.xp:def:124
MSS: (SynAttackProtect) Syn attack protection level

oval:gov.nist.usgcb.xp:def:127
MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning

oval:gov.nist.usgcb.xp:def:126
(TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted

oval:gov.nist.usgcb.xp:def:154
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/secedit.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:153
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/sc.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:156
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/systeminfo.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:155
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/subst.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:158
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/tftp.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:159
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/tlntsvr.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:150
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rexec.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:152
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rsh.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:151
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/route.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:145
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/reg.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:144
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rcp.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:147
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regedt32.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:146
The Administrators group and the System user should have full access to the SYSTEMROOT/regedit.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:149
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regsvr32.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:148
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regini.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:140
The Administrators group and the System user should have full access to the SYSTEMROOT/system32/netsh.exe file and all other users should have no file access privileges

oval:org.secpod.oval:def:15168
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NetDDE should be assigned.

oval:org.secpod.oval:def:15169
The required permissions for the file %SystemRoot%\System32\nslookup.exe should be assigned.

oval:org.secpod.oval:def:15167
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess should be assigned.

oval:org.secpod.oval:def:15160
The correct service permissions for the Computer Browser service should be assigned.

oval:org.secpod.oval:def:15161
The required permissions for the file %SystemDrive%\NTDETECT.COM should be assigned.

oval:org.secpod.oval:def:15164
The required permissions for the directory %SystemRoot%\System32\lusrmgr.msg should be assigned.

oval:org.secpod.oval:def:15165
The required permissions for the file %SystemRoot%\System32\compmgmt.msc should be assigned.

oval:org.secpod.oval:def:15162
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt\Security should be assigned.

oval:org.secpod.oval:def:15163
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers should be assigned.

oval:org.secpod.oval:def:15177
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netdd\Security should be assigned.

oval:org.secpod.oval:def:15178
The required permissions for the directory %SystemRoot%\Temp should be assigned.

oval:org.secpod.oval:def:15171
The required permissions for the directory %AllUsersProfile%\Application Data should be assigned.

oval:org.secpod.oval:def:15172
The required permissions for the file %SystemRoot%\System32\gpedit.msc should be assigned.

oval:org.secpod.oval:def:15170
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE should be assigned.

oval:org.secpod.oval:def:15175
The correct service permissions for the Automatic Updates service should be assigned.

oval:org.secpod.oval:def:15176
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM should be assigned.

oval:org.secpod.oval:def:15173
The required permissions for the file %SystemDrive%\CONFIG.SYS should be assigned.

oval:org.secpod.oval:def:15174
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings should be assigned.

oval:org.secpod.oval:def:15146
The correct service permissions for the Messenger service should be assigned.

oval:org.secpod.oval:def:15147
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSrv\Security should be assigned.

oval:org.secpod.oval:def:15144
The required permissions for the file %SystemRoot%\System32\services.msc should be assigned.

oval:org.secpod.oval:def:15145
The required permissions for the directory %SystemRoot%\Driver Cache\I386\Driver.cab should be assigned.

oval:org.secpod.oval:def:15148
The correct service permissions for the Net Logon service should be assigned.

oval:org.secpod.oval:def:15149
The required permissions for the file %SystemRoot%\System32\diskmgmt.msc should be assigned.

oval:org.secpod.oval:def:15380
Access to registry editing tools should be set correctly.

oval:org.secpod.oval:def:15383
The required permissions for the file %SystemRoot%\System32\telnet.exe should be assigned.

oval:org.secpod.oval:def:15157
The correct service permissions for the IIS Admin service should be assigned.

oval:org.secpod.oval:def:15158
The required permissions for the file %SystemDrive%\Documents and Settings should be assigned.

oval:org.secpod.oval:def:15155
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security should be assigned.

oval:org.secpod.oval:def:15156
The required permissions for the directory %AllUsersProfile%\DRM should be assigned.

oval:org.secpod.oval:def:15153
The 'LDAP server signing requirements' policy should be set correctly.

oval:org.secpod.oval:def:15151
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Security should be assigned.

oval:org.secpod.oval:def:15152
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32time\Security should be assigned.

oval:gov.nist.usgcb.xp:def:6022
Accounts: Rename Administrator Account

oval:gov.nist.usgcb.xp:def:6023
Accounts: Rename Guest Account

oval:gov.nist.usgcb.xp:def:6029
Devices: Allowed to format and eject removable media

oval:org.secpod.oval:def:15189
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scardsvr\Security should be assigned.

oval:org.secpod.oval:def:15182
The required permissions for the directory %SystemRoot%\System32 should be assigned.

oval:org.secpod.oval:def:15183
The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly.

oval:org.secpod.oval:def:15181
The required permissions for the directory %SystemRoot%\CSC should be assigned.

oval:org.secpod.oval:def:15184
The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\Crypto\DSSHKLMKeys should be assigned.

oval:org.secpod.oval:def:15185
The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\Dr Watson should be assigned.

oval:org.secpod.oval:def:15199
The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\HTML Help should be assigned.

oval:org.secpod.oval:def:15191
The required permissions for the file %SystemRoot%\System32\eventvwr.msc should be assigned.

oval:org.secpod.oval:def:15192
The required permissions for the directory %ProgramFiles% should be assigned.

oval:org.secpod.oval:def:15198
The required permissions for the file %SystemRoot%\System32\ntmsoprq.msc should be assigned.

oval:org.secpod.oval:def:15195
The 'Prohibit New Task Creation' policy should be set correctly for the Task Scheduler.

oval:org.secpod.oval:def:15196
The IMAPI CD-Burning COM service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15190
The required permissions for the file %SystemDrive%\AUTOEXEC.BAT should be assigned.

oval:org.secpod.oval:def:15320
The correct service permissions for the Telnet service should be assigned.

oval:org.secpod.oval:def:15326
The 'Refuse machine account password change' policy should be set correctly.

oval:gov.nist.usgcb.xp:def:7796
MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering

oval:org.secpod.oval:def:15329
The correct service permissions for the Terminal Services service should be assigned.

oval:org.secpod.oval:def:15304
The correct service permissions for the WWW Publishing service should be assigned.

oval:org.secpod.oval:def:15316
The correct service permissions for the Task Scheduler service should be assigned.

oval:org.secpod.oval:def:15313
The correct service permissions for the Fax service should be assigned.

oval:org.secpod.oval:def:15307
The correct service permissions for the FTP Publishing service should be assigned.

oval:org.secpod.oval:def:15125
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netbt should be assigned.

oval:org.secpod.oval:def:15122
The required permissions for the directory %SystemRoot%\Debug\UserMode should be assigned.

oval:org.secpod.oval:def:15123
The required permissions for the file %SystemRoot%\System32\fsmgmt.msc should be assigned.

oval:org.secpod.oval:def:15128
The required permissions for the directory %SystemRoot%\$NtServicePackUninstall$ should be assigned.

oval:org.secpod.oval:def:15129
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit should be assigned.

oval:org.secpod.oval:def:15127
The 'add workstations to domain' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:15121
The required permissions for the directory %SystemRoot%\Registration should be assigned.

oval:org.secpod.oval:def:15134
The required permissions for the directory %SystemRoot%\Debug should be assigned.

oval:org.secpod.oval:def:15139
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tapisrv\Security should be assigned.

oval:org.secpod.oval:def:15137
The required permissions for the file %SystemRoot%\System32\drwtsn32.exe should be assigned.

oval:org.secpod.oval:def:15132
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Asr\Commands should be assigned.

oval:org.secpod.oval:def:15130
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Samss\Security should be assigned.

oval:org.secpod.oval:def:15102
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network should be assigned.

oval:org.secpod.oval:def:15103
The required permissions for the file %SystemRoot%\System32\secpol.msc should be assigned.

oval:org.secpod.oval:def:15342
The 'Interactive logon: Requre smart card' setting should be configured correctly.

oval:org.secpod.oval:def:15101
The required permissions for the directory %SystemRoot% should be assigned.

oval:org.secpod.oval:def:15107
The required permissions for the file %SystemRoot%\System32\ftp.exe should be assigned.

oval:org.secpod.oval:def:15104
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IRENUM\Security should be assigned.

oval:org.secpod.oval:def:15105
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies should be assigned.

oval:org.secpod.oval:def:15113
The required permissions for the file %SystemRoot%\Prefetch should be assigned.

oval:org.secpod.oval:def:15111
The required permissions for the file %SystemRoot%\System32\ciadv.msc should be assigned.

oval:org.secpod.oval:def:15118
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class should be assigned.

oval:org.secpod.oval:def:15115
The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography/Calais should be assigned.

oval:org.secpod.oval:def:15116
The required permissions for the file %SystemDrive%\MSDOS.SYS should be assigned.

oval:org.secpod.oval:def:15110
The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities should be assigned.

oval:gov.nist.usgcb.xp:def:6640
Administrators and SERVICE may Impersonate a Client after Authentication

oval:org.secpod.oval:def:15109
The required permissions for the file %SystemDrive%\NTLDR should be assigned.

oval:gov.nist.usgcb.xp:def:6626
Administrators, SERVICE, Local Service and Network Service may Create Global Objects

oval:gov.nist.usgcb.xp:def:1351
The Administrators group and the System user should have full access and the Users group has read access to the SYSTEMROOT/system32/mshta.exe file and all other users should have no file access privileges

oval:gov.nist.usgcb.xp:def:217
NetMeeting Remote Desktop Sharing Service should be disabled

oval:gov.nist.usgcb.xp:def:238
No one may synchronize directory service data

oval:gov.nist.usgcb.xp:def:93
Network access: Shares that can be accessed anonymously

oval:gov.nist.usgcb.xp:def:92
Network access: Remotely accessible registry paths

oval:gov.nist.usgcb.xp:def:95
Network security: Do not store LAN Manager hash value on next password change

oval:gov.nist.usgcb.xp:def:94
Network access: Sharing and security model for local accounts

oval:gov.nist.usgcb.xp:def:96
Network security: LAN Manager authentication level

oval:gov.nist.usgcb.xp:def:99
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients

oval:gov.nist.usgcb.xp:def:98
Network security: LDAP client signing requirements

oval:gov.nist.usgcb.xp:def:91
Network access: Named Pipes that can be accessed anonymously

oval:gov.nist.usgcb.xp:def:90
Network access: Let Everyone permissions apply to anonymous users

oval:gov.nist.usgcb.xp:def:82
Microsoft network client: Send unencrypted password to third-party SMB servers disabled

oval:gov.nist.usgcb.xp:def:81
Microsoft network client: Digitally sign communications

oval:gov.nist.usgcb.xp:def:84
Microsoft network server: Digitally sign communications (always)

oval:gov.nist.usgcb.xp:def:86
Microsoft network server: Disconnect clients when logon hours expire

oval:gov.nist.usgcb.xp:def:85
Microsoft network server: Digitally sign communications (if client agrees)

oval:gov.nist.usgcb.xp:def:88
Network access: Do not allow anonymous enumeration of SAM accounts and shares

oval:gov.nist.usgcb.xp:def:87
Network access: Do not allow anonymous enumeration of SAM accounts

oval:gov.nist.usgcb.xp:def:89
Network access: Do not allow storage of credentials or .NET Passports for network authentication

oval:gov.nist.usgcb.xp:def:1781
Guests are denied logon through Terminal Services

oval:gov.nist.usgcb.xp:def:72
Number of previous logons to cache (in case domain controller is not available) is profile defined

oval:gov.nist.usgcb.xp:def:75
Require Domain Controller authentication to unlock workstation

oval:gov.nist.usgcb.xp:def:77
Determines if an anonymous user can request security identifier (SID) attributes for another user.

