Download
| Alert*
oval:gov.nist.usgcb.xp:def:6121
Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer. oval:gov.nist.usgcb.xp:def:6122 This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor. oval:gov.nist.usgcb.xp:def:6596 Do not allow passwords to be saved oval:gov.nist.usgcb.xp:def:6119 Turn off shell protocol protected mode oval:gov.nist.usgcb.xp:def:6563 Offer Remote Assistance oval:gov.nist.usgcb.xp:def:6566 RPC Endpoint Mapper Client Authentication oval:gov.nist.usgcb.xp:def:6504 Notify antivirus programs when opening attachments oval:gov.nist.usgcb.xp:def:6725 This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min) oval:gov.nist.usgcb.xp:def:6726 You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min) oval:gov.nist.usgcb.xp:def:6714 Prompt for password on resume from hibernate / suspend oval:gov.nist.usgcb.xp:def:6708 Screen Saver timeout oval:gov.nist.usgcb.xp:def:6707 Password protect the screen saver oval:gov.nist.usgcb.xp:def:6022 Accounts: Rename Administrator Account oval:gov.nist.usgcb.xp:def:6027 Audit: Shut down system immediately if unable to log security audits oval:gov.nist.usgcb.xp:def:6029 Devices: Allowed to format and eject removable media oval:gov.nist.usgcb.xp:def:7796 MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering oval:org.secpod.oval:def:15289 The 'DCOM: Machine access Restrictions in Security Descriptor Definition Language (SDDL) syntax' setting should be configured correctly. oval:org.secpod.oval:def:15281 The 'enable computer and user accounts to be trusted for delegation' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:15280 The correct service permissions for the Printer service should be assigned. oval:org.secpod.oval:def:15285 The 'System cryptography: Force strong key protection for user keys stored on the computer' setting should be configured correctly. oval:org.secpod.oval:def:15284 The correct service permissions for the Remote Desktop Help Session Manager service should be assigned. oval:org.secpod.oval:def:15299 The correct service permissions for the Universal Plug and Play service should be assigned. oval:org.secpod.oval:def:15293 TCP/IP PMTU Discovery should be properly configured. oval:org.secpod.oval:def:15290 The 'Enable User to Use Media Source While Elevated' policy should be set correctly. oval:org.secpod.oval:def:15291 The 'Delete Cached Copies of Roaming Profiles' policy should be set correctly. oval:org.secpod.oval:def:15296 The correct service permissions for the Remote Registry service should be assigned. oval:org.secpod.oval:def:15297 The correct service permissions for the Background Intelligent Transfer service should be assigned. oval:org.secpod.oval:def:15294 If the Application log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:15295 The 'Allow Administrator to Install from Terminal Services Session' policy should be set correctly. oval:org.secpod.oval:def:15265 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib should be assigned. oval:org.secpod.oval:def:15266 CD-ROM Autorun should be properly configured. oval:org.secpod.oval:def:15269 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum should be assigned. oval:org.secpod.oval:def:15260 The required permissions for the file %SystemRoot%\System32\Ntbackup.exe should be assigned. oval:org.secpod.oval:def:15263 The required permissions for the file %SystemRoot%\System32\perfmon.msc should be assigned. oval:org.secpod.oval:def:15264 The 'Display user information when the session is locked' setting should be configured correctly. oval:org.secpod.oval:def:15261 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache should be assigned. oval:org.secpod.oval:def:15262 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ersvc\Security should be assigned. oval:org.secpod.oval:def:15278 If the Security log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:15279 The 'Allow Server Operators to Schedule Tasks' policy should be set correctly. oval:org.secpod.oval:def:15277 The 'Terminate session when time limits are reached' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:15270 Auditing of 'process tracking' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:15275 The required permissions for the registry key HKEY_USERS\.DEFAULT should be assigned. oval:org.secpod.oval:def:15272 The correct service permissions for the SNMP service should be assigned. oval:org.secpod.oval:def:15273 The correct service permissions for the SNMP Trap service should be assigned. oval:org.secpod.oval:def:15089 The required permissions for the file %SystemRoot%\System32\RSoP.msc should be assigned. oval:org.secpod.oval:def:7718 The Password protect the screen saver setting should be configured correctly. oval:org.secpod.oval:def:15083 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg should be assigned. oval:org.secpod.oval:def:7719 The Screen Saver Executable Name setting should be configured correctly for the current user. oval:org.secpod.oval:def:15084 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scarddrv\Security should be assigned. oval:org.secpod.oval:def:15081 The required permissions for the directory %SystemRoot%\System32\NTMSData should be assigned. oval:org.secpod.oval:def:15082 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC\Security\XAKey should be assigned. oval:org.secpod.oval:def:7715 The Screen Saver Executable Name setting should be configured correctly for the current user. oval:org.secpod.oval:def:15088 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wmi\Security should be assigned. oval:org.secpod.oval:def:7716 The "Screen Saver Timeout" setting should be configured correctly for the default user. oval:org.secpod.oval:def:15085 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netddedsdm\Security should be assigned. oval:org.secpod.oval:def:7717 The settings of screen saver should be enabled or disabled as appropriate for the current user. oval:org.secpod.oval:def:15086 If the System log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:15080 The required permissions for the file %SystemRoot%\System32\Com\comexp.msc should be assigned. oval:org.secpod.oval:def:7720 The settings of screen saver should be enabled or disabled as appropriate for the current user. oval:org.secpod.oval:def:15094 The required permissions for the file %SystemRoot%\System32\dfrg.msc should be assigned. oval:org.secpod.oval:def:15095 The required permissions for the directory %SystemDrive%\Documents and Settings\Administrator should be assigned. oval:org.secpod.oval:def:15092 The required permissions for the directory %SystemDrive% should be assigned. oval:org.secpod.oval:def:15093 The required permissions for the directory %SystemRoot%\Debug\UserMode\userenv.log should be assigned. oval:org.secpod.oval:def:15098 The required permissions for the file %SystemRoot%\System32\nbstat.exe should be assigned. oval:org.secpod.oval:def:15099 The correct service permissions for the Routing and Remote Access service should be assigned. oval:org.secpod.oval:def:15096 The 'restrict guest access to application log' policy should be set correctly. oval:org.secpod.oval:def:15097 The correct service permissions for the NetMeeting service should be assigned. oval:org.secpod.oval:def:15091 The correct service permissions for the Alerter service should be assigned. oval:org.secpod.oval:def:15072 The required auditing for the registry key HKEY_LOCAL_MACHINE\SYSTEM should be enabled. oval:org.secpod.oval:def:15073 The required permissions for the file %SystemRoot%\System32\CONFIG should be assigned. oval:org.secpod.oval:def:15071 The required permissions for the directory %SystemRoot%\Registration\CRMLog should be assigned. oval:org.secpod.oval:def:15076 The required permissions for the directory %SystemRoot%\System32\dllcache should be assigned. oval:org.secpod.oval:def:15074 The required permissions for the directory %AllUsersProfile% should be assigned. oval:org.secpod.oval:def:15201 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony should be assigned. oval:org.secpod.oval:def:15202 The required permissions for the directory %SystemRoot%\Tasks should be assigned. oval:org.secpod.oval:def:15200 The required permissions for the file %SystemRoot%\System32\netstat.exe should be assigned. oval:org.secpod.oval:def:15205 The required permissions for the directory %SystemDrive%\Documents and Settings\Default User should be assigned. oval:org.secpod.oval:def:15206 The required permissions for the file %SystemDrive%\IO.SYS should be assigned. oval:org.secpod.oval:def:15203 The required permissions for the directory %SystemRoot%\security should be assigned. oval:org.secpod.oval:def:15204 The required permissions for the registry key HKEY_USERS\.DEFAULT\Software\Microsoft\SystemCertificates\Root\ProtectedRoots should be assigned. oval:org.secpod.oval:def:15213 The required permissions for the file %SystemRoot%\Offline Web Pages should be assigned. oval:org.secpod.oval:def:15210 The required permissions for the file %SystemRoot%\Installer should be assigned. oval:org.secpod.oval:def:15211 The required permissions for the directory %SystemRoot%\System32\spool\Printers should be assigned. oval:org.secpod.oval:def:15216 The required permissions for the file %SystemRoot%\System32\runas.exe should be assigned. oval:org.secpod.oval:def:15217 The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\MediaIndex should be assigned. oval:org.secpod.oval:def:15214 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UPnP Device Host should be assigned. oval:org.secpod.oval:def:15215 The required permissions for the file %SystemRoot%\System32\drwatson.exe should be assigned. oval:org.secpod.oval:def:15209 The required permissions for the file %SystemDrive%\System Volume Information should be assigned. oval:org.secpod.oval:def:15207 The required permissions for the directory %SystemRoot%\System32\MSDTC should be assigned. oval:org.secpod.oval:def:15208 The required permissions for the file %SystemRoot%\System32\ntmsmgr.msc should be assigned. oval:org.secpod.oval:def:15246 The required permissions for the file %SystemRoot%\System32\devmgmt.msc should be assigned. oval:org.secpod.oval:def:15244 The correct service permissions for the Indexing service should be assigned. oval:org.secpod.oval:def:15249 The required permissions for the file %SystemRoot%\System32\wmimgmt.msc should be assigned. oval:org.secpod.oval:def:15247 The required permissions for the registry key HKEY_USERS\.DEFAULT\Software\Microsoft\NetDDE should be assigned. oval:org.secpod.oval:def:15248 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles should be assigned. oval:org.secpod.oval:def:15256 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip should be assigned. oval:org.secpod.oval:def:15257 The 'Anonymous access to the system event log' policy should be set correctly. oval:org.secpod.oval:def:15254 The required permissions for the directory %SystemRoot%\System32\GroupPolicy should be assigned. oval:org.secpod.oval:def:15255 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Stisvc\Security should be assigned. oval:org.secpod.oval:def:15259 Background Refresh of Group Policy should be