[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:gov.nist.usgcb.vista:def:8034
Auditing of "Policy Change: Audit Policy Change" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8020
Auditing of "Logon/Logoff: Logon" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8008
Auditing of "Detailed Tracking: Process Creation" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14486
The 'Maximum tolerance for computer clock synchronization' policy should be set correctly.

oval:org.secpod.oval:def:14483
The "Maximum Service Ticket Litfetime" policy should be set correctly.

oval:org.secpod.oval:def:14453
Domain Profile: 'Allow file and printer sharing exception' (SP2 only)

oval:org.secpod.oval:def:14457
Domain Profile: 'Allow Remote Desktop exception' (SP2 only)

oval:org.secpod.oval:def:14455
The 'Unicast response to multicast or broadcast requests' should be enabled or disabled as appropriate for the Standard Profile.

oval:org.secpod.oval:def:14450
The 'Windows Firewall: Prohibit notifications' setting should be configured correctly for the Standard Profile.

oval:org.secpod.oval:def:14462
The 'TCP/IP PMTU Discovery' should be properly configured.

oval:org.secpod.oval:def:14459
Standard Profile: 'Define port exceptions' (SP2 only)

oval:gov.nist.usgcb.vista:def:6007
This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again.

oval:org.secpod.oval:def:14395
Domain Profile: 'Allow UPnP framework exception' (SP2 only)

oval:gov.nist.usgcb.vista:def:6106
Determines if an anonymous user can request security identifier (SID) attributes for another user.

oval:org.secpod.oval:def:14377
The 'restrict guest access to security log' policy should be set correctly.

oval:org.secpod.oval:def:14385
The 'restrict guest access to system log' policy should be set correctly.

oval:org.secpod.oval:def:14400
The 'Turn off Untrusted Content' setting should be configured correctly.

oval:org.secpod.oval:def:14514
The 'Prohibit use of Internet Connection Firewall on your DNS domain network' setting should be configured correctly.

oval:org.secpod.oval:def:14436
Standard Profile: 'Do not allow exceptions '(SP2 only)

oval:org.secpod.oval:def:14433
Standard Profile: 'Protect all network connections' (SP2 only)

oval:org.secpod.oval:def:14447
Domain Profile: 'Allow local program exceptions'

oval:org.secpod.oval:def:14444
Standard Profile: 'Allow Remote Desktop exception' (SP2 only)

oval:org.secpod.oval:def:14437
Standard Profile: 'Allow remote administration exception' (SP2 only)

oval:org.secpod.oval:def:14410
Domain Profile: 'Do not allow exceptions' (SP2 only)

oval:org.secpod.oval:def:14412
Domain Profile: 'Define port exceptions' (SP2 only)

oval:org.secpod.oval:def:14406
Domain Profile: 'Allow remote administration'

oval:org.secpod.oval:def:14405
The 'restrict guest access to application log' policy should be set correctly.

oval:org.secpod.oval:def:14409
Domain Profile: 'Allow local port exceptions' (SP2 only)

oval:org.secpod.oval:def:14542
The 'Unsigned Driver Installation Behavior' policy should be set correctly.

oval:org.secpod.oval:def:14545
The 'Windows Firewall inbound program exceptions list' should be set appropriately for the Domain Profile.

oval:org.secpod.oval:def:14422
The 'Prevent IIS Installation' setting should be configured correctly.

oval:org.secpod.oval:def:14536
The Windows Firewall 'Windows Firewall: Define inbound program exceptions' policy should be enabled or disabled as appropriate for the Domain Profile.

oval:org.secpod.oval:def:14414
Auditing of 'system' events on failure should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6667
Allow remote access to the PnP interface

oval:gov.nist.usgcb.vista:def:8005
Auditing of "Account Management: Security Group Management" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8006
Auditing of "Account Management: User Account Management" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6071
Network access: Do not allow anonymous enumeration of SAM accounts and shares

oval:gov.nist.usgcb.vista:def:6122
This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor.

oval:gov.nist.usgcb.vista:def:6036
Domain member: Disable machine account password changes

oval:gov.nist.usgcb.vista:def:6600
Set client connection encryption level

oval:gov.nist.usgcb.vista:def:6022
The built-in Administrator account should be correctly named.

