permissions for event logs must conform to minimum requirements – system.evtx
Details Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises...
- Home
- Security Hardening
- DISA Windows Vista STIG V6R41
DISA Windows Vista STIG V6R41
Physical security of the Automated Information System (AIS) does not meet DISA requirements.
Details Inadequate physical protection can undermine all other security precautions utilized to protect the system. This can jeopardize the confidentiality,...Policy must require that Administrative user accounts not be used with applications that access the internet.
Details Using applications that access the internet or have potential internet sources using administrative privileges exposes a system to compromise....Print driver Installation privilege is not restricted to administrators.
Details By default, the print spooler allows any user to add and to delete printer drivers on the local system....Printer share permissions are not configured as recommended.
Details Improperly configured share permissions on printers can permit the addition of unauthorized print devices on the network. Windows shares...Remove Software Certificate Installation files
Details This check verifies that software certificate installation files have been removed from a system. Solution Remove any certificate installation...Reversible password Encryption is not Disabled.
Details Storing passwords using reversible encryption is essentially the same as storing clear-text versions of the passwords. For this reason,...Secure Removable Media – CD-ROM
Details This check verifies that Windows is configured to not limit access to CD drives when a user is logged...security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.
Details Security configuration tools such as Group Policies and Security Templates allow system administrators to consolidate security-related system settings into...security-related Software Patches are not applied.
Details Major software vendors release security patches and hot fixes to their products when security vulnerabilities are discovered. It is...