[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-34173-5

Platform: cpe:/o:microsoft:windows_8.1Date: (C)2015-10-14   (M)2023-07-04



Deny access to this computer from the network This policy setting prohibits users from connecting to a computer from across the network, which would allow users to access and potentially modify data remotely. In high security environments, there should be no need for remote users to access data on a computer. Instead, file sharing should be accomplished through the use of network servers. When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers. Windows 8.1 and Windows Server 2012 R2 introduces a new pseudo group called ?Local Account? that any local-account logon gets in its token and that has been backported to Windows 7 and Window Server 2008 R2 and later versions that have KB 2871997 installed. Guests and Local Account should be denied network logon. Also, the Enterprise Admins and Domain Admins groups should also be denied all access on all clients and servers except for Domain Controllers and dedicated administrative workstations. Note The Enterprise Admins and Domain Admins groups are domain-specific and cannot be specified in generic baselines such as those in SCM. These must be manually added to the Group Policy setting.


Parameter:

[list of users followed by comma]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesUser Rights Assignment!Deny access to this computer from the network (2) WMI: root sopcomputer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeDenyNetworkLogonRight' and precedence=1

CCSS Severity:CCSS Metrics:
CCSS Score : 5.6Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 3.4Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:LScope: UNCHANGED
 Confidentiality: LOW
 Integrity: LOW
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:22424


OVAL    1
oval:org.secpod.oval:def:22424
XCCDF    8
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_8_1
xccdf_org.secpod_benchmark_ISO27001_Windows_8_1
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_8_1
xccdf_org.secpod_benchmark_PCI_3_2_Windows_8_1
...

© SecPod Technologies