Download
| Alert*
oval:org.secpod.oval:def:8440
The "Maximum User Ticket Lifetime" policy should be set correctly. oval:org.secpod.oval:def:8454 The "LAN Manager Authentication Level" policy should be set correctly. oval:org.secpod.oval:def:7688 The Password protect the screen saver setting should be configured correctly. oval:org.secpod.oval:def:8384 The "Maximum Service Ticket Lifetime" policy should be set correctly. oval:org.secpod.oval:def:8484 The "Registry policy processing" policy should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8364 The built-in Administrator account should be correctly named. oval:org.secpod.oval:def:8482 The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured properly. oval:org.secpod.oval:def:8492 The "Prevent System Maintenance of Computer Account Password" policy should be set correctly. oval:org.secpod.oval:def:8453 The "Enforce user logon restrictions" policy should be set correctly. oval:org.secpod.oval:def:8439 The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8450 The "Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders" policy should be set correctly. oval:org.secpod.oval:def:8431 The "Allowed to Format and Eject Removable NTFS Media" policy should be set correctly. oval:org.secpod.oval:def:8471 The "Disconnect clients when logon hours expire" policy should be set correctly. oval:org.secpod.oval:def:8479 The "Remote Control Settings" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8435 The "Refuse machine account password change" policy should be set correctly. oval:org.secpod.oval:def:8455 Disallow Installation of Printers Using Kernel-mode Drivers should be properly configured. oval:org.secpod.oval:def:8489 The Security Audit log warning level should be properly configured. oval:org.secpod.oval:def:8463 The "Remotely accessible registry paths" policy should be set correctly. The "Remotely accessible registry paths" policy should be set correctly. oval:org.secpod.oval:def:8445 The "Limit Users to One Remote Session" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8467 The "Enable Error Reporting" policy should be set correctly. oval:org.secpod.oval:def:8486 The "Remotely accessible registry paths and subpaths" policy should be set correctly. oval:org.secpod.oval:def:8421 The "deny logon locally" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8424 The "deny logon as a service" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8481 The number of retransmissions sent of TCP data segments before the connection is dropped should be set correctly. oval:org.secpod.oval:def:8452 Automatic Logon should be properly configured. oval:org.secpod.oval:def:8456 The "Number of Previous Logons to Cache" policy should be set correctly. oval:org.secpod.oval:def:8480 The "Create global objects" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8470 The "Prevent Users from Installing Printer Drivers" policy should be set correctly. oval:org.secpod.oval:def:8433 Autoplay on all Drive Types should be properly configured. oval:org.secpod.oval:def:8448 The "Message text for users attempting to log on" policy should be set correctly. oval:org.secpod.oval:def:8423 The "increase scheduling priority" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8441 The "Do not Delete Temp folder on exit" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8472 Safe DLL Search Mode should be properly configured. oval:org.secpod.oval:def:8478 The "Let Everyone permissions apply to anonymous users" policy should be set correctly. oval:org.secpod.oval:def:8468 The "Minimum session security for NTLM SSP based servers" policy should be set correctly. oval:org.secpod.oval:def:8443 The "Do not store LAN Manager hash value on next password change" policy should be set correctly. oval:org.secpod.oval:def:8483 The "Impersonate a client after authentication" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8491 The time in seconds before the screen saver grace period expires (ScreenSaverGracePeriod) setting should be configured correctly. oval:org.secpod.oval:def:8442 The behavior surrounding Anonymous users' ability to display lists of SAM accounts should be correct. oval:org.secpod.oval:def:8432 The "Shares that can be accessed anonymously" policy should be set correctly. oval:org.secpod.oval:def:8447 The "Set time limit for idle sessions" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8460 The "Force logoff when logon hours expire" policy should be set correctly. oval:org.secpod.oval:def:8436 The "Allow undock without having to logon" policy should be set correctly. oval:org.secpod.oval:def:8476 The "Users Prompted to Change Password Before Expiration" policy should be set correctly. oval:org.secpod.oval:def:8422 The "create a pagefile" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8446 The "Recovery Console: Allow Automatic Administrative Logon" policy should be set correctly. oval:org.secpod.oval:def:8444 The "Digitally Sign Client Communication (Always)" policy should be set correctly. oval:org.secpod.oval:def:8451 The "Allow Reconnection from Original Client