[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-43438-1

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-07



Back up files and directories This policy setting allows users to circumvent file and directory permissions to back up the system. This user right is enabled only when an application (such as NTBACKUP) attempts to access a file or directory through the NTFS file system backup application programming interface (API). Otherwise, the assigned file and directory permissions apply. When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers. Counter Measure: Restrict the Back up files and directories user right to members of the IT team who need to be able to back up organizational data as part of their day-to-day job responsibilities. If you are using backup software that runs under specific service accounts, only these accounts (and not the IT staff) should have the Back up files and directories user right. Potential Impact: Changes in the membership of the groups that have the Back up files and directories user right could limit the abilities of users who are assigned to specific administrative roles in your environment. You should confirm that authorized backup administrators are still able to perform backup operations.


Parameter:

[list_of_users_followed_by_comma]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesUser Rights AssignmentBack up files and directories (2) REG: ### (3) WMI: root sopcomputer RSOP_UserPrivilegeRight AccountList UserRight='SeBackupPrivilege' and precedence=1

CCSS Severity:CCSS Metrics:
CCSS Score : 6.8Attack Vector: NETWORK
Exploit Score: 1.6Attack Complexity: HIGH
Impact Score: 5.2Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:NScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: NONE
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:36560


OVAL    1
oval:org.secpod.oval:def:36560
XCCDF    4
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© SecPod Technologies