[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85475

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

Force shutdown from a remote system

ID: oval:org.secpod.oval:def:40263Date: (C)2017-04-25   (M)2018-04-10
Class: COMPLIANCEFamily: windows




This policy setting allows users to shut down Windows Vista -based computers from remote locations on the network. Anyone who has been assigned this user right can cause a denial of service (DoS) condition, which would make the computer unavailable to service user requests. Therefore, Microsoft recommends that only highly trusted administrators be assigned this user right. When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers. Vulnerability: Any user who can shut down a computer could cause a DoS condition to occur. Therefore, this user right should be tightly restricted. Counter Measure: Restrict the Force shutdown from a remote system user right to members of the Administrators group or other specifically assigned roles that require this capability (such as non-administrative operations center staff). Potential Impact: If you remove the Force shutdown from a remote system user right from the Server Operator group you could limit the abilities of users who are assigned to specific administrative roles in your environment. You should confirm that delegated activities will not be adversely affected. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Force shutdown from a remote system (2) REG: NO INFO

Platform:
Microsoft Windows Server 2016
Reference:
CCE-44650-0
CPE    1
cpe:/o:microsoft:windows_server_2016:::x64
CCE    1
CCE-44650-0
XCCDF    5
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2016
...

© SecPod Technologies