properly configured. oval:org.secpod.oval:def:15252 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rpcss\Security should be assigned. oval:org.secpod.oval:def:15253 The required permissions for the directory %SystemRoot%\System32\Setup should be assigned. oval:org.secpod.oval:def:15250 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Wmi\Security should be assigned. oval:org.secpod.oval:def:15251 Membership in the Power Users group should be assigned to the appropriate accounts. oval:org.secpod.oval:def:15224 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries should be assigned. oval:org.secpod.oval:def:15222 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\clone should be assigned. oval:org.secpod.oval:def:15227 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer should be assigned. oval:org.secpod.oval:def:15228 The 'restrict guest access to security log' policy should be set correctly. oval:org.secpod.oval:def:15225 The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\Crypto\RSAHKLMKeys should be assigned. oval:org.secpod.oval:def:15226 The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft should be assigned. oval:org.secpod.oval:def:15220 The correct service permissions for the SMTP service should be assigned. oval:org.secpod.oval:def:15218 The required permissions for the directory %AllUsersProfile%\Documents\desktop.ini should be assigned. oval:org.secpod.oval:def:15219 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy should be assigned. oval:org.secpod.oval:def:15234 The 'Remote Control Settings' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:15235 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDTC should be assigned. oval:org.secpod.oval:def:15233 The required permissions for the directory %SystemRoot%\repair should be assigned. oval:org.secpod.oval:def:15238 The correct service permissions for the ClipBook service should be assigned. oval:org.secpod.oval:def:15239 Auditing of 'process tracking' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:15237 The required permissions for the directory %SystemRoot%\System32\ias should be assigned. oval:org.secpod.oval:def:15230 The required auditing for the registry key HKEY_LOCAL_MACHINE\SOFTWARE should be enabled. oval:org.secpod.oval:def:15231 The required permissions for the file %SystemDrive%\NTBOOTDD.SYS should be assigned. oval:gov.nist.usgcb.xp:def:198 This definition tests the maximum allowed size of the security log is at least as big as the supplied value. oval:gov.nist.usgcb.xp:def:197 This definition tests the maximum allowed size of the application log is at least as big as the supplied value. oval:gov.nist.usgcb.xp:def:199 This definition tests the maximum allowed size of the system log is at least as big as the supplied value. oval:gov.nist.usgcb.xp:def:118 MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers oval:gov.nist.usgcb.xp:def:119 MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames oval:gov.nist.usgcb.xp:def:110 MSS: (AutoAdminLogon) Enable Automatic Logon disabled oval:gov.nist.usgcb.xp:def:112 MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways oval:gov.nist.usgcb.xp:def:111 MSS: (DisableIPSourceRouting) IP source routing protection level oval:gov.nist.usgcb.xp:def:113 MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes disabled oval:gov.nist.usgcb.xp:def:115 MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds oval:gov.nist.usgcb.xp:def:107 System objects: Require case insensitivity for non-Windows subsystems oval:gov.nist.usgcb.xp:def:106 System objects: Default owner for objects created by members of the Administrators group oval:gov.nist.usgcb.xp:def:101 Recovery console: Allow automatic administrative logon oval:gov.nist.usgcb.xp:def:103 Shutdown: Allow system to be shut down without having to log on disabled oval:gov.nist.usgcb.xp:def:102 Recovery console: Allow floppy copy and access to all drives and all folders disabled oval:gov.nist.usgcb.xp:def:105 System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing oval:gov.nist.usgcb.xp:def:104 Shutdown: Clear virtual memory pagefile oval:gov.nist.usgcb.xp:def:139 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/net1.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:132 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/debug.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:131 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/cacls.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:134 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/eventcreate.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:133 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/edlin.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:135 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/eventtriggers.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:138 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/net.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:130 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/attrib.exe file oval:gov.nist.usgcb.xp:def:129 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/at.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:128 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/arp.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:121 MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure DefaultGateway addresses oval:gov.nist.usgcb.xp:def:123 MSS (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires oval:gov.nist.usgcb.xp:def:122 MSS: (SafeDllSearchMode) Enable Safe DLL search mode oval:gov.nist.usgcb.xp:def:127 MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning oval:gov.nist.usgcb.xp:def:154 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/secedit.