WN12-00-000005 - Users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Using a privileged account to perform routine functions makes the computer vulnerable to malicious software inadvertently introduced during a session that has been granted full privileges.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Ensure each user with administrative privileges has a separate account for user duties and one for privileged duties.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_MS_V3R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Rule-ID|SV-225241r569185_rule, STIG-ID|WN12-00-000005, STIG-Legacy|SV-51576, STIG-Legacy|V-36659, Vuln-ID|V-225241

Plugin: Windows

Control ID: 0184bfe000516e52c2c6c033cf9c74ff5037301adc855a9c66b527fcf0b7e0a8