Only" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8449 The "Smart Card Removal Behavior" policy should be set correctly. oval:org.secpod.oval:def:8464 The "Secure Channel: Digitally Encrypt or Sign Secure Channel Data (Always)" policy should be set correctly. oval:org.secpod.oval:def:8457 The "Do not Use Temp folders per Session" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8474 The "Unsigned Driver Installation Behavior" policy should be set correctly. The "Unsigned Driver Installation Behavior" policy should be set correctly. oval:org.secpod.oval:def:8430 The "Terminate session when time limits are reached" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8469 The amount of idle time required before disconnecting a session should be set correctly. oval:org.secpod.oval:def:8434 The "Allow Solicited Remote Assistance" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8473 The "Limit Number of Connections" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8466 Disable saving of dial-up passwords should be properly configured. oval:org.secpod.oval:def:8485 Anonymous access to Named Pipes and Shares via the network should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8488 The number of SYN-ACK retransmissions sent when attempting to respond to a SYN request should be configured correctly. oval:org.secpod.oval:def:8475 The "LDAP server signing requirements" policy should be set correctly. oval:org.secpod.oval:def:8428 The "log on locally" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8425 This setting requires users to wait for a certain number of days before changing their password again. oval:org.secpod.oval:def:8465 The built-in Guest account should be correctly named. oval:org.secpod.oval:def:8438 TCP/IP SYN Flood Attack Protection should be properly configured. oval:org.secpod.oval:def:8420 The "maximum password age" policy should meet minimum requirements. oval:org.secpod.oval:def:8462 MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes oval:org.secpod.oval:def:8426 Always Wait for the Network at Computer Startup and Logon should be properly configured. oval:org.secpod.oval:def:8487 The "System cryptography: Force strong key protection for user keys stored on the computer" policy should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8459 The "Require Case Insensitivity for Non-Windows Sybsystems" policy should be set correctly. oval:org.secpod.oval:def:8458 The "Named Pipes that can be accessed anonymously" policy should be set correctly. oval:org.secpod.oval:def:8437 The "Minimum session security for NTLM SSP based clients" policy should be set correctly. oval:org.secpod.oval:def:8490 The "Digitally Sign Client Communication (When Possible)" policy should be set correctly. oval:org.secpod.oval:def:8387 Background Refresh of Group Policy should be properly configured. oval:org.secpod.oval:def:8360 The TCP/IP KeepAlive Time should be set correctly. oval:org.secpod.oval:def:8415 The "allow logon through Terminal Services" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8362 The "LDAP client signing requirements" policy should be set correctly. oval:org.secpod.oval:def:8390 The "log on as a service" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8357 The "store password using reversible encryption for all users in the domain" policy should be set correctly. oval:org.secpod.oval:def:8365 The "profile single process" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8386 The "Digitally Sign Server Communication (Always)" policy should be set correctly. oval:org.secpod.oval:def:8368 The "Set time limit for disconnected sessions" policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:8379 The "adjust memory quotas for a process" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8401 The "Shut Down system immediately if unable to log security audits" policy should be set correctly. oval:org.secpod.oval:def:8373 The "Strengthen Default Permissions of Global System Objects" policy should be set correctly. oval:org.secpod.oval:def:8403 The "password must meet complexity requirements" policy should be set correctly. oval:org.secpod.oval:def:8391 The "shut down the system" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8409 The "Require Strong (Windows 2000 or later) Session Key" policy should be set correctly. oval:org.secpod.oval:def:8393 The "Limit local account user of blank passwords to console logon only" policy should be set correctly. oval:org.secpod.oval:def:7893 The maximum number of failed attempts that can occur before the account is locked out This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout dura ... oval:org.secpod.oval:def:8358 The "remove computer from docking station" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8369 Use of the built-in Guest account should be enabled or disabled as appropriate. oval:org.secpod.oval:def:8367 The "Send Unencrypted Password to Connect to Third-Party SMB Servers" policy should be set correctly. oval:org.secpod.oval:def:8378 The "Sharing and security model for local accounts" policy should be set correctly. oval:org.secpod.oval:def:8416 The "Require Domain Controller authentication to unlock workstation" policy should be set correctly. oval:org.secpod.oval:def:8382 The "modify firmware environment values" user right should be assigned to the correct accounts. The "modify firmware environment values" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8359 The "Message title for users attempting to log on" policy should be set correctly. oval:org.secpod.oval:def:8396 The "Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)" policy should be set correctly. oval:org.secpod.oval:def:8363 The "take ownership of files or other objects" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:7687 The Password protect the screen saver setting should be configured correctly. oval:org.secpod.oval:def:8394 The "force shutdown from a remote system" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8392 The "add workstations to domain" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8402 The "Use FIPS compliant algorithms for encryption, hashing, and signing" policy should be set correctly. oval:org.secpod.oval:def:8413 The startup type of the Messenger service should be correct. oval:org.secpod.oval:def:8411 The "act as part of the operating system" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8372 The "Default owner for objects created by members of the Administrators group" policy should be set correctly. oval:org.secpod.oval:def:8361 TCP/IP NetBIOS Name Release on Request Prevented should be properly configured. oval:org.secpod.oval:def:8383 IP Source Routing should be properly configured. oval:org.secpod.oval:def:8419 Display Last User Name in Logon Screen should be properly configured. oval:org.secpod.oval:def:8375 The "profile system performance" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:7690 The settings of screen saver should be enabled or disabled as appropriate for the current user. oval:org.secpod.oval:def:8355 The "debug programs" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8397 The "bypass traverse checking" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:7691 The Screen Saver Executable Name setting should be configured correctly for the current user. oval:org.secpod.oval:def:8406 The "Allow System to be Shut Down Without Having to Log On" policy should be set correctly. oval:org.secpod.oval:def:8404 The "enforce password history" policy should meet minimum requirements. oval:org.secpod.oval:def:8370 The startup type of the NetMeeting Remote Desktop Sharing service should be correct. oval:org.secpod.oval:def:8374 The "Maximum machine account password age" policy should be set correctly. oval:org.secpod.oval:def:8405 The "replace a process-level token" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8417 IRDP should be properly configured. oval:org.secpod.oval:def:8381 The "log on as a batch job" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8377 The "deny access to this computer from the network" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8388 The "Do Not Automatically Start Windows Messenger" policy should be set correctly. oval:org.secpod.oval:def:8399 The "Do not allow storage of credentials or .NET Passports" policy should be set correctly. oval:org.secpod.oval:def:8400 The "minimum password length" policy should meet minimum requirements. oval:org.secpod.oval:def:7692 The Screen Saver timeout setting should be configured correctly. oval:org.secpod.oval:def:8395 The "synchronize directory service data" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8414 The "Create a token object" user right should be assigned to the correct accounts. The "Create a token object" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8389 The "access this computer from the network" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8412 The "generate security audits" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8410 The "Allow Server Operators to Schedule Tasks" policy should be set correctly. oval:org.secpod.oval:def:8371 The "lock pages in memory" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8366 The "back up files and directories" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8408 The "enable computer and user accounts to be trusted for delegation" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8385 The "create permanent shared objects" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8407 The "restore files and directories" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:8418 The "Secure Channel: Digitally Sign Secure Channel Data (When Possible)" policy should be set correctly. oval:org.secpod.oval:def:10095 Auditing of 'process tracking' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10096 If the System log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:10097 The 'Secure Channel: Digitally Sign Secure Channel Data (When Possible)' policy should be set correctly. oval:org.secpod.oval:def:10098 The startup type of the Remote Access Auto connection Manager service should be correct. oval:org.secpod.oval:def:10099 The 'Anonymous access to the security event log' policy should be set