Disallow AutoPlay/Autorun from Autorun.inf
Details This registry key will prevent the autorun.inf from executing commands. Solution Add the registry value as specified in the...
- Home
- Security Hardening
- DISA Windows Vista STIG V6R41
DISA Windows Vista STIG V6R41
Ejection of Removable NTFS Media is not restricted to administrators.
Details Removable hard drives can be formatted and ejected by others who are not members of the Administrators Group, if...file share ACLs have not been reconfigured to Remove the Everyone group.
Details By default, the Everyone group is given full control to new file shares. When a share is created, permissions...Floppy Media devices are not allocated upon user logon.
Details This check verifies that Windows is configured to not limit access to floppy drives when a user is logged...Local volumes are not formatted using NTFS.
Details This is a category 1 finding because the ability to set access permissions and audit critical directories and files...Members of the Backup Operators group must have separate accounts for Backup duties and normal operational tasks.
Details Backup Operators are able to read and write to any file in the system, regardless of the rights assigned...Outgoing Secure channel traffic is not encrypted when possible.
Details Requests sent on the secure channel are authenticated, and sensitive information (such as passwords) is encrypted, but not all...Outgoing Secure channel traffic is not signed when possible.
Details Requests sent on the secure channel are authenticated, and sensitive information (such as passwords) is encrypted, but the channel...permissions for event logs must conform to minimum requirements – application.evtx
Details Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises...permissions for event logs must conform to minimum requirements – security.evtx
Details Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises...