|Paid content will be excluded from the download.
| Matches : 23631
|MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)
The registry value entry PerformRouterDiscovery was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\ registry key. The entry appears as MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (coul ...
Log on as a batch job
This policy setting allows accounts to log on using the task scheduler service. Because the task scheduler is often used for administrative purposes, it may be needed in enterprise environments. However, its use should be restricted in high security environments to prevent misuse of system resources or to prevent attackers from using the right to launch malicious code after ...
Modify firmware environment values
This policy setting allows users to configure the system-wide environment variables that affect hardware configuration. This information is typically stored in the Last Known Good Configuration. Modification of these values and could lead to a hardware failure that would result in a denial of service condition.
When configuring a user right in the SCM enter a c ...
Audit Policy: System: Security State Change
This subcategory reports changes in security state of the system, such as when the security subsystem starts and stops. Events for this subcategory include:
? 4608: Windows is starting up.
? 4609: Windows is shutting down.
? 4616: The system time was changed.
? 4621: Administrator recovered system from CrashOnAuditFail. Users who are not administrato ...
Audit Policy: Detailed Tracking: Process Termination
This subcategory reports when a process terminates. Events for this subcategory include:
? 4689: A process has exited.
Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226.
Audit Policy: Object Access: Filtering Platform Connection
This subcategory reports when connections are allowed or blocked by WFP. These events can be high in volume. Events for this subcategory include:
? 5031: The Windows Firewall Service blocked an application from accepting incoming connections on the network.
? 5154: The Windows Filtering Platform has permitted an application or service to ...
Windows Firewall: Domain: Inbound connections
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.
Network access: Do not allow storage of passwords and credentials for network authentication
This policy setting determines whether the Stored User Names and Passwords feature may save passwords or credentials for later use when it gains domain authentication. If you enable this policy setting, the Stored User Names and Passwords feature of Windows does not store passwords and credentials.
Allow unencrypted traffic
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service sends and receives unencrypted messages over the network.
If you enable this policy setting, the WinRM client sends and receives unencrypted messages over the network.
If you disable or do not configure this policy setting, the WinRM client sends or receives only encrypted me ...
Interactive logon: Display user information when the session is locked
This policy setting determines whether the account name of the last user to log on to the client computers in your organization can display in each computer's respective Windows logon screen. If you enable this policy setting, intruders cannot collect account names visually from the screens of desktop or laptop computers in y ...
Pages:      Start    13    14    15    16    17    18    19    20    21    22    23    24    25    26    ..   2363
© 2013 SecPod Technologies