oval:gov.nist.usgcb.xp:def:79
Microsoft network client: Digitally sign communications (always)

oval:gov.nist.usgcb.xp:def:78
Smart card removal behavior for interactive logon

oval:gov.nist.usgcb.xp:def:242
This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.xp:def:244
Network security: Force logoff when logon hours expire

oval:gov.nist.usgcb.xp:def:64
Disable machine account password changes

oval:gov.nist.usgcb.xp:def:68
Do not display last user name logged on

oval:gov.nist.usgcb.xp:def:69
Do not require CTRL+ALT+DEL for logon

oval:gov.nist.usgcb.xp:def:52
Audit the use of Backup and Restore privileges

oval:gov.nist.usgcb.xp:def:56
Prevent users from installing printer drivers

oval:gov.nist.usgcb.xp:def:59
Restrict floppy access to locally logged-on users only

oval:gov.nist.usgcb.xp:def:58
Restrict CD-ROM access to locally logged-on user only

oval:gov.nist.usgcb.xp:def:42


oval:gov.nist.usgcb.xp:def:45
Audit the access of global system objects is disabled

oval:org.secpod.oval:def:15290
The 'Enable User to Use Media Source While Elevated' policy should be set correctly.

oval:org.secpod.oval:def:15266
CD-ROM Autorun should be properly configured.

oval:org.secpod.oval:def:15277
The 'Terminate session when time limits are reached' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15270
Auditing of 'process tracking' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15274
The 'Always Prompt Client for Password upon Connection' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:7715
The Screen Saver Executable Name setting should be configured correctly for the current user.

oval:org.secpod.oval:def:7716
The "Screen Saver Timeout" setting should be configured correctly for the default user.

oval:org.secpod.oval:def:7717
The settings of screen saver should be enabled or disabled as appropriate for the current user.

oval:org.secpod.oval:def:15096
The 'restrict guest access to application log' policy should be set correctly.

oval:org.secpod.oval:def:15072
The required auditing for the registry key HKEY_LOCAL_MACHINE\SYSTEM should be enabled.

oval:gov.nist.usgcb.xp:def:6121
Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer.

oval:gov.nist.usgcb.xp:def:6122
This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor.

oval:gov.nist.usgcb.xp:def:6596
Do not allow passwords to be saved

oval:gov.nist.usgcb.xp:def:6563
Offer Remote Assistance

oval:gov.nist.usgcb.xp:def:6565
Restrictions for Unauthenticated RPC clients

oval:gov.nist.usgcb.xp:def:6566
RPC Endpoint Mapper Client Authentication

oval:org.secpod.oval:def:15257
The 'Anonymous access to the system event log' policy should be set correctly.

oval:org.secpod.oval:def:15251
Membership in the Power Users group should be assigned to the appropriate accounts.

oval:org.secpod.oval:def:15228
The 'restrict guest access to security log' policy should be set correctly.

oval:org.secpod.oval:def:15234
The 'Remote Control Settings' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15239
Auditing of 'process tracking' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15230
The required auditing for the registry key HKEY_LOCAL_MACHINE\SOFTWARE should be enabled.

oval:gov.nist.usgcb.xp:def:169
Administrators may change the system time

oval:gov.nist.usgcb.xp:def:198
This definition tests the maximum allowed size of the security log is at least as big as the supplied value.

oval:gov.nist.usgcb.xp:def:197
This definition tests the maximum allowed size of the application log is at least as big as the supplied value.

oval:gov.nist.usgcb.xp:def:199
This definition tests the maximum allowed size of the system log is at least as big as the supplied value.

oval:gov.nist.usgcb.xp:def:6725
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:gov.nist.usgcb.xp:def:181
LOCAL SERVICE and NETWORK SERVICE may generate security audits

oval:gov.nist.usgcb.xp:def:6726
You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min)

oval:gov.nist.usgcb.xp:def:6714
Prompt for password on resume from hibernate / suspend

oval:gov.nist.usgcb.xp:def:6708
Screen Saver timeout

oval:gov.nist.usgcb.xp:def:6707
Password protect the screen saver

oval:gov.nist.USGCB.xpfirewall:def:5111
The Windows Firewall: Prohibit unicast response to multicast or broadcast requests setting prevents a computer from receiving unicast responses to its outgoing multicast or broadcast messages. When this policy setting is enabled and the computer sends multicast or broadcast messages to other compute ...