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:153 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/sc.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:156 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/systeminfo.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:155 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/subst.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:158 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/tftp.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:159 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/tlntsvr.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:150 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rexec.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:152 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rsh.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:151 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/route.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:145 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/reg.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:144 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/rcp.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:147 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regedt32.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:146 The Administrators group and the System user should have full access to the SYSTEMROOT/regedit.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:149 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regsvr32.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:148 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/regini.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:140 The Administrators group and the System user should have full access to the SYSTEMROOT/system32/netsh.exe file and all other users should have no file access privileges oval:org.secpod.oval:def:15168 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NetDDE should be assigned. oval:org.secpod.oval:def:15169 The required permissions for the file %SystemRoot%\System32\nslookup.exe should be assigned. oval:org.secpod.oval:def:15167 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess should be assigned. oval:org.secpod.oval:def:15160 The correct service permissions for the Computer Browser service should be assigned. oval:org.secpod.oval:def:15161 The required permissions for the file %SystemDrive%\NTDETECT.COM should be assigned. oval:org.secpod.oval:def:15164 The required permissions for the directory %SystemRoot%\System32\lusrmgr.msg should be assigned. oval:org.secpod.oval:def:15165 The required permissions for the file %SystemRoot%\System32\compmgmt.msc should be assigned. oval:org.secpod.oval:def:15162 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt\Security should be assigned. oval:org.secpod.oval:def:15163 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers should be assigned. oval:org.secpod.oval:def:15177 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netdd\Security should be assigned. oval:org.secpod.oval:def:15178 The required permissions for the directory %SystemRoot%\Temp should be assigned. oval:org.secpod.oval:def:15171 The required permissions for the directory %AllUsersProfile%\Application Data should be assigned. oval:org.secpod.oval:def:15172 The required permissions for the file %SystemRoot%\System32\gpedit.msc should be assigned. oval:org.secpod.oval:def:15170 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE should be assigned. oval:org.secpod.oval:def:15175 The correct service permissions for the Automatic Updates service should be assigned. oval:org.secpod.oval:def:15176 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM should be assigned. oval:org.secpod.oval:def:15173 The required permissions for the file %SystemDrive%\CONFIG.SYS should be assigned. oval:org.secpod.oval:def:15174 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings should be assigned. oval:org.secpod.oval:def:15146 The correct service permissions for the Messenger service should be assigned. oval:org.secpod.oval:def:15147 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSrv\Security should be assigned. oval:org.secpod.oval:def:15144 The required permissions for the file %SystemRoot%\System32\services.msc should be assigned. oval:org.secpod.oval:def:15145 The required permissions for the directory %SystemRoot%\Driver Cache\I386\Driver.cab should be assigned. oval:org.secpod.oval:def:15148 The correct service permissions for the Net Logon service should be assigned. oval:org.secpod.oval:def:15149 The required permissions for the file %SystemRoot%\System32\diskmgmt.msc should be assigned. oval:org.secpod.oval:def:15380 Access to registry editing tools should be set correctly. oval:org.secpod.oval:def:15381 The 'Windows Firewall: Define program exceptions' policy should be configured correctly for the Domain Profile. oval:org.secpod.oval:def:15142 The permitted number of TCP/IP Maximum Half-open Sockets should be set correctly . oval:org.secpod.oval:def:15383 The required permissions for the file %SystemRoot%\System32\telnet.exe should be assigned. oval:org.secpod.oval:def:15157 The correct service permissions for the IIS Admin service should be assigned. oval:org.secpod.oval:def:15158 The required permissions for the file %SystemDrive%\Documents and Settings should be assigned. oval:org.secpod.oval:def:15155 