| WN12-00-000009-02 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000012 - Shared user accounts must not be permitted on the system. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-AC-000004 - The password history must be configured to 24 passwords remembered. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-AC-000006 - The minimum password age must meet requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-AC-000009 - Reversible password encryption must be disabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-AD-000006-DC - Data files owned by users must be on a different logical partition from the directory server data files. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-AU-000015 - The system must be configured to audit Account Management - Other Account Management Events successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000019 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000023 - The system must be configured to audit Detailed Tracking - Process Creation successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000035-DC - The system must be configured to audit DS Access - Directory Service Changes successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000059 - The system must be configured to audit Object Access - Central Access Policy Staging successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000060 - The system must be configured to audit Object Access - Central Access Policy Staging failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000086 - The system must be configured to audit Policy Change - Audit Policy Change failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000109 - The system must be configured to audit System - Security System Extension successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000209-DC - The Active Directory Infrastructure object must be configured with proper audit settings. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000210-DC - The Active Directory Domain Controllers Organizational Unit (OU) object must be configured with proper audit settings. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-CC-000002 - The Responder network protocol driver must be disabled | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000004 - Network Bridges must be prohibited in Windows. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000019 - Remote access to the Plug and Play interface must be disabled for device installation. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000026 - Users must not be prompted to search Windows Update for device drivers. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000027 - Early Launch Antimalware, Boot-Start Driver Initialization Policy must be enabled and configured to only Good and Unknown. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000029 - Group Policies must be refreshed in the background if the user is logged on. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000048 - Copying of user input methods to the system account for sign-in must be prevented. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000052 - App notifications on the lock screen must be turned off. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000059 - Solicited Remote Assistance must not be allowed. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000066 - Microsoft Support Diagnostic Tool (MSDT) interactive communication with Microsoft must be prevented. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000086 - The Setup event log size must be configured to 32768 KB or greater. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-CC-000087 - The System event log size must be configured to 32768 KB or greater. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-CC-000096 - Passwords must not be saved in the Remote Desktop Client. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000099 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000023 - The Windows dialog box title for the legal banner must be configured. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-SO-000027 - The Smart Card removal option must be configured to Force Logoff or Lock Workstation. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000028 - The Windows SMB client must be configured to always perform SMB packet signing. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000029 - The Windows SMB client must be enabled to perform SMB packet signing when possible. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000030 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000033 - The Windows SMB server must perform SMB packet signing when possible. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000038 - The system must be configured to prevent IP source routing. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000079 - User Account Control must automatically deny standard user requests for elevation. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SV-000100 - The Fax service must be disabled if installed. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SV-000103 - The Peer Networking Identity Manager service must be disabled if installed. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SV-000106 - The Smart Card Removal Policy service must be configured to automatic. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-UC-000009 - Zone information must be preserved when saving attachments. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-UR-000002-DC - Unauthorized accounts must not have the Access this computer from the network user right on domain controllers. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000005 - The Allow log on locally user right must only be assigned to the Administrators group. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000012 - The Create a token object user right must not be assigned to any groups or accounts. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000013 - The Create global objects user right must only be assigned to Administrators, Service, Local Service, and Network Service. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000027 - The Increase scheduling priority user right must only be assigned to the Administrators group. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN19-DC-000220 - Windows Server 2019 Active Directory RID Manager$ object must be configured with proper audit settings. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
