Download
| Alert*
oval:gov.nist.usgcb.vista:def:8034
Auditing of "Policy Change: Audit Policy Change" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8020 Auditing of "Logon/Logoff: Logon" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8008 Auditing of "Detailed Tracking: Process Creation" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14483 The "Maximum Service Ticket Litfetime" policy should be set correctly. oval:org.secpod.oval:def:14457 Domain Profile: 'Allow Remote Desktop exception' (SP2 only) oval:org.secpod.oval:def:14450 The 'Windows Firewall: Prohibit notifications' setting should be configured correctly for the Standard Profile. oval:org.secpod.oval:def:14462 The 'TCP/IP PMTU Discovery' should be properly configured. oval:org.secpod.oval:def:14459 Standard Profile: 'Define port exceptions' (SP2 only) oval:gov.nist.usgcb.vista:def:6106 Determines if an anonymous user can request security identifier (SID) attributes for another user. oval:org.secpod.oval:def:14377 The 'restrict guest access to security log' policy should be set correctly. oval:org.secpod.oval:def:14385 The 'restrict guest access to system log' policy should be set correctly. oval:org.secpod.oval:def:14400 The 'Turn off Untrusted Content' setting should be configured correctly. oval:org.secpod.oval:def:14436 Standard Profile: 'Do not allow exceptions '(SP2 only) oval:org.secpod.oval:def:14433 Standard Profile: 'Protect all network connections' (SP2 only) oval:org.secpod.oval:def:14444 Standard Profile: 'Allow Remote Desktop exception' (SP2 only) oval:org.secpod.oval:def:14437 Standard Profile: 'Allow remote administration exception' (SP2 only) oval:org.secpod.oval:def:14406 Domain Profile: 'Allow remote administration' oval:org.secpod.oval:def:14405 The 'restrict guest access to application log' policy should be set correctly. oval:org.secpod.oval:def:14542 The 'Unsigned Driver Installation Behavior' policy should be set correctly. oval:org.secpod.oval:def:14545 The 'Windows Firewall inbound program exceptions list' should be set appropriately for the Domain Profile. oval:org.secpod.oval:def:14422 The 'Prevent IIS Installation' setting should be configured correctly. oval:org.secpod.oval:def:14536 The Windows Firewall 'Windows Firewall: Define inbound program exceptions' policy should be enabled or disabled as appropriate for the Domain Profile. oval:org.secpod.oval:def:14414 Auditing of 'system' events on failure should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:6667 Allow remote access to the PnP interface oval:gov.nist.usgcb.vista:def:8005 Auditing of "Account Management: Security Group Management" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8006 Auditing of "Account Management: User Account Management" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6071 Network access: Do not allow anonymous enumeration of SAM accounts and shares oval:gov.nist.usgcb.vista:def:6122 This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor. oval:gov.nist.usgcb.vista:def:6036 Domain member: Disable machine account password changes oval:gov.nist.usgcb.vista:def:6022 The built-in Administrator account should be correctly named. oval:org.secpod.oval:def:14485 Auditing of 'Account Management: Application Group Management' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14498 Auditing of 'Object Access: Kernel Object' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6065 MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended) oval:org.secpod.oval:def:14530 Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14496 Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14470 Auditing of 'Privilege Use: Privilege Use: Other Privilege Use Events' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8088 Switch to the secure desktop when prompting for elevation oval:gov.nist.usgcb.vista:def:6694 Turn on session logging oval:gov.nist.usgcb.vista:def:116 MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering oval:org.secpod.oval:def:14382 The 'Interactive logon: Requre smart card' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6638 The "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6566 RPC Endpoint Mapper Client Authentication oval:org.secpod.oval:def:14525 Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6075 Network access: Remotely accessible registry paths oval:gov.nist.usgcb.vista:def:6004 This policy setting checks all new password to ensure that they meet basic requirements for strong password. oval:org.secpod.oval:def:14458 The MSS:(TCPMaxConnectResponseRetransmission) 'SYN-ACK retansmissions' when a connection request is not acknowledged oval:gov.nist.usgcb.vista:def:8089 Virtualize file and registry write failures to per-user locations oval:gov.nist.usgcb.vista:def:6003 This policy setting determines the number of days that you must use a password before you can change it. oval:gov.nist.usgcb.vista:def:6053 Microsoft network server: Disconnect clients when logon hours expire oval:gov.nist.usgcb.vista:def:6063 MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended) oval:gov.nist.usgcb.vista:def:6609 The "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6563 Offer Remote Assistance oval:gov.nist.usgcb.vista:def:6607 The "Access this computer from the network (SeNetworkLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6047 Microsoft network client: Digitally sign communications (always) oval:org.secpod.oval:def:14417 Auditing of 'object access' events on failure should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:6104 System objects: Require case insensitivity for non-Windows subsystems oval:org.secpod.oval:def:14393 The 'when maximum log size is reached' property should be set correctly for the System log. oval:gov.nist.usgcb.vista:def:6097 Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers oval:gov.nist.usgcb.vista:def:6026 Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings oval:gov.nist.usgcb.vista:def:6068 MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) oval:gov.nist.usgcb.vista:def:6648 Administrators may manage the auditing and security log oval:org.secpod.oval:def:14500 Auditing of 'Logon/Logoff: IPsec Quick Mode' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6669 Do not send a Windows Error Report when a generic driver is installed on a device oval:gov.nist.usgcb.vista:def:6005 This policy setting determines whether the operating system stores passwords in a way that uses reversible encryption, which provides support for application protocols that require knowledge of the user's password for authentication purposes. oval:gov.nist.usgcb.vista:def:6616 The "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:14378 The 'TCP/IP SYN Flood Attack Protection' should be properly configured. oval:org.secpod.oval:def:14374 Auditing of 'privilege use' events on success should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:14404 The 'Log Access For Setup Log' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6647 The log-on-as-a-service user right should be assigned to the correct accounts. oval:org.secpod.oval:def:14499 Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:7708 Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ... oval:org.secpod.oval:def:14411 The 'when maximum log size is reached' property should be set correctly for the Security log. oval:gov.nist.usgcb.vista:def:6049 Microsoft network client: Send unencrypted password to third-party SMB servers oval:gov.nist.usgcb.vista:def:6095 Network Security: LDAP client signing requirements oval:org.secpod.oval:def:14528 Auditing of 'Object Access: File Share' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6050 Microsoft network server: Amount of idle time required before suspending session oval:gov.nist.usgcb.vista:def:8026 Auditing of "Object Access: File System" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6634 The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6094 Network Security: LAN Manager Authentication Level oval:org.secpod.oval:def:14532 Auditing of 'Policy Change: MPSSVC Rule-Level Policy Change' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14527 Auditing of 'Object Access: Other Object Access Events' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14505 Auditing of 'Object Access: Handle Manipulation' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14451 The 'Display user information when the session is locked' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6101 Shutdown: Clear Virtual Memory Pagefile oval:gov.nist.usgcb.vista:def:8084 Detect application installations and prompt for elevation oval:gov.nist.usgcb.vista:def:6059 MSS: (KeepAliveTime)How often keep-alive packets are sent in milliseconds oval:org.secpod.oval:def:14534 The 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies' setting should be configured properly. oval:gov.nist.usgcb.vista:def:6654 The "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6023 The built-in Guest account should be correctly named. oval:gov.nist.usgcb.vista:def:6002 This policy setting defines how long a user can use their password before it expires. oval:gov.nist.usgcb.vista:def:6027 Audit: Shut down system immediately if unable to log security audits oval:org.secpod.oval:def:14396 Auditing of 'logon' events on failure should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:8035 Auditing of "Policy Change: Authentication Policy Change" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6072 Network access: Do not allow storage of credentials or .NET Passports for network authentication oval:gov.nist.usgcb.vista:def:6054 MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) oval:gov.nist.usgcb.vista:def:6064 MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) oval:gov.nist.usgcb.vista:def:8081 Admin Approval Mode for the Built-in Administrator account oval:gov.nist.usgcb.vista:def:6074 Network access: Named Pipes that can be accessed anonymously oval:org.secpod.oval:def:14381 Auditing of 'policy change' events on success should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:6613 The "Allow log on locally" setting should be configured correctly. oval:org.secpod.oval:def:14398 Auditing of 'process tracking' events on success should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:14543 Disable 'saving of dial-up passwords' should be properly