Download
| Alert*
oval:org.secpod.oval:def:8603
The "User Account Control: Run all administrators in Admin Approval Mode" setting should be configured correctly. oval:org.secpod.oval:def:8604 The "User Account Control: Detect application installations and prompt for elevation" setting should be configured correctly. oval:org.secpod.oval:def:8600 The "Network security: LAN Manager authentication level" setting should be configured correctly. oval:org.secpod.oval:def:8608 The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8613 The maximum lifetime for Kerberos user tickets should be set appropriately. oval:org.secpod.oval:def:8614 The "Registry policy processing" policy should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8611 The maximum lifetime for Kerberos user ticket renewal should be set appropriately. oval:org.secpod.oval:def:8617 The "Enforce user logon restrictions" policy should be set correctly. oval:org.secpod.oval:def:8618 The "Do Not Allow Windows Messenger to be Run" policy should be set correctly. oval:org.secpod.oval:def:8543 The "Domain member: Disable machine account password changes" setting should be configured correctly. oval:org.secpod.oval:def:8541 The "Add workstations to domain" setting should be configured correctly. oval:org.secpod.oval:def:8530 The "Synchronize directory service data" setting should be configured correctly. oval:org.secpod.oval:def:7895 The "account lockout duration" policy should meet minimum requirements. oval:org.secpod.oval:def:8516 This policy setting determines whether a domain member should attempt to negotiate encryption for all secure channel traffic that it initiates. oval:org.secpod.oval:def:8599 The "System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)" setting should be configured correctly. oval:org.secpod.oval:def:8593 The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured correctly. oval:org.secpod.oval:def:8596 The "User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop" setting should be configured correctly. oval:org.secpod.oval:def:8605 The "User Account Control: Switch to the secure desktop when prompting for elevation" setting should be configured correctly. oval:org.secpod.oval:def:8616 The maximum lifetime for Kerberos service tickets should be set appropriately. oval:org.secpod.oval:def:8591 The "Network access: Sharing and security model for local accounts" setting should be configured correctly. oval:org.secpod.oval:def:8509 The "Audit: Audit the access of global system objects" setting should be configured correctly. oval:org.secpod.oval:def:8521 The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8553 The "Change the system time (SeSystemTimePrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8561 The "MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)" setting should be configured correctly. oval:org.secpod.oval:def:8609 Authentication requirements for RPC clients should be configured appropriately. oval:org.secpod.oval:def:8575 The "Accounts: Guest account status" setting should be configured correctly. oval:org.secpod.oval:def:8552 The "Allow log on locally" setting should be configured correctly. oval:org.secpod.oval:def:8529 The "Generate security audits (SeAuditPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8557 The "User Account Control: Admin Approval Mode for the Built-in Administrator account" setting should be configured correctly. oval:org.secpod.oval:def:8619 The "Turn off Autoplay" policy should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8508 The "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8580 The "Network access: Restrict anonymous access to Named Pipes and Shares" setting should be configured correctly. oval:org.secpod.oval:def:8559 The "Create symbolic links" setting should be configured correctly. oval:org.secpod.oval:def:8495 The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8601 The "User Account Control: Only elevate UIAccess applications that are installed in secure locations" setting should be configured correctly. oval:org.secpod.oval:def:8567 The "Domain Controller: LDAP server signing requirements" setting should be configured correctly. oval:org.secpod.oval:def:8615 RPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8523 The "Interactive logon: Message title for users attempting to log on" setting should be configured correctly. oval:org.secpod.oval:def:8520 The "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:8587 The "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8545 The "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" setting should be configured correctly. oval:org.secpod.oval:def:8592 The "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers" setting should be configured correctly. oval:org.secpod.oval:def:8564 The "Debug programs (SeDebugPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8534 The "Change the time zone" setting should be configured correctly. oval:org.secpod.oval:def:8566 The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:8572 The "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8525 The "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8556 The "Interactive logon: Number of previous logons to cache (in case domain controller is not available)" setting should be configured correctly. oval:org.secpod.oval:def:8544 The "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8542 The "Devices: Allow undock without having to log on" setting should be configured correctly. oval:org.secpod.oval:def:8568 The "System cryptography: Force strong key protection for user keys stored on the computer" setting should be configured correctly. oval:org.secpod.oval:def:8582 The "Accounts: Limit local account use of blank passwords to console logon only" setting should be configured correctly. oval:org.secpod.oval:def:8538 The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8533 The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8522 The "Microsoft network server: Disconnect clients when logon hours expire" setting should be configured correctly. oval:org.secpod.oval:def:8527 The "Network access: Do not allow storage of credentials or .NET Passports for network authentication" setting should be configured correctly. oval:org.secpod.oval:def:8589 The "Shutdown: Allow system to be shut down without having to log on" setting should be configured correctly. oval:org.secpod.oval:def:8551 The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8607 The "User Account Control: Only elevate executables that are signed and validated" setting should be configured correctly. oval:org.secpod.oval:def:8499 The "Interactive logon: Smart card removal behavior" setting should be configured correctly. oval:org.secpod.oval:def:8579 The "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8562 The "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:8518 The "Domain Controller: Refuse machine account password changes" setting should be configured correctly. oval:org.secpod.oval:def:8563 The "Recovery console: Allow automatic administrative logon" setting should be configured correctly. oval:org.secpod.oval:def:8531 The "Modify an object label" setting should be configured correctly. oval:org.secpod.oval:def:8511 The "Audit: Audit the use of Backup and Restore privilege" setting should be configured correctly. oval:org.secpod.oval:def:8597 The "MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning" setting should be configured correctly. oval:org.secpod.oval:def:8506 The "Recovery console: Allow floppy copy and access to all drives and all folders" setting should be configured correctly. oval:org.secpod.oval:def:8497 The "Impersonate a client after authentication" setting should be configured correctly. oval:org.secpod.oval:def:8528 The "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8532 The "Devices: Prevent users from installing printer drivers" setting should be configured correctly. oval:org.secpod.oval:def:8503 The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8586 The "Microsoft network server: Digitally sign communications (always)" setting should be configured correctly. oval:org.secpod.oval:def:8547 The "User Account Control: Virtualize file and registry write failures to per-user locations" setting should be configured correctly. oval:org.secpod.oval:def:8524 The "Domain Controller: Allow server operators to schedule tasks" setting should be configured correctly. oval:org.secpod.oval:def:8519 The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:7896 The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ... oval:org.secpod.oval:def:7701 This setting requires if users need to maintain certain complexity or not. oval:org.secpod.oval:def:7705 This setting holds if we need to store passwords using reversible encryption. oval:org.secpod.oval:def:7699 MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended) oval:org.secpod.oval:def:7702 This forces users to change their passwords regularly. oval:org.secpod.oval:def:7703 The number of passwords remembered oval:org.secpod.oval:def:7704 This setting requires users password to have certain minimum number of characters oval:org.secpod.oval:def:7700 This setting requires users to wait for a certain number of days before changing their password again. oval:org.secpod.oval:def:8498 The "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8558 The "Network security: Do not store LAN Manager hash value on next password change" setting should be configured correctly. oval:org.secpod.oval:def:8602 The "User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode" setting should be configured correctly. oval:org.secpod.oval:def:8554 The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8576 The "User Account Control: Behavior of the elevation prompt for standard users" setting should be configured correctly. oval:org.secpod.oval:def:8494 The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8574 The "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8496 The "Create permanent shared objects" setting should be configured correctly. oval:org.secpod.oval:def:8500 The "Load and unload device drivers (SeLoadDriverPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8505 The "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8584 The "Devices: Allowed to format and eject removable media" setting should be configured correctly. oval:org.secpod.oval:def:8502 The "Enable computer and user accounts to be trusted for delegation (SeEnableDelegationPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:8555 The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:8595 The "System objects: Require case insensitivity for non-Windows subsystems" setting should be configured correctly. oval:org.secpod.oval:def:8526 The "Network access: Named Pipes that can be accessed anonymously" setting should be configured correctly. oval:org.secpod.oval:def:8513 The "Domain member: Require strong (Windows 2000 or later) session key" setting should be configured correctly. oval:org.secpod.oval:def:8577 The "Microsoft network client: Digitally sign communications (always)" setting should be configured correctly. oval:org.secpod.oval:def:8539 The "Accounts: Rename administrator account" setting should be configured correctly. oval:org.secpod.oval:def:8537 The "Interactive logon: Message text for users attempting to log on" setting should be configured correctly. oval:org.secpod.oval:def:8606 The "Network access: Shares that can be accessed anonymously" setting should be configured correctly. oval:org.secpod.oval:def:10271 Auditing of "Registry" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10272 The "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:10273 Auditing of "Kerberos Authentication Service" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10274 Auditing of "Credential Validation" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10275 Auditing of "Process Termination" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10276 Auditing of "DPAPI Activity" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10277 Auditing of "File System" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10278 Auditing of "Directory Service Replication" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10270 Auditing of "Filtering Platform Connection" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10268 Auditing of "RPC Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10269 Auditing of "Handle Manipulation" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10282 Auditing of "Application Group Management" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10283 Auditing of "RPC Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10284 Auditing of "Security System Extension" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10285 Auditing of "Registry" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10286 Auditing of "Detailed Directory Service Replication" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10287 Auditing of "Special Logon" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10167 The "Devices: Restrict CD-ROM access to locally logged-on user only" setting should be configured correctly. oval:org.secpod.oval:def:10288 Auditing of "Security Group Management" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10289 Auditing of "Other Account Logon Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10280 Auditing of "Audit account management" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10281 The application log maximum size should be configured correctly. oval:org.secpod.oval:def:10279 Auditing of "IPsec Quick Mode" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10250 Auditing of "Audit Policy Change" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10251 Auditing of "Filtering Platform Connection" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10252 Auditing of "System Integrity" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10253 Auditing of "Logon" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10254 Auditing of "Security Group Management" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10255 Auditing of "Directory Service Changes" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10256 Auditing of "Security State Change" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10246 Auditing of "Computer Account Management" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10247 The "Shutdown: Clear virtual memory pagefile" setting should be configured correctly. oval:org.secpod.oval:def:10248 Auditing of "Kernel Object" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10249 The "Network security: Force logoff when logon hours expire" setting should be configured correctly. oval:org.secpod.oval:def:10260 Auditing of "SAM" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10261 Auditing of "Application Group Management" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10262 Auditing of "Logon" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10263 Auditing of "Filtering Platform Packet Drop" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10264 Auditing of "Other Account Management Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10265 Auditing of "File System" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10266 Auditing of "Detailed Directory Service Replication" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10267 Auditing of "Filtering Platform Policy Change" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10257 Auditing of "Authorization Policy Change" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10258 Auditing of "Credential Validation" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10259 Auditing of "MPSSVC Rule-Level Policy Change" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10194 Auditing of "Certification Services" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10195 The "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:10196 Auditing of "Non Sensitive Privilege Use" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10197 Auditing of "Account Lockout" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10198 Auditing of "Audit object access" events on sucess should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10199 Auditing of "Authentication Policy Change" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10190 Auditing of "Other Account Management Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10191 Auditing of "IPsec Quick Mode" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10172 Auditing of "Directory Service Replication" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10293 Auditing of "Network Policy Server" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10294 Auditing of "Audit directory service access" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10173 Auditing of "Other Policy Change Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10174 The "Retention method for application log" setting should be configured correctly. oval:org.secpod.oval:def:10295 Auditing of "Other Object Access Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10175 The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:10296 Auditing of "Kerberos Authentication Service" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10176 The "Retention method for security log" setting should