CSCv7|4.6

Title

Use of Dedicated Machines For All Administrative Tasks

Description

Ensure administrators use a dedicated machine for all administrative tasks or tasks requiring administrative access. This machine will be segmented from the organization's primary network and not be allowed Internet access. This machine will not be used for reading e-mail, composing documents, or browsing the Internet.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2.2 Configure IP Blocking on Failed Logins	Cisco	CIS Cisco NX-OS v1.2.0 L1
2.2.7 (L1) Ensure 'Back up files and directories' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.7 Ensure 'Back up files and directories' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.8 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.8 Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.9 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE, Users'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.10 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.10 Ensure 'Create a pagefile' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.11 (L1) Ensure 'Create a token object' is set to 'No One'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.11 Ensure 'Create a token object' is set to 'No One'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.12 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.12 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.14 (L1) Configure 'Create symbolic links'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.14 Configure 'Create symbolic links'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.15 Ensure 'Debug programs' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.21 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.21 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.22 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.22 Ensure 'Force shutdown from a remote system' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.24 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - Administrators	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.26 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.26 Ensure 'Load and unload device drivers' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.30 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.30 Ensure 'Manage auditing and security log' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.32 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.32 Ensure 'Modify firmware environment values' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.33 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.33 Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.34 (L1) Ensure 'Profile single process' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.34 Ensure 'Profile single process' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.35 (L1) Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.35 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.37 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.37 Ensure 'Restore files and directories' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
2.2.39 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.39 Ensure 'Take ownership of files or other objects' is set to 'Administrators'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.9.85.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.85.1 Ensure 'Allow user control over installs' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.9.85.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.85.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
19.7.41.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
19.7.41.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1

Detections

Analytics

CSCv7|4.6

Title

Description

Reference Item Details

Audit Items