configured. oval:gov.nist.usgcb.vista:def:6625 The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8002 Auditing of "Account Management: Computer Account Management" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6096 Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients oval:org.secpod.oval:def:14440 The 'Windows Firewall: Prohibit notifications' setting should be configured correctly for the Domain Profile. oval:org.secpod.oval:def:14547 The 'CD Burning features in Windows Explorer' should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6030 Devices: Prevent users from installing printer drivers oval:gov.nist.usgcb.vista:def:6114 If this setting is enabled Windows Error Reporting events will not be logged to the system event log. oval:org.secpod.oval:def:14501 Auditing of 'DS Access: Directory Service Access' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6658 The "Synchronize directory service data" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8019 Auditing of "Logon/Logoff: Logoff" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6070 Network access: Do not allow anonymous enumeration of SAM accounts oval:gov.nist.usgcb.vista:def:6119 Turn off shell protocol protected mode oval:gov.nist.usgcb.vista:def:6504 Notify antivirus programs when opening attachments oval:gov.nist.usgcb.vista:def:6006 This policy setting determines the least number of characters that make up a password for a user account. oval:gov.nist.usgcb.vista:def:6626 The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6726 You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min) oval:gov.nist.usgcb.vista:def:6565 Restrictions for Unauthenticated RPC clients oval:gov.nist.usgcb.vista:def:6599 Always prompt client for password upon connection oval:gov.nist.usgcb.vista:def:6126 Prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet). When enabled, Windows Media DRM is prevented from accessing the Internet (or intranet) for license acquisition and security upgrades. oval:org.secpod.oval:def:14401 The 'System availability to Master Browser' should be properly configured. oval:gov.nist.usgcb.vista:def:6624 The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8043 Auditing of "System: Ipsec Driver" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14425 The 'Outlook Express attachment blocking' is set correctly. oval:gov.nist.usgcb.vista:def:6641 The "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8087 Run all administrators in Admin Approval Mode oval:gov.nist.usgcb.vista:def:6640 The "Impersonate a client after authentication" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6653 The "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6025 Audit: Audit the use of Backup and Restore privilege oval:org.secpod.oval:def:14478 Auditing of 'Logon/Logoff: IPsec Extended Mode' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14389 The 'when maximum log size is reached' property should be set correctly for the Application log. oval:gov.nist.usgcb.vista:def:6651 The "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6021 Accounts: Limit local account use to blank passwords to console logon only oval:gov.nist.usgcb.vista:def:6105 System objects: Strengthen default permissions of internal system objects oval:gov.nist.usgcb.vista:def:6079 Network access: Sharing and security model for local accounts oval:org.secpod.oval:def:14487 Auditing of 'Object Access: Certification Services' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14511 Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6621 The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6657 The "Shut down the system (SeShutdownPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6100 Shutdown: Allow System to be Shut Down Without Having to Log On oval:gov.nist.usgcb.vista:def:6061 MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers oval:gov.nist.usgcb.vista:def:6037 Domain member: Maximum machine account password age oval:gov.nist.usgcb.vista:def:6633 The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6069 MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning oval:gov.nist.usgcb.vista:def:6062 MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended) oval:gov.nist.usgcb.vista:def:6575 Enumerate administrator accounts on elevation oval:gov.nist.usgcb.vista:def:6639 The "Generate security audits (SeAuditPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8032 Auditing of "Object Access: Registry" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6024 Audit the access of global system objects is disabled oval:gov.nist.usgcb.vista:def:6080 Network security: Do not store LAN Manager hash value on next password change oval:gov.nist.usgcb.vista:def:8004 Auditing of "Account Management: Other Account Management Events" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6714 Prompt for password on resume from hibernate / suspend oval:gov.nist.usgcb.vista:def:6612 The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8047 Auditing of "System: System Integrity" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8086 Only elevate UIAccess applications that are installed in secure locations oval:gov.nist.usgcb.vista:def:6102 System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing oval:gov.nist.usgcb.vista:def:6055 MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) oval:org.secpod.oval:def:14535 The 'System cryptography: Force strong key protection for user keys stored on the computer' policy should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6039 Interactive logon: Do not display last user name oval:gov.nist.usgcb.vista:def:8042 Sensitive Privilege Use oval:org.secpod.oval:def:14482 Auditing of 'DS Access: Detailed Directory Service Replication' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6001 This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password. oval:gov.nist.usgcb.vista:def:6031 Devices: Restrict CD-ROM access to locally logged-on user only oval:gov.nist.usgcb.vista:def:8022 Auditing of "Logon/Logoff: Special Logon" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6644 The "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6073 Network access: Let Everyone permissions apply to anonymous users oval:org.secpod.oval:def:14466 Auditing of 'Account Management: Distribution Group Management' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14429 Logon - 'Do not process the legacy run' list oval:gov.nist.usgcb.vista:def:6057 MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes oval:org.secpod.oval:def:14480 Auditing of 'Object Access: SAM' events on success should be enabled or disabled as appropriate. oval:gov.nist.USGCB.vistafirewall:def:6411 The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Private Profile. oval:gov.nist.USGCB.vistafirewall:def:6412 The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Private Profile. oval:gov.nist.USGCB.vistafirewall:def:6413 The log file path and name for the Windows Firewall should be configured correctly for the Private Profile. oval:gov.nist.USGCB.vistafirewall:def:6414 The log file size limit for the Windows Firewall should be configured correctly for the Private Profile. oval:gov.nist.USGCB.vistafirewall:def:6401 The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Domain Profile. oval:gov.nist.USGCB.vistafirewall:def:6402 The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Domain Profile. oval:gov.nist.USGCB.vistafirewall:def:6403 Domain Profile: The log file path and name for the Windows Firewall should be configured correctly for the Domain Profile. oval:gov.nist.USGCB.vistafirewall:def:6404 The log file size limit for the Windows Firewall should be configured correctly for the Domain Profile. oval:gov.nist.USGCB.vistafirewall:def:6515 Firewall state - Domain Profile oval:gov.nist.USGCB.vistafirewall:def:6421 The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Public Profile. oval:gov.nist.USGCB.vistafirewall:def:6422 The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Public Profile. oval:gov.nist.USGCB.vistafirewall:def:6423 The log file path and name for the Windows Firewall should be configured correctly for the Public Profile. oval:gov.nist.USGCB.vistafirewall:def:6424 The log file size limit for the Windows Firewall should be configured correctly for the Public Profile. oval:gov.nist.usgcb.vista:def:6652 The "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6098 Recovery Console: Allow Automatic Administrative Logon oval:org.secpod.oval:def:14508 Auditing of 'Policy Change: Other Policy Change Events' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14452 Access to 'registry editing tools' is set correctly. oval:gov.nist.usgcb.vista:def:6081 Network security: Force logoff when logon hours expire oval:gov.nist.usgcb.vista:def:6077 Network access: Restrict anonymous access to Named Pipes and Shares oval:gov.nist.usgcb.vista:def:6725 This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min) oval:gov.nist.usgcb.vista:def:6630 The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6045 Interactive logon: Require Domain Controller authentication to unlock workstation oval:gov.nist.usgcb.vista:def:6121 Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer. oval:org.secpod.oval:def:14442 The 'DCOM: Machine access Restrictions in Security Descriptor Definition Language (SDDL) syntax' setting should be configured correctly. oval:org.secpod.oval:def:14426 Auditing of 'directory service access' events on failure should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:6044 Interactive logon: Prompt user to change password before expiration oval:org.secpod.oval:def:14424 The 'security log maximum size' should be configured correctly. oval:gov.nist.usgcb.vista:def:6043 Interactive logon: Number of previous logons to cache (in case domain controller is not available) oval:org.secpod.oval:def:14464 The setup 'log maximum size' should be configured correctly. oval:gov.nist.usgcb.vista:def:6032 Devices: Restrict Floppy access to locally logged-on user only oval:org.secpod.oval:def:14407 The 'system log maximum size' should be configured correctly. oval:org.secpod.oval:def:14421 Auditing of 'account management' events on failure should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:6649 The "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6689 Require a Password when a Computer Wakes (On