correctly. oval:org.secpod.oval:def:10090 The 'restrict guest access to system log' policy should be set correctly. oval:org.secpod.oval:def:8429 The "reset account lockout counter after" policy should meet minimum requirements. oval:org.secpod.oval:def:10091 The startup type of the World Wide Web Publishing service should be correct. oval:org.secpod.oval:def:10092 The correct service permissions for the Messenger service should be assigned. oval:org.secpod.oval:def:10093 The startup type of the Simple TCP/IP service should be correct. oval:org.secpod.oval:def:10094 The system log maximum size should be configured correctly.. oval:org.secpod.oval:def:5023 For wireless environments connected to the cardholder data environment or transmitting cardholder data, change wireless vendor defaults, including but not limited to default wireless encryption keys, passwords, and SNMP community strings. oval:org.secpod.oval:def:10150 The 'Allow automatic updates immediate installation' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10151 The 'Do Not Allow Local Administrators to Customize Permissions' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:10152 The 'Disable Periodic Check For Internet Explorer Software Updates' setting should be configured correctly. oval:org.secpod.oval:def:10153 The 'Audit the use of backup and restore privilege' policy should be set correctly. oval:org.secpod.oval:def:10033 The 'deny logon as a batch job' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10154 Administrative Shares should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10155 The 'Maximum User Renewal Lifetime' policy should be set correctly. oval:org.secpod.oval:def:10034 The startup type of the Automatic Update service should be correct. oval:org.secpod.oval:def:10156 Automatic Reboot After System Crash should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10035 The startup type of the Internet Connection Sharing service should be correct. oval:org.secpod.oval:def:10036 The correct service permissions for the SNMP Trap service should be assigned. oval:org.secpod.oval:def:10157 Use of the built-in Administrator account should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10147 The 'Always Install with Elevated Privileges' policy should be set correctly. oval:org.secpod.oval:def:10148 The 'Secure Channel: Digitally Encrypt Secure Channel Data (When Possible)' policy should be set correctly. oval:org.secpod.oval:def:10149 The 'Enable User to Patch Elevated Products' policy should be set correctly. oval:org.secpod.oval:def:10040 The startup type of the Terminal Services service should be correct. oval:org.secpod.oval:def:10161 Authentication requirements for RPC clients should be configured appropriately. oval:org.secpod.oval:def:10041 The 'Allow Administrator to Install from Terminal Services Session' policy should be set correctly. oval:org.secpod.oval:def:10162 The 'Interactive logon: Requre smart card' setting should be configured correctly. oval:org.secpod.oval:def:10042 The 'Prevent Codec Download' policy should be set correctly for Windows MediaPlayer. oval:org.secpod.oval:def:10163 The 'DCOM: Machine Launch Restrictions in the Security Descriptor Definition Language (SDDL) syntax' security option should be set correctly. oval:org.secpod.oval:def:10043 The 'Allow System to be Shut Down Without Having to Log On' policy should be set correctly. oval:org.secpod.oval:def:10164 Kerberos and RSVP Traffic Protected by IPSec should be properly configured. oval:org.secpod.oval:def:10044 TCP/IP Dead Gateway Detection should be properly configured. oval:org.secpod.oval:def:10045 The 'restrict guest access to security log' policy should be set correctly. oval:org.secpod.oval:def:10046 The 'Security Zones: Do Not Allow Users to Add/Delete Sites' setting should be configured correctly. oval:org.secpod.oval:def:10047 The startup type of the Telnet service should be correct. oval:org.secpod.oval:def:10160 The automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10037 The correct service permissions for the Alerter service should be assigned. oval:org.secpod.oval:def:10158 RPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10159 System availability to Master Browser should be properly configured. oval:org.secpod.oval:def:10038 The 'Restrict Floppy Access to Locally Logged-On User Only' policy should be set correctly. oval:org.secpod.oval:def:10039 Auditing of 'directory service access' events on success should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10130 The startup type of the Background Intelligent Transfer Service (BITS) service should be correct. oval:org.secpod.oval:def:10131 The startup type of the .NET Framework service should be correct. oval:org.secpod.oval:def:10132 The correct service permissions for the ClipBook service should be assigned. oval:org.secpod.oval:def:10133 The 'Do Not Allow Windows Messenger to be Run' policy should be set correctly. oval:org.secpod.oval:def:10134 The 'Reschedule Automatic Updates scheduled installations' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10135 The correct