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security should be assigned. oval:org.secpod.oval:def:15156 The required permissions for the directory %AllUsersProfile%\DRM should be assigned. oval:org.secpod.oval:def:15153 The 'LDAP server signing requirements' policy should be set correctly. oval:org.secpod.oval:def:15151 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Security should be assigned. oval:org.secpod.oval:def:15152 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32time\Security should be assigned. oval:org.secpod.oval:def:15188 Membership in the Backup Operators group should be assigned to the appropriate accounts. oval:org.secpod.oval:def:15189 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Scardsvr\Security should be assigned. oval:org.secpod.oval:def:15182 The required permissions for the directory %SystemRoot%\System32 should be assigned. oval:org.secpod.oval:def:15183 The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly. oval:org.secpod.oval:def:15180 The 'Anonymous access to the security event log' policy should be set correctly. oval:org.secpod.oval:def:15181 The required permissions for the directory %SystemRoot%\CSC should be assigned. oval:org.secpod.oval:def:15186 The required auditing for %SystemDrive% directory should be enabled. oval:org.secpod.oval:def:15184 The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\Crypto\DSSHKLMKeys should be assigned. oval:org.secpod.oval:def:15185 The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\Dr Watson should be assigned. oval:org.secpod.oval:def:15199 The required permissions for the directory %AllUsersProfile%\Application Data\Microsoft\HTML Help should be assigned. oval:org.secpod.oval:def:15193 The 'Log Successful Connections' option for the Windows Firewall should be configured correctly for the Standard Profile. oval:org.secpod.oval:def:15191 The required permissions for the file %SystemRoot%\System32\eventvwr.msc should be assigned. oval:org.secpod.oval:def:15192 The required permissions for the directory %ProgramFiles% should be assigned. oval:org.secpod.oval:def:15197 the 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Polices' setting should be configured correctly. oval:org.secpod.oval:def:15198 The required permissions for the file %SystemRoot%\System32\ntmsoprq.msc should be assigned. oval:org.secpod.oval:def:15195 The 'Prohibit New Task Creation' policy should be set correctly for the Task Scheduler. oval:org.secpod.oval:def:15196 The IMAPI CD-Burning COM service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:15190 The required permissions for the file %SystemDrive%\AUTOEXEC.BAT should be assigned. oval:org.secpod.oval:def:15323 The permitted number of TCP/IP Maximum Retried Half-open Sockets should be set correctly . oval:org.secpod.oval:def:15320 The correct service permissions for the Telnet service should be assigned. oval:org.secpod.oval:def:15326 The 'Refuse machine account password change' policy should be set correctly. oval:org.secpod.oval:def:15324 The 'Prevent Codec Download' policy should be set correctly for Windows MediaPlayer. oval:org.secpod.oval:def:15325 The 'Anonymous access to the application event log' policy should be set correctly. oval:org.secpod.oval:def:15318 Always Wait for the Network at Computer Startup and Logon should be properly configured. oval:org.secpod.oval:def:15330 Membership in the Remote Desktop Users group should be assigned to the appropriate accounts. oval:org.secpod.oval:def:15328 The 'Limit Number of Connections' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:15329 The correct service permissions for the Terminal Services service should be assigned. oval:org.secpod.oval:def:15304 The correct service permissions for the WWW Publishing service should be assigned. oval:org.secpod.oval:def:15305 The log file size limit for the Windows Firewall should be configured correctly for the Standard Profile. oval:org.secpod.oval:def:15316 The correct service permissions for the Task Scheduler service should be assigned. oval:org.secpod.oval:def:15313 The correct service permissions for the Fax service should be assigned. oval:org.secpod.oval:def:15307 The correct service permissions for the FTP Publishing service should be assigned. oval:org.secpod.oval:def:15124 The 'restrict guest access to system log' policy should be set correctly. oval:org.secpod.oval:def:15125 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netbt should be assigned. oval:org.secpod.oval:def:15122 The required permissions for the directory %SystemRoot%\Debug\UserMode should be assigned. oval:org.secpod.oval:def:15123 The required permissions for the file %SystemRoot%\System32\fsmgmt.msc should be assigned. oval:org.secpod.oval:def:15128 The required permissions for the directory %SystemRoot%\$NtServicePackUninstall$ should be assigned. oval:org.secpod.oval:def:15129 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit should be assigned. oval:org.secpod.oval:def:15126 The 'Limit Users to One Remote Session' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:15127 The 'add workstations to domain' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:15362 The 'Prevent IIS Installation' setting should be configured correctly. oval:org.secpod.oval:def:15121 The required permissions for the directory %SystemRoot%\Registration should be assigned. oval:org.secpod.oval:def:15378 The 'CD Burning features in Windows Explorer' should be enabled or disabled as appropriate. oval:org.secpod.oval:def:15134 The required permissions for the directory %SystemRoot%\Debug should be assigned. oval:org.secpod.oval:def:15139 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tapisrv\Security should be assigned. oval:org.secpod.oval:def:15137 The required permissions for the file %SystemRoot%\System32\drwtsn32.exe should be assigned. oval:org.secpod.oval:def:15132 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Asr\Commands should be assigned. oval:org.secpod.oval:def:15130 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Samss\Security should be assigned. oval:org.secpod.oval:def:15102 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network should be assigned. oval:org.secpod.oval:def:15103 The required permissions for the file %SystemRoot%\System32\secpol.msc should be assigned. oval:org.secpod.oval:def:15101 The required permissions for the directory %SystemRoot% should be assigned. oval:org.secpod.oval:def:15107 The required permissions for the file %SystemRoot%\System32\ftp.exe should be assigned. oval:org.secpod.oval:def:15104 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IRENUM\Security should be assigned. oval:org.secpod.oval:def:15105 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies should be assigned. oval:org.secpod.oval:def:15340 The log file path and name for the Windows Firewall should be configured correctly for the Standard Profile. oval:org.secpod.oval:def:15113 The required permissions for the file %SystemRoot%\Prefetch should be assigned. oval:org.secpod.oval:def:15111 The required permissions for the file %SystemRoot%\System32\ciadv.msc should be assigned. oval:org.secpod.oval:def:15117 The 'Enable User to Patch Elevated Products' policy should be set correctly. oval:org.secpod.oval:def:15118 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class should be assigned. oval:org.secpod.oval:def:15115 The required permissions for the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography/Calais should be assigned. oval:org.secpod.oval:def:15357 The TCP/IP NetBIOS Helper service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:15116 The required permissions for the file %SystemDrive%\MSDOS.SYS should be assigned. oval:org.secpod.oval:def:15358 The 'Log Dropped Packets' option for the Windows Firewall should be configured correctly for the Standard Profile. oval:org.secpod.oval:def:15352 Standard Profile: Define port exceptions (SP2 only) oval:org.secpod.oval:def:15110 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities should be assigned. oval:org.secpod.oval:def:15109 The required permissions for the file %SystemDrive%\NTLDR should be assigned. oval:gov.nist.usgcb.xp:def:217 NetMeeting Remote Desktop Sharing Service should be disabled oval:gov.nist.usgcb.xp:def:205 Retention method for system log oval:gov.nist.usgcb.xp:def:204 Retention method for security log oval:gov.nist.usgcb.xp:def:203 This definition tests the retention method for the application log. Possible methods are - overwrite as necessary, do not overwrite, or overwrite events older than X seconds. oval:gov.nist.usgcb.xp:def:238 No one may synchronize directory service data oval:gov.nist.usgcb.xp:def:242 This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user. oval:gov.nist.usgcb.xp:def:6626 Administrators, SERVICE, Local Service and Network Service may Create Global Objects oval:gov.nist.usgcb.xp:def:182 Administrators may increase scheduling priority oval:gov.nist.usgcb.xp:def:186 LOGON SERVICE and NETWORK SERVICE may log on as a service oval:org.secpod.oval:def:15372 The 'Windows Firewall: Outbound connections' policy should be configured correctly for the Domain profile. oval:org.secpod.oval:def:15379 The 'Windows Firewall: Apply local firewall rules' policy should be configured correctly for the Domain profile. oval:org.secpod.oval:def:15274 The 'Always Prompt Client for Password upon Connection' policy should be set correctly for Terminal Services. oval:gov.nist.usgcb.xp:def:170 Administrators may create a pagefile oval:gov.nist.usgcb.xp:def:100 Network security: Minimum session security for NTLM SSP based (including secure RPC) servers oval:gov.nist.usgcb.xp:def:164 Administrators, LOCAL SERVICE, NETWORK SERVICE may adjust memory quotas for a process oval:gov.nist.usgcb.xp:def:125 MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged oval:gov.nist.usgcb.xp:def:100205 do not process the run once list oval:org.secpod.oval:def:15288 The 'Allow undock without having to logon' policy should be set correctly. oval:gov.nist.usgcb.xp:def:677 No one is denied logon as a service oval:gov.nist.usgcb.xp:def:190 Administrators may profile a single process oval:gov.nist.usgcb.xp:def:243 This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user. oval:gov.nist.usgcb.xp:def:185 No one may log on as a batch job oval:gov.nist.usgcb.xp:def:175 Guests and SUPPORT_388945a0 are denied access to this computer from the network. Note: If the SUPPORT_388945a0 accounts has been renamed perform this check manually. oval:gov.nist.usgcb.xp:def:244 Network security: Force logoff when logon hours expire oval:gov.nist.usgcb.xp:def:6640 Administrators and SERVICE may Impersonate a Client after Authentication oval:gov.nist.usgcb.xp:def:6565 Restrictions for Unauthenticated RPC clients oval:org.secpod.oval:def:15342 The 'Interactive logon: Requre smart card' setting should be configured correctly. oval:gov.nist.usgcb.xp:def:124 MSS: (SynAttackProtect) Syn attack protection level oval:gov.nist.usgcb.xp:def:162 No one has the right to act as part of the operating system oval:gov.nist.usgcb.xp:def:126 (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted oval:org.secpod.oval:def:15276 System availability to Master Browser should be properly configured. oval:gov.nist.usgcb.xp:def:174 Administrators are allowed to debug programs oval:gov.nist.usgcb.xp:def:180 Administrators may force shutdown from a remote system oval:gov.nist.usgcb.xp:def:196 Administrators may take ownership of files or other objects oval:gov.nist.usgcb.xp:def:165 Administrators and Users are allowed to log on locally oval:gov.nist.usgcb.xp:def:176 Guests and SUPPORT_388945a0 are denied logon as a batch job. Note: If the SUPPORT_388945a0 accounts has been renamed perform this check manually. oval:gov.nist.usgcb.xp:def:161 Administrators may access this computer from the network. NOTE: This can break IPSec see Microsoft Knowledge Base article 823659 for further guidance oval:gov.nist.usgcb.xp:def:192 Users and Administrators may remove the computer from its docking station oval:gov.nist.usgcb.xp:def:171 No one is allowed to create a token object oval:gov.nist.usgcb.xp:def:188 Administrators may modify firmware environment variables oval:gov.nist.usgcb.xp:def:187 Administrators may manage the auditing and security log oval:gov.nist.usgcb.xp:def:195 Administrators and Users may shut down the system oval:gov.nist.usgcb.xp:def:117 MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives oval:org.secpod.oval:def:15374 The 'Windows Firewall: Inbound connections' policy should be configured correctly for the Domain Profile. oval:gov.nist.usgcb.xp:def:191 Administrators may profile the system performance oval:gov.nist.usgcb.xp:def:168 Administrators and Users may bypass traverse checking oval:gov.nist.usgcb.xp:def:181 LOCAL SERVICE and NETWORK SERVICE may generate security audits oval:org.secpod.oval:def:15140 Disable saving of dial-up passwords should be properly configured. oval:gov.nist.usgcb.xp:def:194 Administrators may restore files and directories oval:gov.nist.usgcb.xp:def:167 Administrators are allowed to back up files and directories oval:gov.nist.usgcb.xp:def:183 Administrators may load and unload device drivers oval:gov.nist.usgcb.xp:def:177 Guests, SUPPORT_388945a0, and any service accounts are denied logon locally. Note: If the SUPPORT_388945a0 accounts has been renamed perform this check manually. oval:gov.nist.usgcb.xp:def:172 No one is allowed to create permanent shared objects oval:gov.nist.usgcb.xp:def:184 No one may lock pages in memory oval:gov.nist.usgcb.xp:def:193 LOCAL SERVICE and NETWORK SERVICE may replace a process level token oval:gov.nist.usgcb.xp:def:189 Administrators may perform volume maintenance tasks oval:gov.nist.usgcb.xp:def:6023 Accounts: Rename Guest Account oval:gov.nist.usgcb.xp:def:1662 No one but Administrators and Remote Desktop Users may logon through Terminal Services oval:gov.nist.usgcb.xp:def:30 Audit Directory Service Access oval:gov.nist.usgcb.xp:def:32 Audit logon events oval:gov.nist.usgcb.xp:def:35 Audit policy changes oval:gov.nist.usgcb.xp:def:34 Audit object access oval:gov.nist.usgcb.xp:def:37 Audit system events oval:gov.nist.usgcb.xp:def:36 Audit privilege use oval:gov.nist.usgcb.xp:def:22 Passwords must be stored using reversible encryption for all users in the domain oval:gov.nist.usgcb.xp:def:21 Passwords must meet complexity requirements oval:gov.nist.usgcb.xp:def:27 Audit account logon events oval:gov.nist.usgcb.xp:def:29 Audit account management oval:gov.nist.usgcb.xp:def:17 Maximum password age is the profile defined number of days oval:gov.nist.usgcb.xp:def:16 Password history enforcement is enabled and the profile defined number of passwords are remembered oval:gov.nist.usgcb.xp:def:19 Minimum password length is the profile defined number of characters oval:gov.nist.usgcb.xp:def:18 Minimum password age is the profile defined number of days oval:gov.nist.usgcb.xp:def:1351 The Administrators group and the System user should have full access and the Users group has read access to the SYSTEMROOT/system32/mshta.exe file and all other users should have no file access privileges oval:gov.nist.usgcb.xp:def:93 Network access: Shares that can be accessed anonymously oval:gov.nist.usgcb.xp:def:92 Network access: Remotely accessible registry paths oval:gov.nist.usgcb.xp:def:95 Network security: Do not store LAN Manager hash value on next password change oval:gov.nist.usgcb.xp:def:94 Network access: Sharing and security model for local accounts oval:gov.nist.usgcb.xp:def:96 Network security: LAN Manager authentication level oval:gov.nist.usgcb.xp:def:99 Network security: Minimum session security for NTLM SSP based (including secure RPC) clients oval:gov.nist.usgcb.xp:def:98 Network security: LDAP client signing requirements oval:gov.nist.usgcb.xp:def:91 Network access: Named Pipes that can be accessed anonymously oval:gov.nist.usgcb.xp:def:90 Network access: Let Everyone permissions apply to anonymous users oval:gov.nist.usgcb.xp:def:82 Microsoft network client: Send unencrypted password to third-party SMB servers disabled oval:gov.nist.usgcb.xp:def:81 Microsoft network client: Digitally sign communications oval:gov.nist.usgcb.xp:def:84 Microsoft network server: Digitally sign communications (always) oval:gov.nist.usgcb.xp:def:83 Microsoft network server: Amount of idle time required before suspending session oval:gov.nist.usgcb.xp:def:86 Microsoft network server: Disconnect clients when logon hours expire oval:gov.nist.usgcb.xp:def:85 Microsoft network server: Digitally sign communications (if client agrees) oval:gov.nist.usgcb.xp:def:88 Network access: Do not allow anonymous enumeration of SAM accounts and shares