Battery) oval:org.secpod.oval:def:14430 The 'Allow undock without having to logon' policy should be set correctly. oval:org.secpod.oval:def:14503 Auditing of 'Policy Change: Filtering Platform Policy Change' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14419 The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly. oval:org.secpod.oval:def:14521 Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6631 The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:14467 Auditing of 'DS Access: Directory Service Replication' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:60771 Network access: Shares that can be accessed anonymously oval:gov.nist.usgcb.vista:def:6051 Microsoft network server: Digitally sign communications (always) oval:gov.nist.usgcb.vista:def:6659 The "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6595 Disable remote Desktop Sharing oval:gov.nist.usgcb.vista:def:243 This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user. oval:org.secpod.oval:def:14523 Auditing of 'Object Access: Application Generated' events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8085 Only elevate executables that are signed and validated oval:org.secpod.oval:def:14522 Auditing of 'Object Access: Filtering Platform Connection' events on failure should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6596 Do not allow passwords to be saved oval:gov.nist.usgcb.vista:def:6056 MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS) oval:gov.nist.usgcb.vista:def:6690 Require a Password when a Computer Wakes (Plugged) oval:org.secpod.oval:def:14520 Auditing of 'Logon/Logoff: Other Logon/Logoff Events' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14473 Auditing of 'Logon/Logoff: Account Lockout' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14481 Auditing of 'Logon/Logoff: IPsec Main Mode' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:14397 The 'application log maximum size' should be configured correctly. oval:gov.nist.usgcb.vista:def:6628 The "Debug programs (SeDebugPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6099 Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders oval:org.secpod.oval:def:14403 Auditing of 'account logon' events on failure should be enabled or disabled as appropriate.. oval:gov.nist.usgcb.vista:def:6636 The "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:14533 The 'add workstations to domain' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:14415 The 'Allowed to Format and Eject Removable NTFS Media' policy should be set correctly. oval:org.secpod.oval:def:14472 Auditing of 'Object Access: Filtering Platform Packet Drop' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:7710 The Screen Saver Executable Name setting should be configured correctly for the current user. oval:gov.nist.usgcb.vista:def:6048 Microsoft network client: Digitally sign communications (if server agrees) oval:gov.nist.usgcb.vista:def:8083 Behavior of the elevation prompt for standard users oval:gov.nist.usgcb.vista:def:8082 Behavior of the elevation prompt for administrators in Admin Approval Mode oval:gov.nist.usgcb.vista:def:6642 Administrators may load and unload device drivers oval:gov.nist.usgcb.vista:def:6655 The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6643 The "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6650 The "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6617 The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6627 The "Create permanent shared objects" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6715 Prevent users from sharing files within their profile oval:org.secpod.oval:def:14538 The 'add workstations to domain' user right should be assigned to the correct accounts. oval:gov.nist.usgcb.vista:def:6708 Screen Saver timeout oval:gov.nist.usgcb.vista:def:242 This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user. oval:gov.nist.usgcb.vista:def:662391 The "Increase a process working set" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6076 Network access: Remotely accessible registry paths and sub paths oval:gov.nist.usgcb.vista:def:662371 The "Modify an object label" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:20012 Allowing source routed network traffic allows attackers to obscure their identity and location. oval:gov.nist.usgcb.vista:def:20014 MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default). oval:gov.nist.usgcb.vista:def:20019 This setting was added to Windows Vista SP1 specifically to enable Remote Assistance. It allows certain applications stored in secure folders, such as system32, to bypass the secure desktop so that they can function as designed. Enabling this setting will lower security slightly but enable Remote As ... oval:gov.nist.usgcb.vista:def:100205 do not process the run once list oval:gov.nist.usgcb.vista:def:100055 Default behavior for AutoRun oval:gov.nist.usgcb.vista:def:65741 Turn off Autoplay is set correctly. oval:gov.nist.usgcb.vista:def:6707 Password protect the screen saver oval:gov.nist.usgcb.vista:def:6052 Microsoft network server: Digitally sign communications (if client agrees) oval:gov.nist.usgcb.vista:def:6040 Interactive logon: Do not require CTRL+ALT+DEL |