The "Refuse machine account password change" policy should be set correctly. (1) enabled/disabled (1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\RefusePasswordChange (2) defined by Local or Group Policy CCE-490 Domain controller: Refuse machine account password changes: Not Defined 3.2.1.19(note: different enumeration) Domain Controller: Refuse machine account password changes Domain controller: Refuse machine account password changes Table: 5.19 Value: not defined RefuseMachineAccountPasswordChanges oval:gov.nist.fdcc.xp:def:608242 oval:org.secpod.oval:def:15326 BITS Shared Assessments SIG v6.0 Jericho Forum HIPAA/HITECH Act FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL-- ISO/IEC 27001-2005 COBIT 4.1 GAPP (Aug 2009) NERC CIP NIST SP800-53 R3 AC-3 NIST SP800-53 R3 CM-6 NIST SP800-53 R3 CM-7 NIST SP800-53 R3 SC-5 PCIDSS v2.0 FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL-- BITS Shared Assessments AUP v5.0 CCE Version 4.2 2008-02-15 Guide to Securing Microsoft Windows XP NSA 2003-12-01 Version 1.1 R. Bickel M. Cook J. Haney M. Kerr, DISA CT01 T. Parker, USN H. Parkes Prose(pdf) Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings The Center for Internet Security 2004-10-20 Version 1.3 Jeff Shawgo Sidney Faber Prose(pdf) Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist NIST 2005-10-01 Murugiah Souppaya Karen Kent Paul M. Johnson Prose(pdf) FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (XCCDF Benchmark) NIST 2008-01-10 XCCDF FDCC: Guidance for Securing Microsoft Windows XP Systems for IT Professional (OVAL Definitions) NIST 2008-01-10 OVAL SCAP Repo OVAL Definition 2013-09-05 BITS Shared Assessments SIG v6.0 2012-10-12 Jericho Forum 2012-10-12 HIPAA/HITECH Act 2012-10-12 ISO/IEC 27001-2005 2012-10-12 COBIT 4.1 2012-10-12 GAPP (Aug 2009) 2012-10-12 NERC CIP 2012-10-12 NIST SP800-53 R3 2012-10-12 PCIDSS v2.0 2012-10-12 BITS Shared Assessments AUP v5.0 2012-10-12