service permissions for the Fax service should be assigned. oval:org.secpod.oval:def:10125 The startup type of the Remote Registry service should be correct. oval:org.secpod.oval:def:10126 The startup type of the Indexing service should be correct. oval:org.secpod.oval:def:10127 The startup type of the Routing and Remote Access service should be correct. oval:org.secpod.oval:def:10128 The startup type of the Alerter service should be correct. oval:org.secpod.oval:def:10129 The correct service permissions for the Automatic Updates service should be assigned. oval:org.secpod.oval:def:10140 The 'Hide Property Pages' policy should be set correctly for the Task Scheduler. oval:org.secpod.oval:def:10141 The 'Specify intranet Microsoft update service location' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10142 TCP/IP PMTU Discovery should be properly configured. oval:org.secpod.oval:def:10143 Automatic updates should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10144 The 'Prohibit New Task Creation' policy should be set correctly for the Task Scheduler. oval:org.secpod.oval:def:10145 The 'Audit the access of global system objects' policy should be set correctly. oval:org.secpod.oval:def:10146 The startup type of the Removable Storage service should be correct. oval:org.secpod.oval:def:10136 The 'Always Prompt Client for Password upon Connection' policy should be set correctly for Terminal Services. oval:org.secpod.oval:def:10137 The correct service permissions for the Remote Desktop Help Session Manager service should be assigned. oval:org.secpod.oval:def:10138 The 'Restrict CD-ROM Access to Locally Logged-On User Only' policy should be set correctly. oval:org.secpod.oval:def:10139 The 'Make Proxy Settings Per-Machine (Rather Then Per-User)' setting should be configured correctly. oval:org.secpod.oval:def:10073 The behavior surrounding Anonymous SID/Name translation should be correct. oval:org.secpod.oval:def:10074 The 'Security Zones: Use Only Machine Settings' setting should be configured correctly. oval:org.secpod.oval:def:10075 The 'when maximum log size is reached' property should be set correctly for the System log. oval:org.secpod.oval:def:10076 Auditing of 'account management' events on success should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10077 The startup type of the Remote Access Auto connection Manager service should be correct. oval:org.secpod.oval:def:10078 The correct service permissions for the FTP Publishing service should be assigned. oval:org.secpod.oval:def:10079 The "deny logon through Terminal Services" user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10070 Auditing of 'privilege use' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10071 The startup type of the Simple Mail Transport Protocol (SMTP) service should be correct. oval:org.secpod.oval:def:10072 Auditing of 'logon' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10084 Auditing of 'account logon' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10085 The correct service permissions for the Indexing service should be assigned. oval:org.secpod.oval:def:10086 The startup type of the Universal Plug and Play Device Host (UPnP) service should be correct. oval:org.secpod.oval:def:10087 The 'Security Zones: Do Not Allow Users to Change Policies' setting should be configured correctly. oval:org.secpod.oval:def:10088 The correct service permissions for the NetMeeting service should be assigned. oval:org.secpod.oval:def:10089 The 'when maximum log size is reached' property should be set correctly for the Security log. oval:org.secpod.oval:def:10080 Installation and Configuration of Network Bridge on the DNS Domain Network should be properly configured. oval:org.secpod.oval:def:10081 Auditing of 'account management' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10082 Auditing of 'process tracking' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10083 The correct service permissions for the SMTP service should be assigned. oval:org.secpod.oval:def:10051 The 'Enable User to Browser for Source While Elevated' policy should be set correctly. oval:org.secpod.oval:def:10052 The correct service permissions for the Remote Registry service should be assigned. oval:org.secpod.oval:def:10053 The startup type of the Background Intelligent Transfer Service (BITS) service should be correct. oval:org.secpod.oval:def:10054 Auditing of 'privilege use' events on success should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10055 The correct service permissions for the Terminal Services service should be assigned. oval:org.secpod.oval:def:10056 The TCPMaxPortsExhausted setting should be properly configured. oval:org.secpod.oval:def:10057 The correct service permissions for the Printer service should be assigned. oval:org.secpod.oval:def:10058 The 'No auto-restart with logged on users for scheduled automatic updates installations' setting should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10050 The startup type of the Print Services for Unix service should be correct. oval:org.secpod.oval:def:10048 Auditing of 'directory service