Detections
Analytics

1.187 WN10-SO-000005

Information

The built-in administrator account must be disabled.

GROUP ID: V-220908RULE ID: SV-220908r958482

The built-in administrator account is a well-known account subject to attack. It also provides no accountability to individual administrators on a system. It must be disabled to prevent its use.

Solution

Configure the policy value for

Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> 'Accounts: Administrator account status'

to 'Disabled'.

See Also

https://workbench.cisecurity.org/benchmarks/23869

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2, CCI|CCI-000764, Rule-ID|SV-220908r958482_rule, STIG-ID|WN10-SO-000005, Vuln-ID|V-220908

Plugin: Windows

Control ID: fa4ad6fbcc4162f3afd67f26101262eda75034496f077a6d58f4dcb82d42c794