oval:gov.nist.USGCB.xpfirewall:def:5100
The Windows Firewall: Protect all network connections setting turns on Windows Firewall, which replaces Internet Connection Firewall on all computers that are running Windows XP SP2. This appendix recommends configuring this setting to Enabled to protect all network connections for computers in all ...

oval:gov.nist.USGCB.xpfirewall:def:5101
The Windows Firewall: Do not allow exceptions setting specifies that Windows Firewall blocks all unsolicited incoming messages. This policy setting overrides all other Windows Firewall policy settings that allow such messages. If you enable this policy setting in the Windows Firewall component of Co ...

oval:gov.nist.USGCB.xpfirewall:def:5107
Many organizations use Remote Desktop connections in their normal troubleshooting procedures or operations. However, some attacks have occurred that exploited the ports typically used by Remote Desktop. To provide flexibility for remote administration, the Windows Firewall: Allow Remote Desktop exce ...

oval:gov.nist.USGCB.xpfirewall:def:5109
Windows Firewall can display notifications to users when a program requests that Windows Firewall add the program to the program exceptions list. This situation occurs when programs attempt to open a port and are not allowed to do so based on current Windows Firewall rules. The Windows Firewall: Pro ...

oval:gov.nist.usgcb.xp:def:110
MSS: (AutoAdminLogon) Enable Automatic Logon disabled

oval:gov.nist.usgcb.xp:def:115
MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds

oval:gov.nist.usgcb.xp:def:105
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

oval:gov.nist.USGCB.xpfirewall:def:6008
The Windows Firewall port exceptions list should be defined by Group Policy, which allows you to centrally manage and deploy your port exceptions and ensure that local administrators do not create less secure settings. The Windows Firewall: Define port exceptions policy setting allows you to central ...

oval:gov.nist.usgcb.xp:def:123
MSS (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires

oval:gov.nist.USGCB.xpfirewall:def:51041
Many organizations take advantage of remote computer administration in their daily operations. However, some attacks have exploited the ports typically used by remote administration programs; Windows Firewall can block these ports. To provide flexibility for remote administration, the Windows Firewa ...

oval:org.secpod.oval:def:15381
The 'Windows Firewall: Define program exceptions' policy should be configured correctly for the Domain Profile.

oval:org.secpod.oval:def:15142
The permitted number of TCP/IP Maximum Half-open Sockets should be set correctly .

oval:org.secpod.oval:def:15140
Disable saving of dial-up passwords should be properly configured.

oval:gov.nist.usgcb.xp:def:6027
Audit: Shut down system immediately if unable to log security audits

oval:org.secpod.oval:def:15188
Membership in the Backup Operators group should be assigned to the appropriate accounts.

oval:org.secpod.oval:def:15180
The 'Anonymous access to the security event log' policy should be set correctly.

oval:org.secpod.oval:def:15186
The required auditing for %SystemDrive% directory should be enabled.

oval:org.secpod.oval:def:15193
The 'Log Successful Connections' option for the Windows Firewall should be configured correctly for the Standard Profile.

oval:org.secpod.oval:def:15197
the 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Polices' setting should be configured correctly.

oval:org.secpod.oval:def:15323
The permitted number of TCP/IP Maximum Retried Half-open Sockets should be set correctly .

oval:org.secpod.oval:def:15324
The 'Prevent Codec Download' policy should be set correctly for Windows MediaPlayer.

oval:org.secpod.oval:def:15325
The 'Anonymous access to the application event log' policy should be set correctly.

oval:org.secpod.oval:def:15318
Always Wait for the Network at Computer Startup and Logon should be properly configured.

oval:org.secpod.oval:def:15330
Membership in the Remote Desktop Users group should be assigned to the appropriate accounts.

oval:org.secpod.oval:def:15328
The 'Limit Number of Connections' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15305
The log file size limit for the Windows Firewall should be configured correctly for the Standard Profile.

oval:org.secpod.oval:def:15310
Dr. Watson Crash Dumps should be properly configured.

oval:org.secpod.oval:def:15124
The 'restrict guest access to system log' policy should be set correctly.

