The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly.
(1) enabled/disabled
(1) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel
(2) defined by Local or Group Policy
CCE-410
Recovery Console Autologon value (CID:117)
Recovery console: Allow automatic administrative logon: Disabled
3.2.1.51 Recovery Console: Allow Automatic Administrative Logon
Recovery console: Allowautomatic administrativelogon Table: 5.59 Value: disabled
RecoveryConsoleAutoLogon
oval:gov.nist.1:def:101
RecoveryConsoleAutoLogon
oval:gov.nist.fdcc.xp:def:101
oval:gov.nist.usgcb.xp:def:101
BITS Shared Assessments SIG v6.0
Jericho Forum
HIPAA/HITECH Act
FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--
ISO/IEC 27001-2005
COBIT 4.1
GAPP (Aug 2009)
NERC CIP
NIST SP800-53 R3 AC-3
NIST SP800-53 R3 CM-6
NIST SP800-53 R3 CM-7
NIST SP800-53 R3 SC-5
PCIDSS v2.0
FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--
BITS Shared Assessments AUP v5.0
CCE Version 4.2
2008-02-15
DISA Gold Disk for Windows XP check names
DISA
2006-09-29
5.1.6
Guide to Securing Microsoft
Windows XP
NSA
2003-12-01
Version 1.1
R. Bickel
M. Cook
J. Haney
M. Kerr, DISA
CT01 T. Parker, USN
H. Parkes
Prose(pdf)
Windows XP Professional
Operating System Legacy, Enterprise,
and Specialized Security Benchmark
Consensus Baseline Security Settings
The Center for Internet Security
2004-10-20
Version 1.3
Jeff Shawgo
Sidney Faber
Prose(pdf)
Guidance for Securing Microsoft
Windows XP Systems for IT
Professionals: A NIST Security
Configuration Checklist
NIST
2005-10-01
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Prose(pdf)
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Stephen Quinn
Peter Mell
Linda Devlin
XCCDF
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
OVAL
FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (XCCDF Benchmark)
NIST
2008-01-10
XCCDF
FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (OVAL Definitions)
NIST
2008-01-10
OVAL
SCAP Repo OVAL Definition
2012-04-13
BITS Shared Assessments SIG v6.0
2012-10-12
Jericho Forum
2012-10-12
HIPAA/HITECH Act
2012-10-12
ISO/IEC 27001-2005
2012-10-12
COBIT 4.1
2012-10-12
GAPP (Aug 2009)
2012-10-12
NERC CIP
2012-10-12
NIST SP800-53 R3
2012-10-12
PCIDSS v2.0
2012-10-12
BITS Shared Assessments AUP v5.0
2012-10-12