oval:org.secpod.oval:def:14485
Auditing of 'Account Management: Application Group Management' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14498
Auditing of 'Object Access: Kernel Object' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6065
MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)

oval:org.secpod.oval:def:14530
Auditing of 'Policy Change: Authorization Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14496
Auditing of 'Detailed Tracking: Process Termination' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14470
Auditing of 'Privilege Use: Privilege Use: Other Privilege Use Events' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8088
Switch to the secure desktop when prompting for elevation

oval:gov.nist.usgcb.vista:def:6694
Turn on session logging

oval:gov.nist.usgcb.vista:def:116
MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering

oval:org.secpod.oval:def:14382
The 'Interactive logon: Requre smart card' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6638
The "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6566
RPC Endpoint Mapper Client Authentication

oval:org.secpod.oval:def:14525
Auditing of 'Privilege Use: Non Sensitive Privilege Use' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6075
Network access: Remotely accessible registry paths

oval:gov.nist.usgcb.vista:def:6004
This policy setting checks all new password to ensure that they meet basic requirements for strong password.

oval:org.secpod.oval:def:14458
The MSS:(TCPMaxConnectResponseRetransmission) 'SYN-ACK retansmissions' when a connection request is not acknowledged

oval:gov.nist.usgcb.vista:def:8089
Virtualize file and registry write failures to per-user locations

oval:gov.nist.usgcb.vista:def:6003
This policy setting determines the number of days that you must use a password before you can change it.

oval:gov.nist.usgcb.vista:def:6666
Prohibit Access of the Windows Connect Now Wizards

oval:gov.nist.usgcb.vista:def:6053
Microsoft network server: Disconnect clients when logon hours expire

oval:gov.nist.usgcb.vista:def:6063
MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended)

oval:gov.nist.usgcb.vista:def:6609
The "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6563
Offer Remote Assistance

oval:gov.nist.usgcb.vista:def:6607
The "Access this computer from the network (SeNetworkLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6047
Microsoft network client: Digitally sign communications (always)

oval:org.secpod.oval:def:14417
Auditing of 'object access' events on failure should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6104
System objects: Require case insensitivity for non-Windows subsystems

oval:org.secpod.oval:def:14393
The 'when maximum log size is reached' property should be set correctly for the System log.

oval:gov.nist.usgcb.vista:def:6097
Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers

oval:gov.nist.usgcb.vista:def:6026
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings

oval:gov.nist.usgcb.vista:def:6068
MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)

oval:gov.nist.usgcb.vista:def:6038
Domain member: Require strong (Windows 2000 or later) session key

oval:gov.nist.usgcb.vista:def:6008
This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon at ...

oval:gov.nist.usgcb.vista:def:6648
Administrators may manage the auditing and security log

oval:org.secpod.oval:def:14500
Auditing of 'Logon/Logoff: IPsec Quick Mode' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6669
Do not send a Windows Error Report when a generic driver is installed on a device

oval:gov.nist.usgcb.vista:def:6005
This policy setting determines whether the operating system stores passwords in a way that uses reversible encryption, which provides support for application protocols that require knowledge of the user's password for authentication purposes.

oval:gov.nist.usgcb.vista:def:6616
The "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:14378
The 'TCP/IP SYN Flood Attack Protection' should be properly configured.

oval:org.secpod.oval:def:14374
Auditing of 'privilege use' events on success should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6623
The "Change the system time (SeSystemTimePrivilege)" setting should be configured correctly.

oval:org.secpod.oval:def:14404
The 'Log Access For Setup Log' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6647
The log-on-as-a-service user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:14499
Auditing of 'Detailed Tracking: RPC Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7708
Enables desktop screen savers. If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options. If you do not configure ...

oval:org.secpod.oval:def:14411
The 'when maximum log size is reached' property should be set correctly for the Security log.

oval:gov.nist.usgcb.vista:def:6049
Microsoft network client: Send unencrypted password to third-party SMB servers

oval:gov.nist.usgcb.vista:def:6095
Network Security: LDAP client signing requirements

oval:org.secpod.oval:def:14528
Auditing of 'Object Access: File Share' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6050
Microsoft network server: Amount of idle time required before suspending session

oval:gov.nist.usgcb.vista:def:8026
Auditing of "Object Access: File System" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6634
The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6094
Network Security: LAN Manager Authentication Level

oval:org.secpod.oval:def:14532
Auditing of 'Policy Change: MPSSVC Rule-Level Policy Change' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14540
The 'Automatic Reboot After System Crash' should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14527
Auditing of 'Object Access: Other Object Access Events' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14505
Auditing of 'Object Access: Handle Manipulation' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14451
The 'Display user information when the session is locked' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6101
Shutdown: Clear Virtual Memory Pagefile

oval:gov.nist.usgcb.vista:def:8084
Detect application installations and prompt for elevation

oval:gov.nist.usgcb.vista:def:6059
MSS: (KeepAliveTime)How often keep-alive packets are sent in milliseconds

oval:org.secpod.oval:def:14534
The 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies' setting should be configured properly.

oval:gov.nist.usgcb.vista:def:6654
The "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6023
The built-in Guest account should be correctly named.

oval:gov.nist.usgcb.vista:def:6002
This policy setting defines how long a user can use their password before it expires.

oval:gov.nist.usgcb.vista:def:6027
Audit: Shut down system immediately if unable to log security audits

oval:gov.nist.usgcb.vista:def:8035
Auditing of "Policy Change: Authentication Policy Change" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6072
Network access: Do not allow storage of credentials or .NET Passports for network authentication

oval:gov.nist.usgcb.vista:def:6054
MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)

oval:gov.nist.usgcb.vista:def:6064
MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)

oval:gov.nist.usgcb.vista:def:8081
Admin Approval Mode for the Built-in Administrator account

oval:gov.nist.usgcb.vista:def:6074
Network access: Named Pipes that can be accessed anonymously

oval:org.secpod.oval:def:14381
Auditing of 'policy change' events on success should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6613
The "Allow log on locally" setting should be configured correctly.

oval:org.secpod.oval:def:14398
Auditing of 'process tracking' events on success should be enabled or disabled as appropriate..

oval:org.secpod.oval:def:14543
Disable 'saving of dial-up passwords' should be properly configured.

oval:gov.nist.usgcb.vista:def:6625
The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:8002
Auditing of "Account Management: Computer Account Management" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6096
Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients

oval:org.secpod.oval:def:14440
The 'Windows Firewall: Prohibit notifications' setting should be configured correctly for the Domain Profile.

oval:org.secpod.oval:def:14547
The 'CD Burning features in Windows Explorer' should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6030
Devices: Prevent users from installing printer drivers

oval:org.secpod.oval:def:14463
The startup type of the 'Internet Connection Sharing service' should be correct.

oval:gov.nist.usgcb.vista:def:6114
If this setting is enabled Windows Error Reporting events will not be logged to the system event log.

oval:org.secpod.oval:def:14501
Auditing of 'DS Access: Directory Service Access' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6658
The "Synchronize directory service data" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:8019
Auditing of "Logon/Logoff: Logoff" events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14541
The 'Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)' policy should be set correctly.

oval:gov.nist.usgcb.vista:def:6070
Network access: Do not allow anonymous enumeration of SAM accounts

oval:gov.nist.usgcb.vista:def:6119
Turn off shell protocol protected mode

oval:gov.nist.usgcb.vista:def:6504
Notify antivirus programs when opening attachments

oval:gov.nist.usgcb.vista:def:6006
This policy setting determines the least number of characters that make up a password for a user account.

oval:gov.nist.usgcb.vista:def:6626
The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6726
You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min)

oval:gov.nist.usgcb.vista:def:6565
Restrictions for Unauthenticated RPC clients

oval:gov.nist.usgcb.vista:def:6599
Always prompt client for password upon connection

oval:gov.nist.usgcb.vista:def:6126
Prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet). When enabled, Windows Media DRM is prevented from accessing the Internet (or intranet) for license acquisition and security upgrades.

oval:org.secpod.oval:def:14401
The 'System availability to Master Browser' should be properly configured.

oval:gov.nist.usgcb.vista:def:6624
The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:8043
Auditing of "System: Ipsec Driver" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6641
The "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:8087
Run all administrators in Admin Approval Mode

oval:gov.nist.usgcb.vista:def:6640
The "Impersonate a client after authentication" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6653
The "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6025
Audit: Audit the use of Backup and Restore privilege

oval:org.secpod.oval:def:14478
Auditing of 'Logon/Logoff: IPsec Extended Mode' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14389
The 'when maximum log size is reached' property should be set correctly for the Application log.

oval:gov.nist.usgcb.vista:def:6651
The "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6021
Accounts: Limit local account use to blank passwords to console logon only

oval:gov.nist.usgcb.vista:def:6105
System objects: Strengthen default permissions of internal system objects

oval:gov.nist.usgcb.vista:def:6079
Network access: Sharing and security model for local accounts

oval:org.secpod.oval:def:14487
Auditing of 'Object Access: Certification Services' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14511
Auditing of 'Detailed Tracking: DPAPI Activity' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6621
The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6657
The "Shut down the system (SeShutdownPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6100
Shutdown: Allow System to be Shut Down Without Having to Log On

oval:gov.nist.usgcb.vista:def:6061
MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers

oval:gov.nist.usgcb.vista:def:6037
Domain member: Maximum machine account password age

oval:gov.nist.usgcb.vista:def:6129
Sidebar gadgets can be deployed as compressed files, either digitally signed or unsigned. If you enable this setting, Windows Sidebar will not extract any gadgets that have not been digitally signed. If you disable or do not configure this setting, Window

oval:gov.nist.usgcb.vista:def:6633
The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:14439
The 'Turn Off Access to All Windows Update Feature' setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6069
MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning

oval:gov.nist.usgcb.vista:def:6062
MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended)

oval:gov.nist.usgcb.vista:def:6575
Enumerate administrator accounts on elevation

oval:gov.nist.usgcb.vista:def:6639
The "Generate security audits (SeAuditPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:8032
Auditing of "Object Access: Registry" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6024
Audit the access of global system objects is disabled

oval:gov.nist.usgcb.vista:def:6080
Network security: Do not store LAN Manager hash value on next password change

oval:gov.nist.usgcb.vista:def:8004
Auditing of "Account Management: Other Account Management Events" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6046
Interactive logon: Require Domain Controller authentication to unlock workstation

oval:gov.nist.usgcb.vista:def:6714
Prompt for password on resume from hibernate / suspend

oval:gov.nist.usgcb.vista:def:6612
The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:8047
Auditing of "System: System Integrity" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:8086
Only elevate UIAccess applications that are installed in secure locations

oval:gov.nist.usgcb.vista:def:6102
System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

oval:gov.nist.usgcb.vista:def:6055
MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)

oval:org.secpod.oval:def:14535
The 'System cryptography: Force strong key protection for user keys stored on the computer' policy should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6039
Interactive logon: Do not display last user name

oval:gov.nist.usgcb.vista:def:8042
Sensitive Privilege Use

oval:org.secpod.oval:def:14482
Auditing of 'DS Access: Detailed Directory Service Replication' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6001
This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password.

oval:gov.nist.usgcb.vista:def:6031
Devices: Restrict CD-ROM access to locally logged-on user only

oval:gov.nist.usgcb.vista:def:8022
Auditing of "Logon/Logoff: Special Logon" events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6644
The "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6073
Network access: Let Everyone permissions apply to anonymous users

oval:org.secpod.oval:def:14466
Auditing of 'Account Management: Distribution Group Management' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14429
Logon - 'Do not process the legacy run' list

oval:gov.nist.usgcb.vista:def:6033
Domain member: Digitally encrypt or sign secure channel data (when possible)

oval:gov.nist.usgcb.vista:def:6057
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes

oval:org.secpod.oval:def:14480
Auditing of 'Object Access: SAM' events on success should be enabled or disabled as appropriate.

oval:gov.nist.USGCB.vistafirewall:def:6530
Inbound Connections - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6531
Outbound Connections - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6532
Display a Notification - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6411
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6533
Unicast response to multicast or broadcast requests should be enabled or disabled as appropriate for the Public Profile.

oval:gov.nist.USGCB.vistafirewall:def:6412
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6534
Apply Local Firewall Rules - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6413
The log file path and name for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6535
Apply Local Connection Security Rules - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6414
The log file size limit for the Windows Firewall should be configured correctly for the Private Profile.

oval:gov.nist.USGCB.vistafirewall:def:6520
Apply Local Firewall Rules - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6529
Firewall state - Public Profile

oval:gov.nist.USGCB.vistafirewall:def:6521
Apply Local Connection Security Rules - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6401
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6522
Firewall state - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6523
Inbound Connections - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6402
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6403
Domain Profile: The log file path and name for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6524
Outbound Connections - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6404
The log file size limit for the Windows Firewall should be configured correctly for the Domain Profile.