oval:org.secpod.oval:def:15126
The 'Limit Users to One Remote Session' policy should be set correctly for Terminal Services.

oval:org.secpod.oval:def:15362
The 'Prevent IIS Installation' setting should be configured correctly.

oval:org.secpod.oval:def:15135
Automatic Reboot After System Crash should be properly configured.

oval:org.secpod.oval:def:15377
Processing of the legacy run list on logon should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15378
The 'CD Burning features in Windows Explorer' should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15379
The 'Windows Firewall: Apply local firewall rules' policy should be configured correctly for the Domain profile.

oval:org.secpod.oval:def:15373
The 'Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)' policy should be set correctly.

oval:org.secpod.oval:def:15374
The 'Windows Firewall: Inbound connections' policy should be configured correctly for the Domain Profile.

oval:org.secpod.oval:def:15372
The 'Windows Firewall: Outbound connections' policy should be configured correctly for the Domain profile.

oval:org.secpod.oval:def:15343
Domain Profile: Do not allow exceptions (SP2 only)

oval:org.secpod.oval:def:15340
The log file path and name for the Windows Firewall should be configured correctly for the Standard Profile.

oval:org.secpod.oval:def:15117
The 'Enable User to Patch Elevated Products' policy should be set correctly.

oval:org.secpod.oval:def:15357
The TCP/IP NetBIOS Helper service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:15358
The 'Log Dropped Packets' option for the Windows Firewall should be configured correctly for the Standard Profile.

oval:org.secpod.oval:def:15352
Standard Profile: Define port exceptions (SP2 only)

oval:gov.nist.usgcb.xp:def:30
Audit Directory Service Access

oval:gov.nist.usgcb.xp:def:32
Audit logon events

oval:gov.nist.usgcb.xp:def:35
Audit policy changes

oval:gov.nist.usgcb.xp:def:34
Audit object access

oval:gov.nist.usgcb.xp:def:37
Audit system events

oval:gov.nist.usgcb.xp:def:36
Audit privilege use

oval:gov.nist.usgcb.xp:def:22
Passwords must be stored using reversible encryption for all users in the domain

oval:gov.nist.usgcb.xp:def:21
Passwords must meet complexity requirements

oval:gov.nist.usgcb.xp:def:24
Account lockout threshold is the profile defined number of invalid logon attempts

oval:gov.nist.usgcb.xp:def:23
This definition verifies that locked accounts remains locked for the defined number of minutes before they are automatically unlocked.

oval:gov.nist.usgcb.xp:def:26
Reset account lockout counters after the profile defined number of minutes

oval:gov.nist.usgcb.xp:def:27
Audit account logon events

oval:gov.nist.usgcb.xp:def:29
Audit account management

oval:gov.nist.usgcb.xp:def:100205
do not process the run once list

oval:gov.nist.usgcb.xp:def:100208
configure automatic updates

oval:gov.nist.usgcb.xp:def:17
Maximum password age is the profile defined number of days

oval:gov.nist.usgcb.xp:def:16
Password history enforcement is enabled and the profile defined number of passwords are remembered

oval:gov.nist.usgcb.xp:def:19
Minimum password length is the profile defined number of characters

oval:gov.nist.usgcb.xp:def:18
Minimum password age is the profile defined number of days

oval:gov.nist.usgcb.xp:def:205
Retention method for system log

oval:gov.nist.usgcb.xp:def:204
Retention method for security log

oval:gov.nist.usgcb.xp:def:203
This definition tests the retention method for the application log. Possible methods are - overwrite as necessary, do not overwrite, or overwrite events older than X seconds.