oval:gov.nist.usgcb.xp:def:87 Network access: Do not allow anonymous enumeration of SAM accounts oval:gov.nist.usgcb.xp:def:89 Network access: Do not allow storage of credentials or .NET Passports for network authentication oval:gov.nist.usgcb.xp:def:1781 Guests are denied logon through Terminal Services oval:gov.nist.usgcb.xp:def:72 Number of previous logons to cache (in case domain controller is not available) is profile defined oval:gov.nist.usgcb.xp:def:75 Require Domain Controller authentication to unlock workstation oval:gov.nist.usgcb.xp:def:74 Prompt user to change password before expiration oval:gov.nist.usgcb.xp:def:77 Determines if an anonymous user can request security identifier (SID) attributes for another user. oval:gov.nist.usgcb.xp:def:79 Microsoft network client: Digitally sign communications (always) oval:gov.nist.usgcb.xp:def:78 Smart card removal behavior for interactive logon oval:gov.nist.usgcb.xp:def:60 Warn for unsigned driver installation oval:gov.nist.usgcb.xp:def:64 Disable machine account password changes oval:gov.nist.usgcb.xp:def:65 Maximum machine account password age is profile defined number of days oval:gov.nist.usgcb.xp:def:68 Do not display last user name logged on oval:gov.nist.usgcb.xp:def:69 Do not require CTRL+ALT+DEL for logon oval:gov.nist.usgcb.xp:def:52 Audit the use of Backup and Restore privileges oval:gov.nist.usgcb.xp:def:56 Prevent users from installing printer drivers oval:gov.nist.usgcb.xp:def:59 Restrict floppy access to locally logged-on users only oval:gov.nist.usgcb.xp:def:58 Restrict CD-ROM access to locally logged-on user only oval:gov.nist.usgcb.xp:def:42 oval:gov.nist.usgcb.xp:def:45 Audit the access of global system objects is disabled oval:org.secpod.oval:def:15242 The 'Network access: Restrict anonymous access to named pipes and shares' setting should be configured correctly. oval:gov.nist.USGCB.xpfirewall:def:5100 The Windows Firewall: Protect all network connections setting turns on Windows Firewall, which replaces Internet Connection Firewall on all computers that are running Windows XP SP2. This appendix recommends configuring this setting to Enabled to protect all network connections for computers in all ... oval:gov.nist.USGCB.xpfirewall:def:5101 The Windows Firewall: Do not allow exceptions setting specifies that Windows Firewall blocks all unsolicited incoming messages. This policy setting overrides all other Windows Firewall policy settings that allow such messages. If you enable this policy setting in the Windows Firewall component of Co ... oval:gov.nist.USGCB.xpfirewall:def:5107 Many organizations use Remote Desktop connections in their normal troubleshooting procedures or operations. However, some attacks have occurred that exploited the ports typically used by Remote Desktop. To provide flexibility for remote administration, the Windows Firewall: Allow Remote Desktop exce ... oval:gov.nist.USGCB.xpfirewall:def:5109 Windows Firewall can display notifications to users when a program requests that Windows Firewall add the program to the program exceptions list. This situation occurs when programs attempt to open a port and are not allowed to do so based on current Windows Firewall rules. The Windows Firewall: Pro ... oval:gov.nist.USGCB.xpfirewall:def:51041 Many organizations take advantage of remote computer administration in their daily operations. However, some attacks have exploited the ports typically used by remote administration programs; Windows Firewall can block these ports. To provide flexibility for remote administration, the Windows Firewa ... oval:gov.nist.USGCB.xpfirewall:def:5016 Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ... oval:gov.nist.USGCB.xpfirewall:def:5015 Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ... oval:gov.nist.USGCB.xpfirewall:def:5014 Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ... oval:gov.nist.USGCB.xpfirewall:def:5017 Allows Windows Firewall to record information about the unsolicited incoming messages that it receives. If you enable this policy setting, Windows Firewall writes the information to a log file. You must provide the name, location, and maximum size of the log file. The location can contain environmen ... oval:gov.nist.USGCB.xpfirewall:def:5000 The Windows Firewall: Protect all network connections setting turns on Windows Firewall, which replaces Internet Connection Firewall on all computers that are running Windows XP SP2. This appendix recommends configuring this setting to Enabled to protect all network connections for computers in all ... oval:gov.nist.USGCB.xpfirewall:def:5004 Many organizations take advantage of remote computer administration in their daily operations. However, some attacks have exploited the ports typically used by remote administration programs; Windows Firewall can block these ports. To provide flexibility for remote administration, the Windows Firewa ... oval:gov.nist.USGCB.xpfirewall:def:5009 Windows Firewall can display notifications to users when a program requests that Windows Firewall add the program to the program exceptions list. This situation occurs when programs attempt to open a port and are not allowed to do so based on current Windows Firewall rules. The Windows Firewall: Pro ... oval:gov.nist.USGCB.xpfirewall:def:5007 Many organizations use Remote Desktop connections in their normal troubleshooting procedures or operations. However, some attacks have occurred that exploited the ports typically used by Remote Desktop. To provide flexibility for remote administration, the Windows Firewall: Allow Remote Desktop exce ... |