Detections
Analytics

1.1 WN22-00-000010

Information

Windows Server 2022 users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks.

GROUP ID: V-254238
RULE ID: SV-254238r991589

Using a privileged account to perform routine functions makes the computer vulnerable to malicious software inadvertently introduced during a session that has been granted full privileges.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Ensure each user with administrative privileges has a separate account for user duties and one for privileged duties.

See Also

https://workbench.cisecurity.org/benchmarks/22357

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-254238r991589_rule, STIG-ID|WN22-00-000010, Vuln-ID|V-254238

Plugin: Windows

Control ID: bad442f38639dab180672fd4c8ec7c4e27a7068de6e919d737ddcb83cb6a6f0d