be configured correctly. oval:org.secpod.oval:def:10297 Auditing of "File Share" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10298 Auditing of "DPAPI Activity" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10177 Auditing of "Audit system events" events on sucess should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10178 Auditing of "Security System Extension" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10299 Auditing of "Non Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10179 The "Manage auditing and security log (SeSecurityPrivilege)" setting should be configured correctly. oval:org.secpod.oval:def:10290 Auditing of "Authentication Policy Change" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10291 Auditing of "Logoff" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10170 Auditing of "Distribution Group Management" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10171 Auditing of "Other Account Logon Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10292 Auditing of "Authorization Policy Change" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10183 Auditing of "SAM" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10184 The "Network access: Do not allow anonymous enumeration of SAM accounts" setting should be configured correctly. oval:org.secpod.oval:def:10186 Auditing of "Other Logon/Logoff Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10187 Auditing of "Process Creation" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10188 Auditing of "Other System Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10189 Auditing of "Other Object Access Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10180 Auditing of "Account Lockout" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10181 Auditing of "Directory Service Access" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10182 Auditing of "Audit system events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10310 The "Always Prompt Client for Password upon Connection" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:10311 The default behavior for AutoRun should be properly configured. oval:org.secpod.oval:def:10301 Auditing of "IPsec Driver" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10302 Auditing of "Special Logon" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10303 Auditing of "Filtering Platform Policy Change" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10304 Auditing of "Other Logon/Logoff Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10305 Auditing of "Logoff" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10306 Auditing of "Application Generated" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10307 Auditing of "Directory Service Changes" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10200 Auditing of "Other System Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10201 Auditing of "Kernel Object" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10312 The "Reschedule Automatic Updates scheduled installations" setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10313 Disable saving of dial-up passwords should be properly configured. oval:org.secpod.oval:def:10314 The "Unsigned Driver Installation Behavior" policy should be set correctly. oval:org.secpod.oval:def:10315 The "Disable remote Desktop Sharing" setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10316 The "Configure Automatic Updates" setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10317 The "Enumerate administrator accounts on elevation" setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10318 The "No auto-restart for scheduled Automatic Updates installations" policy should be set correctly. oval:org.secpod.oval:def:10300 The "Retention method for system log" setting should be configured correctly. oval:org.secpod.oval:def:10230 Auditing of "Application Generated" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10231 Auditing of "Other Privilege Use Events" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10232 Auditing of "Network Policy Server" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10233 Auditing of "Process Creation" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10234 The "Devices: Restrict floppy access to locally logged-on user only" setting should be configured correctly. oval:org.secpod.oval:def:10224 Auditing of "Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10225 Auditing of "IPsec Extended Mode" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10226 Auditing of "IPsec Driver" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10227 Auditing of "MPSSVC Rule-Level Policy Change" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10228 Auditing of "Certification Services" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10229 Auditing of "Directory Service Access" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10240 Auditing of "File Share" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10241 Auditing of "Kerberos Service Ticket Operations" events on success should be enabled or disabled as appropriate. Auditing of "Kerberos Service Ticket Operations" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10242 Auditing of "Handle Manipulation" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10243 Auditing of "IPsec Main Mode" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10244 Auditing of "User Account Management" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10245 Auditing of "Security State Change" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10236 Auditing of "Other Policy Change Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10237 Auditing of "Other Privilege Use Events" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10238 Auditing of "Process