Home
Security Hardening
DISA Windows Server 2019 STIG V2R3

DISA Windows Server 2019 STIG V2R3

WN19-00-000360 – Windows Server 2019 must not have the Telnet Client installed.
Details Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of...
WN19-00-000210 – Windows Server 2019 passwords must be configured to expire.
Details Passwords that do not expire or are reused increase the exposure of a password with greater probability of being...
WN19-00-000220 – Windows Server 2019 system files must be monitored for unauthorized changes.
Details Monitoring system files for changes against a baseline on a regular basis may help detect the possible introduction of...
WN19-00-000230 – Windows Server 2019 non-system-created file shares must limit access to groups that require it.
Details Shares on a system provide network access. To prevent exposing sensitive information, where shares are necessary, permissions must be...
WN19-00-000240 – Windows Server 2019 must have software certificate installation files removed.
Details Use of software certificates and their accompanying installation files for end users to access resources is less secure than...
WN19-00-000250 – Windows Server 2019 systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.
Details This requirement addresses protection of user-generated data as well as operating system-specific configuration data. Organizations may choose to employ...
WN19-00-000260 – Windows Server 2019 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.
Details Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, for example, during aggregation, at...
WN19-00-000270 – Windows Server 2019 must have the roles and features required by the system documented.
Details Unnecessary roles and features increase the attack surface of a system. Limiting roles and features of a system to...
WN19-00-000280 – Windows Server 2019 must have a host-based firewall installed and enabled.
Details A firewall provides a line of defense against attack, allowing or blocking inbound and outbound connections based on a...

DISA Windows Server 2019 STIG V2R3

WN19-00-000360 – Windows Server 2019 must not have the Telnet Client installed.

WN19-00-000210 – Windows Server 2019 passwords must be configured to expire.

WN19-00-000220 – Windows Server 2019 system files must be monitored for unauthorized changes.

WN19-00-000230 – Windows Server 2019 non-system-created file shares must limit access to groups that require it.

WN19-00-000240 – Windows Server 2019 must have software certificate installation files removed.

WN19-00-000250 – Windows Server 2019 systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.

WN19-00-000260 – Windows Server 2019 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.

WN19-00-000270 – Windows Server 2019 must have the roles and features required by the system documented.

WN19-00-000280 – Windows Server 2019 must have a host-based firewall installed and enabled.