oval:gov.nist.USGCB.vistafirewall:def:6525
Display a Notification - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6526
Allow Unicast Response - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6527
Apply Local Firewall Rules - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6528
Apply Local Connection Security Rules - Private Profile

oval:gov.nist.USGCB.vistafirewall:def:6518
Display a Notification - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6519
Allow Unicast Response - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6515
Firewall state - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6517
Outbound Connections - Domain Profile

oval:gov.nist.USGCB.vistafirewall:def:6421
The "Log Dropped Packets" option for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.vistafirewall:def:6422
The "Log Successful Connections" option for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.vistafirewall:def:6423
The log file path and name for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.USGCB.vistafirewall:def:6424
The log file size limit for the Windows Firewall should be configured correctly for the Public Profile.

oval:gov.nist.usgcb.vista:def:6041
Interactive logon: Message text for users attempting to log on

oval:gov.nist.usgcb.vista:def:6652
The "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6670
Turn Off Windows Update Device Driver Search Prompt

oval:gov.nist.usgcb.vista:def:6098
Recovery Console: Allow Automatic Administrative Logon

oval:org.secpod.oval:def:14508
Auditing of 'Policy Change: Other Policy Change Events' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14452
Access to 'registry editing tools' is set correctly.

oval:gov.nist.usgcb.vista:def:6081
Network security: Force logoff when logon hours expire

oval:gov.nist.usgcb.vista:def:6077
Network access: Restrict anonymous access to Named Pipes and Shares

oval:gov.nist.usgcb.vista:def:6725
This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min)

oval:gov.nist.usgcb.vista:def:6630
The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6045
Interactive logon: Require Domain Controller authentication to unlock workstation

oval:gov.nist.usgcb.vista:def:6042
Interactive logon: Message title for users attempting to log on

oval:gov.nist.usgcb.vista:def:6121
Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer.

oval:org.secpod.oval:def:14442
The 'DCOM: Machine access Restrictions in Security Descriptor Definition Language (SDDL) syntax' setting should be configured correctly.

oval:org.secpod.oval:def:14426
Auditing of 'directory service access' events on failure should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6044
Interactive logon: Prompt user to change password before expiration

oval:gov.nist.usgcb.vista:def:612261222
Prevents users from being prompted to update Windows Media Player. This policy prevents the Player from being updated and prevents users with administrator rights from being prompted to update the Player if an updated version is available. The Check for Player Updates command on the Help menu in the ...

oval:org.secpod.oval:def:14424
The 'security log maximum size' should be configured correctly.

oval:gov.nist.usgcb.vista:def:6043
Interactive logon: Number of previous logons to cache (in case domain controller is not available)

oval:org.secpod.oval:def:14464
The setup 'log maximum size' should be configured correctly.

oval:gov.nist.usgcb.vista:def:6032
Devices: Restrict Floppy access to locally logged-on user only

oval:org.secpod.oval:def:14407
The 'system log maximum size' should be configured correctly.

oval:org.secpod.oval:def:14421
Auditing of 'account management' events on failure should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6649
The "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6689
Require a Password when a Computer Wakes (On Battery)

oval:gov.nist.usgcb.vista:def:6570
Turn off Search Companion content file updates

oval:org.secpod.oval:def:14430
The 'Allow undock without having to logon' policy should be set correctly.

oval:org.secpod.oval:def:14503
Auditing of 'Policy Change: Filtering Platform Policy Change' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14419
The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly.

oval:org.secpod.oval:def:14521
Auditing of 'DS Access: Directory Service Changes' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6631
The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:14467
Auditing of 'DS Access: Directory Service Replication' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6115
If this setting is enabled, Windows Error Reporting will not send any problem information to Microsoft. Additionally, solution information will not be available in the Problem Reports and Solutions control panel.

oval:gov.nist.usgcb.vista:def:60771
Network access: Shares that can be accessed anonymously

oval:gov.nist.usgcb.vista:def:6051
Microsoft network server: Digitally sign communications (always)

oval:gov.nist.usgcb.vista:def:6659
The "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6595
Disable remote Desktop Sharing

oval:gov.nist.usgcb.vista:def:243
This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user.

oval:org.secpod.oval:def:14523
Auditing of 'Object Access: Application Generated' events on success should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6034
Domain member: Digitally encrypt or sign secure channel data (always)

oval:gov.nist.usgcb.vista:def:8085
Only elevate executables that are signed and validated

oval:org.secpod.oval:def:14522
Auditing of 'Object Access: Filtering Platform Connection' events on failure should be enabled or disabled as appropriate.