Termination" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10239 Auditing of "User Account Management" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10210 Auditing of "Audit policy change" events on sucess should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10211 Auditing of "Audit Policy Change" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10212 The "Log on as a service (SeServiceLogonRight)" setting should be configured correctly. oval:org.secpod.oval:def:10202 Auditing of "Sensitive Privilege Use" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10204 Auditing of "Audit logon events" events on sucess should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10205 Auditing of "Audit account logon events" events on sucess should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10206 Auditing of "IPsec Main Mode" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10207 The system log maximum size should be configured correctly. oval:org.secpod.oval:def:10208 Auditing of "Audit privilege use" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10209 Auditing of "IPsec Extended Mode" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10220 The "Accounts: Administrator account status" setting should be configured correctly. oval:org.secpod.oval:def:10221 The "Network access: Do not allow anonymous enumeration of SAM accounts and shares" setting should be configured correctly. oval:org.secpod.oval:def:10222 The "Interactive logon: Require Domain Controller authentication to unlock workstation" setting should be configured correctly. oval:org.secpod.oval:def:10223 Auditing of "System Integrity" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10213 Auditing of "Distribution Group Management" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10214 Auditing of "Computer Account Management" events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10215 Auditing of "Kerberos Service Ticket Operations" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10216 Auditing of "Filtering Platform Packet Drop" events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10217 The "MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives (recommended)" setting should be configured correctly. oval:org.secpod.oval:def:10218 The "Audit: Shut down system immediately if unable to log security audits" setting should be configured correctly. oval:org.secpod.oval:def:10219 The "Network access: Allow anonymous SID/Name translation" setting should be configured correctly. oval:org.secpod.oval:def:5645 Verify that all users are assigned a unique ID for access to system components or cardholder data and also verify that users are authenticated using unique ID and additional authentication (for example, a password) for access to the cardholder data environment. oval:org.secpod.oval:def:5646 Verify that inactive accounts over 90 days old are either removed or disabled. oval:org.secpod.oval:def:5025 If virtualization technologies are used, verify that only one primary function is implemented per virtual system component or device. oval:org.secpod.oval:def:5024 Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.) oval:org.secpod.oval:def:5021 Malicious software, commonly referred to as malware including viruses, worms, and Trojans enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Ant ... oval:org.secpod.oval:def:8565 This policy setting determines the length of time before the Account lockout threshold resets to zero. oval:org.secpod.oval:def:8570 The "Interactive logon: Prompt user to change password before expiration" setting should be configured correctly oval:org.secpod.oval:def:8546 The "Microsoft network server: Digitally sign communications (if client agrees)" setting should be configured correctly. oval:org.secpod.oval:def:8573 The "Interactive logon: Do not require CTRL+ALT+DEL" setting should be configured correctly. oval:org.secpod.oval:def:8514 The "Network access: Let Everyone permissions apply to anonymous users" setting should be configured correctly. oval:org.secpod.oval:def:8504 The "Network access: Remotely accessible registry paths" setting should be configured correctly. oval:org.secpod.oval:def:8548 The "Microsoft network client: Send unencrypted password to third-party SMB servers" setting should be configured correctly. oval:org.secpod.oval:def:8571 The "Network security: LDAP client signing requirements" setting should be configured correctly. oval:org.secpod.oval:def:8510 The "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" setting should be configured correctly. oval:org.secpod.oval:def:8585 The "Microsoft network client: Digitally sign communications (if server agrees)" setting should be configured correctly. oval:org.secpod.oval:def:8536 The "Domain member: Digitally encrypt or sign secure channel data (always)" setting should be configured correctly. oval:org.secpod.oval:def:8550 The "Domain member: Maximum machine account password age" setting should be configured correctly. oval:org.secpod.oval:def:8535 The "Interactive logon: Do not display last user name" setting should be configured correctly. oval:org.secpod.oval:def:8540 The "Microsoft network server: Amount of idle time required before suspending session" setting should be configured correctly. oval:org.secpod.oval:def:8583 The "Accounts: Rename guest account" setting should be configured correctly. oval:org.secpod.oval:def:8549 The "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" setting should be configured correctly. oval:org.secpod.oval:def:8581 The "Domain member: Digitally sign secure channel data (when possible)" setting should be configured correctly. oval:org.secpod.oval:def:8578 The "Network access: Remotely accessible registry paths and sub paths" setting should be configured correctly. |