DISA Windows Vista STIG v6r41

Audit Details

Name: DISA Windows Vista STIG v6r41

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.19

Estimated Item Count: 380

File Details

Filename: DISA_STIG_MS_Windows_Vista_V6R41_STIG.audit

Size: 656 kB

MD5: c218b9108c74dd1536f60943a2174769
SHA256: 7ea6fff8fed1c6c2e94b6e9382f5f9ef23b73dc66bb1e7f979b382617faa9d69

Audit Items

DescriptionCategories
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.

CONFIGURATION MANAGEMENT

1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties.

CONFIGURATION MANAGEMENT

1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet.

CONFIGURATION MANAGEMENT

1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.

CONFIGURATION MANAGEMENT

1.008 - Shared user accounts are permitted on the system.

IDENTIFICATION AND AUTHENTICATION

1.013 - System information backups are not created, updated, and protected according to DISA requirements.

CONFIGURATION MANAGEMENT

1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.

CONFIGURATION MANAGEMENT

2.001 - Permissions for event logs must conform to minimum requirements - application.evtx

AUDIT AND ACCOUNTABILITY

2.001 - Permissions for event logs must conform to minimum requirements - security.evtx

AUDIT AND ACCOUNTABILITY

2.001 - Permissions for event logs must conform to minimum requirements - system.evtx

AUDIT AND ACCOUNTABILITY

2.005 - Systems must be at supported service packs (SP) or releases levels.

CONFIGURATION MANAGEMENT

2.006 - ACLs for system files and directories do not conform to minimum requirements. - 'C:'

ACCESS CONTROL

2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Program Files'

ACCESS CONTROL

2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Windows'

ACCESS CONTROL

2.008 - Local volumes are not formatted using NTFS.

ACCESS CONTROL

2.014 - ACLs for disabled services do not conform to minimum standards.

CONFIGURATION MANAGEMENT

2.015 - File share ACLs have not been reconfigured to remove the Everyone group.

SYSTEM AND COMMUNICATIONS PROTECTION

2.019 - Security-related Software Patches are not applied.

CONFIGURATION MANAGEMENT

2.021 - Remove Software Certificate Installation Files

CONFIGURATION MANAGEMENT

2.022 - Disallow AutoPlay/Autorun from Autorun.inf

CONFIGURATION MANAGEMENT

2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.

ACCESS CONTROL

3.003 - System pagefile is cleared upon shutdown.

CONFIGURATION MANAGEMENT

3.004 - Secure Removable Media - CD-ROM

CONFIGURATION MANAGEMENT

3.006 - Floppy media devices are not allocated upon user logon.

CONFIGURATION MANAGEMENT

3.007 - The system allows shutdown from the logon dialog box.

CONFIGURATION MANAGEMENT

3.011 - The required legal notice must be configured to display before console logon.

ACCESS CONTROL

3.013 - Caching of logon credentials must be limited.

CONFIGURATION MANAGEMENT

3.014 - The Windows dialog box title for the legal banner must be configured.

ACCESS CONTROL

3.018 - Anonymous shares are not restricted. - RestrictAnonymous

SYSTEM AND COMMUNICATIONS PROTECTION

3.018 - Anonymous shares are not restricted. - RestrictAnonymousSAM

SYSTEM AND COMMUNICATIONS PROTECTION

3.027 - Printer share permissions are not configured as recommended.

ACCESS CONTROL

3.028 - The built-in Windows password complexity policy must be enabled.

IDENTIFICATION AND AUTHENTICATION

3.029 - Print driver installation privilege is not restricted to administrators.

CONFIGURATION MANAGEMENT

3.030 - Anonymous access to the registry must be restricted.

ACCESS CONTROL

3.031 - The Send download LanMan compatible password option is not set to Send NTLMv2 response only\refuse LM.

CONFIGURATION MANAGEMENT

3.032 - Ctrl+Alt+Del security attention sequence is Disabled.

CONFIGURATION MANAGEMENT

3.034 - Unencrypted passwords must not be sent to third-party SMB Servers.

IDENTIFICATION AND AUTHENTICATION

3.040 - Automatic logons must be disabled.

CONFIGURATION MANAGEMENT

3.042 - Outgoing secure channel traffic is not signed when possible.

SYSTEM AND COMMUNICATIONS PROTECTION

3.043 - Outgoing secure channel traffic is not encrypted when possible.

SYSTEM AND COMMUNICATIONS PROTECTION

3.044 - The computer account password is prevented from being reset.

CONFIGURATION MANAGEMENT

3.045 - The Windows SMB client is not enabled to perform SMB packet signing when possible.

SYSTEM AND COMMUNICATIONS PROTECTION

3.046 - The Windows SMB server is not enabled to perform SMB packet signing when possible.

SYSTEM AND COMMUNICATIONS PROTECTION

3.047 - The Smart Card removal option is set to take no action.

CONFIGURATION MANAGEMENT

3.048 - The Recovery Console SET command must be disabled.

CONFIGURATION MANAGEMENT

3.049 - The Recovery Console option is set to permit automatic logon to the system.

CONFIGURATION MANAGEMENT

3.052 - Ejection of removable NTFS media is not restricted to Administrators.

CONFIGURATION MANAGEMENT

3.054 - Users are not warned in advance that their passwords will expire.

CONFIGURATION MANAGEMENT

3.055 - The default permissions of Global system objects are not increased.

CONFIGURATION MANAGEMENT

3.057 - Reversible password encryption is not disabled.

IDENTIFICATION AND AUTHENTICATION