oval:gov.nist.usgcb.vista:def:6596
Do not allow passwords to be saved

oval:gov.nist.usgcb.vista:def:6056
MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS)

oval:gov.nist.usgcb.vista:def:6690
Require a Password when a Computer Wakes (Plugged)

oval:org.secpod.oval:def:14520
Auditing of 'Logon/Logoff: Other Logon/Logoff Events' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14473
Auditing of 'Logon/Logoff: Account Lockout' events on success should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14481
Auditing of 'Logon/Logoff: IPsec Main Mode' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:14397
The 'application log maximum size' should be configured correctly.

oval:gov.nist.usgcb.vista:def:6628
The "Debug programs (SeDebugPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6099
Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders

oval:org.secpod.oval:def:14403
Auditing of 'account logon' events on failure should be enabled or disabled as appropriate..

oval:gov.nist.usgcb.vista:def:6636
The "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly.

oval:org.secpod.oval:def:14533
The 'add workstations to domain' user right should be assigned to the correct accounts.

oval:org.secpod.oval:def:14415
The 'Allowed to Format and Eject Removable NTFS Media' policy should be set correctly.

oval:org.secpod.oval:def:14472
Auditing of 'Object Access: Filtering Platform Packet Drop' events on failure should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:7710
The Screen Saver Executable Name setting should be configured correctly for the current user.

oval:gov.nist.usgcb.vista:def:6048
Microsoft network client: Digitally sign communications (if server agrees)

oval:gov.nist.usgcb.vista:def:8083
Behavior of the elevation prompt for standard users

oval:gov.nist.usgcb.vista:def:8082
Behavior of the elevation prompt for administrators in Admin Approval Mode

oval:gov.nist.usgcb.vista:def:6642
Administrators may load and unload device drivers

oval:gov.nist.usgcb.vista:def:6655
The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6643
The "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6650
The "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6617
The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6627
The "Create permanent shared objects" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6715
Prevent users from sharing files within their profile

oval:org.secpod.oval:def:14538
The 'add workstations to domain' user right should be assigned to the correct accounts.

oval:gov.nist.usgcb.vista:def:6708
Screen Saver timeout

oval:gov.nist.usgcb.vista:def:242
This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user.

oval:gov.nist.usgcb.vista:def:662391
The "Increase a process working set" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:6076
Network access: Remotely accessible registry paths and sub paths

oval:gov.nist.usgcb.vista:def:662371
The "Modify an object label" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:662381
The "Change the time zone" setting should be configured correctly.

oval:gov.nist.usgcb.vista:def:20012
Allowing source routed network traffic allows attackers to obscure their identity and location.

oval:gov.nist.usgcb.vista:def:20014
MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default).

oval:gov.nist.usgcb.vista:def:20019
This setting was added to Windows Vista SP1 specifically to enable Remote Assistance. It allows certain applications stored in secure folders, such as system32, to bypass the secure desktop so that they can function as designed. Enabling this setting will lower security slightly but enable Remote As ...

oval:gov.nist.usgcb.vista:def:100213
The "No auto-restart for scheduled Automatic Updates installations

oval:gov.nist.usgcb.vista:def:100214
reschedule automatic updates

oval:gov.nist.usgcb.vista:def:100205
do not process the run once list

oval:gov.nist.usgcb.vista:def:100208
configure automatic updates

oval:gov.nist.usgcb.vista:def:100055
Default behavior for AutoRun

oval:gov.nist.usgcb.vista:def:65741
Turn off Autoplay is set correctly.

oval:gov.nist.usgcb.vista:def:6707
Password protect the screen saver

oval:gov.nist.usgcb.vista:def:6052
Microsoft network server: Digitally sign communications (if client agrees)

oval:gov.nist.usgcb.vista:def:6040
Interactive logon: Do not require CTRL+ALT+DEL

oval:gov.nist.usgcb.vista:def:6009
This policy setting determines the length of time before the Account lockout threshold resets to zero.

oval:gov.nist.usgcb.vista:def:6035
Domain member: Digitally sign secure channel data (when possible)

CPE    1
cpe:/o:microsoft:windows_vista
CCE    373
CCE-4228-3
CCE-4183-0
CCE-5137-5
CCE-5094-8
...
*XCCDF
xccdf_org.secpod_benchmark_nerc_cip_Windows_Vista

© SecPod Technologies