oval:gov.nist.usgcb.xp:def:83
Microsoft network server: Amount of idle time required before suspending session

oval:gov.nist.usgcb.xp:def:71
Set message title for users attempting to log on

oval:gov.nist.usgcb.xp:def:70
Set message text for users attempting to log on

oval:gov.nist.usgcb.xp:def:74
Prompt user to change password before expiration

oval:gov.nist.usgcb.xp:def:60
Warn for unsigned driver installation

oval:gov.nist.usgcb.xp:def:62
Digitally encrypt secure channel data (when possible)

oval:gov.nist.usgcb.xp:def:243
This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.xp:def:61
Digitally encrypt or sign secure channel data (always)

oval:gov.nist.usgcb.xp:def:63
Digitally sign secure channel data (when possible)

oval:gov.nist.usgcb.xp:def:66
Require strong (Windows 2000 or later) session key

oval:gov.nist.usgcb.xp:def:65
Maximum machine account password age is profile defined number of days

oval:gov.nist.USGCB.xpfirewall:def:5011
The Windows Firewall: Prohibit unicast response to multicast or broadcast requests setting prevents a computer from receiving unicast responses to its outgoing multicast or broadcast messages. When this policy setting is enabled and the computer sends multicast or broadcast messages to other compute ...

oval:gov.nist.USGCB.xpfirewall:def:5016
Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ...

oval:gov.nist.USGCB.xpfirewall:def:5015
Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ...

oval:gov.nist.USGCB.xpfirewall:def:5014
Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ...

oval:gov.nist.USGCB.xpfirewall:def:5013
The Windows Firewall: Allow local port exceptions setting allows administrators to use the Windows Firewall component in Control Panel to define a local port exceptions list. Windows Firewall can use two port exceptions lists; the other is defined by the Windows Firewall: Define port exceptions poli ...

oval:gov.nist.USGCB.xpfirewall:def:5017
Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ...

oval:gov.nist.USGCB.xpfirewall:def:5000
The Windows Firewall: Protect all network connections setting turns on Windows Firewall, which replaces Internet Connection Firewall on all computers that are running Windows XP SP2. This appendix recommends configuring this setting to Enabled to protect all network connections for computers in all ...

oval:gov.nist.USGCB.xpfirewall:def:5005
This setting allows file and printer sharing by configuring Windows Firewall to open UDP ports 137 and 138 and TCP ports 139 and 445. If you enable this policy setting, Windows Firewall opens these ports so that the computer can receive print jobs and requests for access to shared files. You must sp ...

oval:gov.nist.USGCB.xpfirewall:def:5004
Many organizations take advantage of remote computer administration in their daily operations. However, some attacks have exploited the ports typically used by remote administration programs; Windows Firewall can block these ports. To provide flexibility for remote administration, the Windows Firewa ...

oval:gov.nist.USGCB.xpfirewall:def:5003
The Windows Firewall: Allow local program exceptions setting allows administrators to use the Windows Firewall component in Control Panel to define a local program exceptions list. Disabling this policy setting does not allow administrators to define a local program exceptions list, and ensures that ...

oval:gov.nist.USGCB.xpfirewall:def:5009
Windows Firewall can display notifications to users when a program requests that Windows Firewall add the program to the program exceptions list. This situation occurs when programs attempt to open a port and are not allowed to do so based on current Windows Firewall rules. The Windows Firewall: Pro ...

oval:gov.nist.USGCB.xpfirewall:def:5008
The Windows Firewall: Allow UPnP framework exception setting allows a computer to receive unsolicited Plug and Play messages sent by network devices, such as routers with built-in firewalls. To receive these messages, Windows Firewall opens TCP port 2869 and UDP port 1900. If you enable this policy ...

oval:gov.nist.USGCB.xpfirewall:def:5007
Many organizations use Remote Desktop connections in their normal troubleshooting procedures or operations. However, some attacks have occurred that exploited the ports typically used by Remote Desktop. To provide flexibility for remote administration, the Windows Firewall: Allow Remote Desktop exce ...

oval:gov.nist.USGCB.xpfirewall:def:5006
The Windows Firewall: Allow ICMP exceptions setting defines the set of Internet Control Message Protocol (ICMP) message types that Windows Firewall allows. Utilities can use ICMP messages to determine the status of other computers. For example, Ping uses the echo request message. If you set this pol ...

CPE    1
cpe:/o:microsoft:windows_xp
CCE    583
CCE-2639-3
CCE-3043-7
CCE-2811-8
CCE-5200-1
...
*XCCDF
xccdf_org.secpod_benchmark_nist_windows_xp

© 2013 SecPod Technologies