WN12-00-000005 - Users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Using a privileged account to perform routine functions makes the computer vulnerable to malicious software inadvertently introduced during a session that has been granted full privileges.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Ensure each user with administrative privileges has a separate account for user duties and one for privileged duties.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Rule-ID|SV-226031r794370_rule, STIG-ID|WN12-00-000005, STIG-Legacy|SV-51576, STIG-Legacy|V-36659, Vuln-ID|V-226031

Plugin: Windows

Control ID: 3858bb32d5fef287d4ffeb0526f29f9a328e3a01c6468b57457fb7c6c1d8b19e