Details
Using a privileged account to perform routine functions makes the computer vulnerable to malicious software inadvertently introduced during a session that has been granted full privileges.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Ensure each user with administrative privileges has a separate account for user duties and one for privileged duties.
Supportive Information
The following resource is also helpful.
- https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R3_STIG.zip
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.
References
- 800-53|CM-6b.
- CAT|I
- CCI|CCI-000366
- Rule-ID|SV-226031r794370_rule
- STIG-ID|WN12-00-000005
- STIG-Legacy|SV-51576
- STIG-Legacy|V-36659
- Vuln-ID|V-226031