[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-42778-1

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-14



Reset account lockout counter after This policy setting determines the length of time before the Account lockout threshold resets to zero. The default value for this policy setting is Not Defined. If the Account lockout threshold is defined, this reset time must be less than or equal to the value for the Account lockout duration setting. If you leave this policy setting at its default value or configure the value to an interval that is too long, your environment could be vulnerable to a DoS attack. An attacker could maliciously perform a number of failed logon attempts on all users in the organization, which will lock out their accounts. If no policy were determined to reset the account lockout, it would be a manual task for administrators. Conversely, if a reasonable time value is configured for this policy setting, users would be locked out for a set period until all of the accounts are unlocked automatically. Counter Measure: Configure the Reset account lockout counter after setting to 15 minutes. Potential Impact: If you do not configure this policy setting or if the value is configured to an interval that is too long, a DoS attack could occur. An attacker could maliciously attempt to log on to each user's account numerous times and lock out their accounts as described in the preceding paragraphs. If you do not configure the Reset account lockout counter after setting, administrators would have to manually unlock all accounts. If you configure this policy setting to a reasonable value the users would be locked out for some period, after which their accounts would unlock automatically. Be sure that you notify users of the values used for this policy setting so that they will wait for the lockout timer to expire before they call the help desk about their inability to log on.


Parameter:

[30/15]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsAccount PoliciesAccount Lockout PolicyReset account lockout counter after (2) REG: ### (3) WMI: root sopcomputer RSOP_SecuritySettingNumeric Setting KeyName='ResetLockoutCount' And precedence=1

CCSS Severity:CCSS Metrics:
CCSS Score : 5.9Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 3.6Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HScope: UNCHANGED
 Confidentiality: NONE
 Integrity: NONE
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:36554


OVAL    1
oval:org.secpod.oval:def:36554
XCCDF    3
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10

© SecPod Technologies