[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96125

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-44238-4

Platform: win10Date: (C)2016-09-23   (M)2017-10-18



Disable: 'Do not allow drive redirection' This policy setting prevents users from sharing the local drives on their client computers to Terminal Servers that they access. Mapped drives appear in the session folder tree in Windows Explorer in the following format: \\TSClient\<driveletter>$ If local drives are shared they are left vulnerable to intruders who want to exploit the data that is stored on them. Counter Measure: Configure the Do not allow drive redirection setting to Enabled. Potential Impact: Drive redirection will not be possible.


Parameter:


Technical Mechanism: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow drive redirection (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDisableCdm

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35414


OVAL    1
oval:org.secpod.oval:def:35414
XCCDF    4
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© 2013 SecPod Technologies