Sample_VM

Document Sample
Sample_VM Powered By Docstoc
					 Tool Total Instances   High   Medium   Low   Informational
Nessus                   0       1       0          0
PGD 2.0.8.8              79     906      0          0
Retina                   45      18      0         42
SRR V8R1.3               0       21      0          0

         Machine        High   Medium   Low   Informational
popdesktop               10     205      0          0
xpvm1                    10     194      0          0
prolific                 14     176      0          0
computer1                23     181      0          0
computer2                22     150      0          0
SCANME                   45      18      0         42
192.168.2.57             0       21      0          0
localhost                0       1       0          0
Undetermined        Tool Uniques   High   Medium   Low
     25        Nessus               0       1       0
     11        PGD 2.0.8.8          24     239      0
     0         Retina               38      18      0
     15        SRR V8R1.3           0       9       0

Undetermined
     1
     1
     1
     4
     4
     0
     15
     25
Informational   Undetermined
      0              25
      0               4
     42               0
      0              15
Status    Finding Number          Platform                   FINDING (Title)
Open     10144                  Windows XP     Microsoft SQL Server TCP/IP Listener Detection
Open     10147                  Windows XP     Nessus Server Detection
Open     10394                  Windows XP     SMB Log In Possible
Open     10397                  Windows XP     SMB LanMan Pipe Server Listing Disclosure
Open     10785                  Windows XP     SMB NativeLanManager Remote System Inforrmation Disclosure
Open     10863                  Windows XP     SSL Certificate Inforrmation
Open     10884                  Windows XP     Network Time Protocol (NTP) Server Detection
Open     10940                  Windows XP     Windows Terminal Services Enabled
Open     11011                  Windows XP     SMB Service Detection
Open     11936                  Windows XP     OS Identification
Open     12053                  Windows XP     Host Fully Qualified Domain Name (FQDN) Resolution
Open     19506                  Windows XP     Nessus Scan Inforrmation
Open     21643                  Windows XP     SSL Cipher Suites Supported
Open     22964                  Windows XP     Service Detection
Open     26917                  Windows XP     SMB registry can not be accessed by the scanner
Open     26920                  Windows XP     SMB NULL Session Authentication
Open     42410                  Windows XP     Using SMB to retrieve inforrmation from a Windows host
Open     42873                  Windows XP     SSL Medium Strength Cipher Suites Supported
Open     epmap (135/tcp)        Windows XP
Open     microsoft-ds (445/tcp) Windows XP
Open     ms-sql-m (1434/tcp)    Windows XP
Open     ms-sql-s (1433/tcp)    Windows XP
Open                            W
         ms-wbt-server (3389/tcp) indows XP
Open     nessus (1241/tcp)      Windows XP
Open     startron (1057/tcp)    Windows XP
Open                            Windows 2003   Microsoft Security Bulletin MS06-010
Open     V0001074               Windows 2003   Approved DOD Virus Scan Program
Open     V0001077               Windows 2003   Incorrect ACLs forr event logs
Open     V0001080               Windows 2003   File Auditing Configuration
Open     V0001093               Windows 2003   Restrict Anonymous Network Shares
Open     V0001097               Windows 2003   Bad Logon Attempts
Open     V0001098               Windows 2003   Bad Logon Counter Reset
Open     V0001099               Windows 2003   Lockout Duration
Open     V0001103               Windows 2003   User Rights Assignments
Open     V0001105               Windows 2003   Minimum Password Age
Open     V0001107               Windows 2003   Password Uniqueness
Open     V0001114               Windows 2003   Rename Built-in Guest Account
Open     V0001115               Windows 2003   Rename Built-in Administrator Account
Open     V0001117               Windows 2003   Preserving security events
Open     V0001118               Windows 2003   Event Log Sizes
Open     V0001120               Windows 2003   Prohibited FTP Logins
Open     V0001122               Windows 2003   Password Protected Screen Saver
Open     V0001130               Windows 2003   System File ACLs
Open     V0001139               Windows 2003   Dial Up Password Saved
Open     V0001153               Windows 2003   LanMan Authentication Level
Open     V0001155               Windows 2003   Deny Access from the Network
Open     V0001157               Windows 2003   Smart Card Removal Option
Open     V0001162               Windows 2003   SMB Server Packet Signing (if client agrees)
Open     V0002240               Windows 2003   WG110
Open     V0002371               Windows 2003   ACLs forr disabled services
Open     V0002374               Windows 2003   Disable Media Autoplay
Open     V0003333               Windows 2003   WG205
Open     V0003341               Windows 2003   Terminal Service - Remote Control Settings
Open     V0003342               Windows 2003   Logon - Always Wait forr the Network
Open     V0003343               Windows 2003   Remote Assistance - Solicit Remote Assistance
   FINDING (Verbiage)            Remedy         Scan Tool         Finding Risk Level
                             Restrict access to Nessus
                                                   the database to Microsoft., only.
                                                                         None
The remote host is running MSSQL, a database server fromallowed IPs It is possible to extract the version number of the remote, in
                             Filter incoming trafficnotrecommended to let anyone connect to this port. Also, make sure that the remote N
                                                  is to this
s daemon is listening on the remote port. It Nessus port.                None
                              the                 Nessus                 None
ote host is running one ofn/a Microsoft Windows operatingsystems. It was possible to log into it using one of the followingaccount :-
                             n/a                  Nessus                 None
possible to obtain the browse list of the remote Windows systemby send a request to the LANMAN pipe. The browse list is the list o
ossible to get the remote n/a                     name andversion (Windows and/or Samba) by sending an authenticationrequest to port
                             operating system Nessus                     None
                             n/a                  Nessus                 None
ugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
                             n/a                  on this                None
(Network Time Protocol) server is listening Nessusport. Itprovides inforrmation about the current date and time of the remotesystem
                             Disable to remotely obtain graphicallogin (and thereforre act thisservice to run the remote host). If
                                                  Nessus                  use it,
l Services allows a Windows userTerminal Services ifayou do not None and do not allow as a local user on across the Internet. an at
                             n/a                  Nessus                 None
ote service understands the CIFS (Common Internet File System)or Server Message Block (SMB) protocol, used to provide shared
