|Paid content will be excluded from the download.
| Matches : 23631
|Ensure No Auditing for 'Audit Policy: DS Access: Detailed Directory Service Replication'
This subcategory reports detailed information about the information replicating between domain controllers. These events can be very high in volume. Events for this subcategory include:
- 4928: An Active Directory replica source naming context was established.
- 4929 : An Active Directory replica sou ...
Disable: 'Enable headless UI mode'
This policy setting allows you to configure whether or not to display AM UI to the users.
If you enable this setting AM UI won't be available to users.
Configure this setting depending on your organization's requirements.
Users are able to access the AM UI during the boot process.
Disable: 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' for AutoAdminLogon
MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)
Do not configure the MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) entry except on highly secure computers, where it should be configured to a value of Disabled.
The possible values for this regis ...
Disable: 'MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic.' for NoDefaultExempt
MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic.
Do not configure the MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering (recommended) entry except on computers that use IPsec filters, where this entr ...
Disable: 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' for SafeDllSearchMode
MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)
Configure the MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) entry to a value of Enabled.
The possible values for this registry entry are:
- 1 or 0. The default configuration for ...
Profile system performance
This policy setting allows users to use tools to view the performance of different system processes, which could be abused to allow attackers to determine a system's active processes and provide insight into the potential attack surface of the computer.
When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or lo ...
Disable: 'Microsoft network client: Digitally sign communications (if server agrees)'
This policy setting determines whether the SMB client will attempt to negotiate SMB packet signing. The implementation of digital signing in Windows-based networks helps to prevent sessions from being hijacked. If you enable this policy setting, the Microsoft network client will use signing only if the server wi ...
Do not preserve zone information in file attachments
This policy setting allows you to manage whether Windows marks file attachments from Internet Explorer or Microsoft Outlook Express with information about their zone of origin (such as restricted, Internet, intranet, or local). This policy setting requires that files be downloaded to NTFS disk partitions to function correctly. If zone informati ...
Disable: 'Network access: Sharing and security model for local accounts' for ForceGuest
This policy setting determines how network logons that use local accounts are authenticated. The Classic option allows precise control over access to resources, including the ability to assign different types of access to different users for the same resource. The Guest only option allows you to treat all user ...
Ensure No Auditing for 'Audit Policy: Object Access: Certification Services'
This subcategory reports when Certification Services operations are performed. Events for this subcategory include:
- 4868: The certificate manager denied a pending certificate request.
- 4869: Certificate Services received a resubmitted certificate request.
- 4870: Certificate Services revoked a certificat ...
Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   2363
© 2013 SecPod Technologies