WN16-00-000200 – Non-administrative accounts or groups must only have print permissions on printer shares.

Details

Windows shares are a means by which files, folders, printers, and other resources can be published for network users to access. Improper configuration can permit access to devices and data beyond a user’s need.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the permissions on shared printers to restrict standard users to only have Print permissions.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

800-53|AC-3
CAT|III
CCI|CCI-000213
Rule-ID|SV-224836r569186_rule
STIG-ID|WN16-00-000200
STIG-Legacy|SV-87909
STIG-Legacy|V-73257
Vuln-ID|V-224836

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles