Automatic Logon should be properly configured.
(1) enabled/disabled
(1) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon
CCE-283
Admin Autologon password values not exist: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword; Admin Autologon Value: HKEY_LOCAL_MACHINE\*\AutoAdminLogon (CIS:188, 189)
Interactive logon: Allow Automatic Administator Logon - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon = 0
3.2.2.6 Disable Automatic Logon
MSS: (AutoAdminLogon)Enable Automatic Logon Table: 5.70 Value: disabled
AutomaticLogonDisabled
oval:gov.nist.1:def:110
AutomaticLogonDisabled
oval:gov.nist.fdcc.xp:def:110
oval:gov.nist.usgcb.xp:def:110
BITS Shared Assessments SIG v6.0
Jericho Forum
HIPAA/HITECH Act
FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--
ISO/IEC 27001-2005
COBIT 4.1
GAPP (Aug 2009)
NERC CIP
NIST SP800-53 R3 AC-3
NIST SP800-53 R3 CM-6
NIST SP800-53 R3 CM-7
NIST SP800-53 R3 IA-2
NIST SP800-53 R3 SC-5
PCIDSS v2.0
FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--
BITS Shared Assessments AUP v5.0
CCE Version 4.2
2008-02-15
DISA Gold Disk for Windows XP check names
DISA
2006-09-29
5.1.6
Guide to Securing Microsoft
Windows XP
NSA
2003-12-01
Version 1.1
R. Bickel
M. Cook
J. Haney
M. Kerr, DISA
CT01 T. Parker, USN
H. Parkes
Prose(pdf)
Windows XP Professional
Operating System Legacy, Enterprise,
and Specialized Security Benchmark
Consensus Baseline Security Settings
The Center for Internet Security
2004-10-20
Version 1.3
Jeff Shawgo
Sidney Faber
Prose(pdf)
Guidance for Securing Microsoft
Windows XP Systems for IT
Professionals: A NIST Security
Configuration Checklist
NIST
2005-10-01
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Prose(pdf)
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Stephen Quinn
Peter Mell
Linda Devlin
XCCDF
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
OVAL
FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (XCCDF Benchmark)
NIST
2008-01-10
XCCDF
FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (OVAL Definitions)
NIST
2008-01-10
OVAL
SCAP Repo OVAL Definition
2012-04-13
BITS Shared Assessments SIG v6.0
2012-10-12
Jericho Forum
2012-10-12
HIPAA/HITECH Act
2012-10-12
ISO/IEC 27001-2005
2012-10-12
COBIT 4.1
2012-10-12
GAPP (Aug 2009)
2012-10-12
NERC CIP
2012-10-12
NIST SP800-53 R3
2012-10-12
PCIDSS v2.0
2012-10-12
BITS Shared Assessments AUP v5.0
2012-10-12