Detections
Analytics

800-53|AC-6(7)(b)

Title

REVIEW OF USER PRIVILEGES

Description

Reassigns or removes privileges, if necessary, to correctly reflect organizational mission/business needs.

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.10.7 Set 'Network access: Remotely accessible registry paths and sub-paths' to the following listWindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.10 Set 'Network access: Remotely accessible registry paths' to the following listWindowsCIS Windows 8 L1 v1.0.0
1.1.4.1 Configure 'Allow log on through Remote Desktop Services'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.2 Set 'Deny log on through Remote Desktop Services' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.3 Set 'Deny access to this computer from the network' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.4 Set 'Create a pagefile' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.5 Set 'Create permanent shared objects' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.6 Set 'Increase scheduling priority' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.7 Set 'Access this computer from the network' to 'Users, Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.8 Set 'Force shutdown from a remote system' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.9 Set 'Change the time zone' to 'LOCAL SERVICE, Administrators, Users'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.10 Set 'Create global objects' to 'Administrators, SERVICE, LOCAL SERVICE, NETWORK SERVICE'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.11 Set 'Enable computer and user accounts to be trusted for delegation' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.12 Set 'Profile single process' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.13 Set 'Shut down the system' to 'Administrators, Users'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.14 Set 'Take ownership of files or other objects' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.15 Set 'Create symbolic links' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.16 Set 'Act as part of the operating system' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.17 Set 'Modify firmware environment values' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.18 Set 'Back up files and directories' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.19 Debug programs = AdministratorsWindowsCIS Windows 8 L1 v1.0.0
1.1.4.20 Set 'Access Credential Manager as a trusted caller' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.21 Set 'Deny log on locally' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.22 Set 'Profile system performance' to 'NT SERVICE\WdiServiceHost,Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.23 Set 'Restore files and directories' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.24 Set 'Perform volume maintenance tasks' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.25 Set 'Impersonate a client after authentication' to 'Administrators, SERVICE, Local Service, Network Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.26 Configure 'Log on as a batch job'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.27 Set 'Adjust memory quotas for a process' to 'Administrators, Local Service, Network Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.28 Set 'Manage auditing and security log' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.29 Set 'Deny log on as a batch job' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.30 Set 'Bypass traverse checking' to 'Users, NETWORK SERVICE, LOCAL SERVICE, Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.31 Set 'Increase a process working set' to 'Administrators, Local Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.32 Set 'Change the system time' to 'LOCAL SERVICE, Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.33 Configure 'Deny log on as a service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.34 Configure 'Log on as a service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.35 Set 'Generate security audits' to 'Local Service, Network Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.36 Set 'Allow log on locally' to 'Administrators, Users'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.37 Set 'Lock pages in memory' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.38 Set 'Load and unload device drivers' to 'Administrators'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.39 Configure 'Remove computer from docking station'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.40 Set 'Replace a process level token' to 'Local Service, Network Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.41 Set 'Create a token object' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.42 Set 'Modify an object label' to 'No one'WindowsCIS Windows 8 L1 v1.0.0
1.2 Set permissions on local-settings.jsWindowsCIS Mozilla Firefox 38 ESR Windows L1 v1.0.0
1.04 Windows Oracle Account - 'Deny Log on Locally Right'WindowsCIS v1.1.0 Oracle 11g OS Windows Level 1
1.10 Windows Oracle Registry Key Permissions - 'Verify and set permissions'WindowsCIS v1.1.0 Oracle 11g OS Windows Level 1
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
2.10 Ensure SNS Topics do not Allow Everyone To Subscribeamazon_awsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0