The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly.
(1) Group(s)
(1) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD
(2) defined by Local or Group Policy
CCE-919
NTFS Media Ejection value (CID:2010)
Devices: Allowed to format and eject removable media: Administrators
3.2.1.10 Devices: Allowed to format and eject removable media
Devices: Allowed to format and eject removeable media Table: 5.12 Value: Administrators or Administrators and interactive users
RestrictAccessToFormatAndEjectRemovableMediaAdministrators, RestrictAccessToFormatAndEjectRemovableMedia
oval:gov.nist.1:def:43, oval:gov.nist.1:def:44
oval:gov.nist.usgcb.xp:def:6029
BITS Shared Assessments SIG v6.0
Jericho Forum
HIPAA/HITECH Act
FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL--
ISO/IEC 27001-2005
COBIT 4.1
GAPP (Aug 2009)
NERC CIP
NIST SP800-53 R3 AC-3
NIST SP800-53 R3 CM-6
NIST SP800-53 R3 CM-7
NIST SP800-53 R3 SC-5
PCIDSS v2.0
FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL--
BITS Shared Assessments AUP v5.0
CCE Version 4.2
2008-02-15
DISA Gold Disk for Windows XP check names
DISA
2006-09-29
5.1.6
Guide to Securing Microsoft
Windows XP
NSA
2003-12-01
Version 1.1
R. Bickel
M. Cook
J. Haney
M. Kerr, DISA
CT01 T. Parker, USN
H. Parkes
Prose(pdf)
Windows XP Professional
Operating System Legacy, Enterprise,
and Specialized Security Benchmark
Consensus Baseline Security Settings
The Center for Internet Security
2004-10-20
Version 1.3
Jeff Shawgo
Sidney Faber
Prose(pdf)
Guidance for Securing Microsoft
Windows XP Systems for IT
Professionals: A NIST Security
Configuration Checklist
NIST
2005-10-01
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Prose(pdf)
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
Murugiah Souppaya
Karen Kent
Paul M. Johnson
Stephen Quinn
Peter Mell
Linda Devlin
XCCDF
SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional
NIST
2006-10-10
OVAL
SCAP Repo OVAL Definition
2012-04-13
BITS Shared Assessments SIG v6.0
2012-10-12
Jericho Forum
2012-10-12
HIPAA/HITECH Act
2012-10-12
ISO/IEC 27001-2005
2012-10-12
COBIT 4.1
2012-10-12
GAPP (Aug 2009)
2012-10-12
NERC CIP
2012-10-12
NIST SP800-53 R3
2012-10-12
PCIDSS v2.0
2012-10-12
BITS Shared Assessments AUP v5.0
2012-10-12