[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111749

 
 

909

 
 

87255

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Restore files and directories

ID: oval:org.secpod.oval:def:36543Date: (C)2016-08-05   (M)2018-07-10
Class: COMPLIANCEFamily: windows




This security setting determines which users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories, and determines which users can set any valid security principal as the owner of an object. Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system: Traverse Folder/Execute File Write Caution Assigning this user right can be a security risk. Since users with this user right can overwrite registry settings, hide data, and gain ownership of system objects, only assign this user right to trusted users. Default: Workstations and servers: Administrators, Backup Operators. Domain controllers: Administrators, Backup Operators, Server Operators. Counter Measure: Ensure that only the local Administrators group is assigned the Restore files and directories user right, unless your organization has clearly defined roles for backup and for restore personnel. Potential Impact: If you remove the Restore files and directories user right from the Backup Operators group and other accounts you could make it impossible for users who have been delegated specific tasks to perform those tasks. You should verify that this change won't negatively affect the ability of your organization's personnel to do their jobs. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Restore files and directories (2) REG: ### (3) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeRestorePrivilege' and precedence=1

Platform:
Microsoft Windows 10
Reference:
CCE-42133-9
CCE    1
CCE-42133-9
XCCDF    4
xccdf_org.secpod_benchmark_general_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
...

© SecPod Technologies