[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode

ID: oval:org.secpod.oval:def:22797Date: (C)2015-01-07   (M)2018-07-10
Class: COMPLIANCEFamily: windows




This policy setting controls the behavior of the elevation prompt for administrators. The options are: - Elevate without prompting: Allows privileged accounts to perform an operation that requires elevation without requiring consent or credentials. Note: Use this option only in the most constrained environments. - Prompt for credentials on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a privileged user name and password. If the user enters valid credentials, the operation continues with the user's highest available privilege. - Prompt for consent on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege. - Prompt for credentials: When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege. - Prompt for consent: When an operation requires elevation of privilege, the user is prompted to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege. - Prompt for consent for non-Windows binaries: (Default) When an operation for a non-Microsoft application requires elevation of privilege, the user is prompted on the secure desktop to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege. This policy setting controls the behavior of the elevation prompt for administrators on computers running Windows 7, Windows Server 2008 R2, and later versions of Windows. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode (2) REG: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System!ConsentPromptBehaviorAdmin

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-37029-6
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-37029-6
XCCDF    7
xccdf_org.secpod_benchmark_PCI_Windows_2012_R2
xccdf_org.secpod_benchmark_general_Windows_2012_R2
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_ISO27001_Windows_2012_R2
...

© SecPod Technologies