access' events on failure should be enabled or disabled as appropriate.. oval:org.secpod.oval:def:10049 If the Security log's retention method is set to "Overwrite events by days," an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:10062 The 'load and unload device drivers' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10063 Auditing of 'policy change' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10064 The 'perform volume maintenance tasks' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10065 Auditing of 'account logon' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10066 The security log maximum size should be configured correctly.. oval:org.secpod.oval:def:10067 The startup type of the ClipBook service should be correct. oval:org.secpod.oval:def:10068 The startup type of the IIS Admin service should be correct. oval:org.secpod.oval:def:10069 The correct service permissions for the SNMP service should be assigned. oval:org.secpod.oval:def:10060 Auditing of 'object access' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10061 Auditing of 'object access' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10059 The 'restrict guest access to application log' policy should be set correctly. oval:org.secpod.oval:def:10110 If the Application log's retention method is set to 'Overwrite events by days,' an appropriate value should be set for the number of days' logs to keep. oval:org.secpod.oval:def:10111 The correct service permissions for the WWW Publishing service should be assigned. oval:org.secpod.oval:def:10112 The 'manage auditing and security log' user right should be assigned to the correct accounts. oval:org.secpod.oval:def:10113 The correct service permissions for the IIS Admin service should be assigned. oval:org.secpod.oval:def:10103 Auditing of 'policy change' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10104 The 'Enable User Control Over Installs' policy should be set correctly. oval:org.secpod.oval:def:10105 The application log maximum size should be configured correctly.. oval:org.secpod.oval:def:10106 The startup type of the Print Services for Unix service should be correct. oval:org.secpod.oval:def:10107 The startup type of the Remote Desktop Help Session Manager service should be correct. oval:org.secpod.oval:def:10108 The startup type of the Task Scheduler service should be correct. oval:org.secpod.oval:def:10109 The startup type of the Fax service should be correct. oval:org.secpod.oval:def:10120 The 'Disable Automatic Install of Internet Explorer Components' setting should be configured correctly. oval:org.secpod.oval:def:10121 The startup type of the Remote Shell service should be correct. oval:org.secpod.oval:def:10122 Auditing of 'logon' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10123 The 'Automatic Updates detection frequency' should be set correctly. oval:org.secpod.oval:def:10124 Auditing of 'system' events on failure should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10114 The startup type of the FTP Publishing service should be correct. oval:org.secpod.oval:def:10115 The correct service permissions for the Telnet service should be assigned. oval:org.secpod.oval:def:10116 The 'Enable User to Use Media Source While Elevated' policy should be set correctly. oval:org.secpod.oval:def:10117 The behavior surrounding Anonymous users' ability to display lists of SAM accounts and shares should be correct. oval:org.secpod.oval:def:10118 The 'Clear Virtual Memory Pagefile at shutdown' policy should be set correctly. oval:org.secpod.oval:def:10119 Auditing of 'system' events on success should be enabled or disabled as appropriate. oval:org.secpod.oval:def:10100 The startup type of the SNMP Service service should be correct. oval:org.secpod.oval:def:10101 The startup type of the SNMP Trap Service service should be correct. oval:org.secpod.oval:def:10102 The startup type of the SSDP Discovery service should be correct. oval:org.secpod.oval:def:7894 The "account lockout duration" policy should meet minimum requirements. oval:org.secpod.oval:def:5645 Verify that all users are assigned a unique ID for access to system components or cardholder data and also verify that users are authenticated using unique ID and additional authentication (for example, a password) for access to the cardholder data environment. oval:org.secpod.oval:def:5646 Verify that inactive accounts over 90 days old are either removed or disabled. oval:org.secpod.oval:def:5025 If virtualization technologies are used, verify that only one primary function is implemented per virtual system component or device. oval:org.secpod.oval:def:5024 Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.) oval:org.secpod.oval:def:5021 Malicious software, commonly referred to as malware including viruses, worms, and Trojans enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Ant ... oval:org.secpod.oval:def:8376 The "Disable CTRL+ALT+Delete Requirement for Logon" policy should be set correctly. oval:org.secpod.oval:def:8380 The "Digitally Sign Server Communication (When Possible)" policy should be set correctly. |