|Paid content will be excluded from the download.
| Matches : 23631
|Create global objects
This policy setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they do not have this user right
Users who can create global objects could affect processes that run under other users' sessions. This capability could lead to a variety of problems, such as applic ...
Disable: 'Choose how BitLocker-protected removable drives can be recovered' for RDVRecovery
This policy setting allows you to control how BitLocker-protected removable data drives are recovered in the absence of the required credentials. This policy setting is applied when you turn on BitLocker.
The "Allow data recovery agent" check box is used to specify whether a data recovery agent can be ...
Disable: 'Windows Firewall: Public: Inbound connections'
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.
Configure this setting to block inbound connections by default.
None, this is the ...
Specify the 'MSS: (KeepAliveTime) How often keep-alive packets are sent' in milliseconds for KeepAliveTime
MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds
Configure the MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds (300,000 is recommended) entry to a value of 300000 or 5 minutes.
The possible values for this re ...
Ensure No Auditing for 'Audit Policy: Account Logon: Credential Validation'
This subcategory reports the results of validation tests on credentials submitted for a user account logon request. These events occur on the computer that is authoritative for the credentials. For domain accounts, the domain controller is authoritative, whereas for local accounts, the local computer is authoritative. In ...
Select the 'Enforce drive encryption type on fixed data drives' for FDVEncryptionType to allow_user_to_choose
This policy setting allows you to configure the encryption type used by BitLocker Drive Encryption. This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose full encrypti ...
Ensure No Auditing for 'Audit Policy: Logon-Logoff: IPsec Quick Mode'
This subcategory reports the results of IKE protocol and AuthIP during Quick Mode negotiations.
- 4654: An IPsec Quick Mode negotiation failed. Events for this subcategory include:
- 4977: During Quick Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network i ...
Ensure No Auditing for 'Audit Policy: Logon-Logoff: IPsec Main Mode'
This subcategory reports the results of Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Main Mode negotiations. Events for this subcategory include:
- 4646: IKE DoS-prevention mode started.
- 4650: An IPsec Main Mode security association was established. Extended Mode was not enab ...
Disable: 'Windows Firewall: Domain: Apply local connection security rules'
This setting controls whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy.
Disable this setting to override firewall rules created locally by administrators.
If you con ...
Disable: 'Network Security: Configure encryption types allowed for Kerberos' for SupportedEncryptionTypes
This policy setting allows you to set the encryption types that Kerberos is allowed to use.
This policy is supported on at least Windows 7 or Windows Server 2008 R2.
Restrict the allowed encryption types to match your organization's policies.
Potential Impac ...
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2363
© 2013 SecPod Technologies