The required permissions for the file %SystemRoot%\System32\cacls.exe should be assigned.
(1) set of accounts
(2) list of permissions
(3) applicability
(1) defined by the object's DACL
CCE-977
cacls.exe ACL (CID:2005)
4.4.1.4 %SystemRoot%\system32\cacls.exe
%SystemRoot%\System32\cacls.exe Table: 9.4 Value: Administrators: Full System: Full
cacls.exePermissions
oval:gov.nist.1:def:131
cacls.exePermissions
oval:gov.nist.fdcc.xp:def:131
oval:gov.nist.usgcb.xp:def:131
BITS Shared Assessments SIG v6.0
Jericho Forum
HIPAA/HITECH Act
FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--
ISO/IEC 27001-2005
COBIT 4.1
GAPP (Aug 2009)
NERC CIP
NIST SP800-53 R3 AC-3
NIST SP800-53 R3 CM-6
PCIDSS v2.0
FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--
BITS Shared Assessments AUP v5.0
CCE Version 4.2
2008-02-15
DISA Gold Disk for Windows XP check names
DISA
2006-09-29
5.1.6
Windows XP Professional
Operating System Legacy, Enterprise,
and Specialized Security Benchmark
Consensus Baseline Security Settings
The Center for Internet Security
2004-10-20
Version 1.3
Jeff Shawgo
Sidney Faber
Prose(pdf)
Guidance for Securing Microsoft
Windows XP Systems for IT
Professionals: A NIST Security
Configuration Checklist
NIST
2005-10-01
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Prose(pdf)
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Stephen Quinn
Peter Mell
Linda Devlin
XCCDF
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
OVAL
FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (XCCDF Benchmark)
NIST
2008-01-10
XCCDF
FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (OVAL Definitions)
NIST
2008-01-10
OVAL
SCAP Repo OVAL Definition
2012-04-13
BITS Shared Assessments SIG v6.0
2012-10-12
Jericho Forum
2012-10-12
HIPAA/HITECH Act
2012-10-12
ISO/IEC 27001-2005
2012-10-12
COBIT 4.1
2012-10-12
GAPP (Aug 2009)
2012-10-12
NERC CIP
2012-10-12
NIST SP800-53 R3
2012-10-12
PCIDSS v2.0
2012-10-12
BITS Shared Assessments AUP v5.0
2012-10-12