                                                  Nessus                 None
                             n/a
was able to resolve the FQDN of the remote host.  Nessus                 None
                             n/a                  Nessus                 None
ript displays, forr each tested host, inforrmation about the scan itself:- The version of the plugin set - The type of plugin feed (HomeF
                             n/a                  Nessus                 None
ript detects which SSL ciphers are supported by the remoteservice forr encrypting communications.
                             N/A                    extract
ugin connects to every port and attempts toNessus the bannerof None      the service running on each, and whether the port is SSL-related o
                             n/a                  Nessus                  intend
not possible to connect to PIPE\winreg on the remote host.If you None to use Nessus to perforrm registry-based checks, theregistr
                             n/a
ote host is running Microsoft Windows, andNessus                         into it
                                                   it was possible tolog None using a NULL session (ie, with no login or password). Anuna
                             n/a                  to SMB                 None
ote host listens on tcp port 445 and replies Nessus requests.By sending an NTLMSSP authentication request it is possible to obtain
                              of SSL ciphers affected mediumstrength encryption, which we currently regard as those
                                                  Nessus                possible
ote host supports the useReconfigure the that offerapplication if Medium to avoid use ofmedium strength ciphers. with key lengths
                                                  Nessus              Open Port
                                                  Nessus              Open Port
                                                  Nessus              Open Port
                                                  Nessus              Open Port
                                                  Nessus              Open Port
                                                  Nessus              Open Port
                                                  Nessus              Open Port
                             Client Deployment Inforrmation1. Download the The version of this security update "office2000-kb889167
                                              PGD 2.0.8.8              Medium
This update resolves a newly-discovered, privately-reported vulnerability. clientvulnerability is documented in the "Vulnerability Detai
                             Configure the system 2.0.8.8
                                              PGD with supported, DOD approved defense against the introduction that the signature fi
This is a Category 1 finding because Virus scan programs are a primary line of virus scanning software. Ensure of viruses and malic
                                                                          High
                             Set unauthorized, and possibly following Event Logs as proper in the manual check.
Event logs are susceptible to the ACL permissions on the anonymous, tampering if defined ACLs are not applied.(The event log files
                                              PGD 2.0.8.8              Medium
                             Configure auditing on2.0.8.8
                                               files each partition/drive inoperable. Further, modifications to these system files can hav
                                                                       Medium
Improper modification of the core system PGD can render a system to audit all "Failures" forr the "Everyone" group. (If system-level a
                             Configure the system 2.0.8.8
                                              PGD to prevent logon users (null from listing account to list and enumerating and enum
This is a Category 1 finding because it allows anonymous anonymous userssession connections)namesall account namesshared res
                                                                          High
                             Configure the system 2.0.8.8 out an account after 3 invalid on the system. The higher this value is, the les
                                              PGD to lock
The account lockout feature, when enabled, prevents brute-forrce password attacks logon attempts. (Analyze the system using the S
                                                                       Medium
                             the amount of time that must the lockout counter reset itself after a minimum of 60 minutes. (Analyze occ
                                              PGD to have
This parameter specifies Configure the system 2.0.8.8 pass between two successive login attempts to ensure that a lockout willthe s
                                                                       Medium
                             the amount of time that must pass beforre locked-out account is automatically unlocked by (Analyze the
                                              PGD so that
This parameter specifies Configure the system 2.0.8.8 the bad logonalockout duration conforrms to DoD requirements. the system.
                                                                       Medium
                             user and the system 2.0.8.8 can provide system, administrative, and other high level capabilities not req
                                              PGD to rights
Inappropriate granting of Configureadvanced userprevent accounts from having unauthorized User Rights. (Windows 2003 Member
                                                                       Medium
                             Configure the immediate succession within the is a minimum of users to cycle passwords through Securi
                                                                         so that
Permitting passwords to be changed in Minimum Password AgeMedium itsame day, allows"1". (Analyze the system using the their h
                                              PGD 2.0.8.8
                             Configure the system 2.0.8.8
                                              PGD to remember a minimum recycle the passwords. (Analyze the system using the req
A system is more vulnerable to unauthorized access when system usersof "24" usedsame password several times without beingSec
                                                                       Medium
                             Configure the system 2.0.8.8 built-in built-in Guest is not renamed or disabled. using the Security Configu
                                              PGD to the
A system faces an increased vulnerability threat ifrename the guest accountaccount (Analyze the system The built-in guest account
                                                                       Medium
                             account is a system 2.0.8.8
                                              PGD to rename can be initialized with a blank password during using the Security Configu
The built-in administrator Configure theknown account that the Administrator account. (Analyze the system the basic installation. This
                                                                       Medium
                             a security audit PGD to properly preserve Event Log the log not be(Analyze the system using the Security
DOD policy requires that Configure the system 2.0.8.8                   that events in inforrmation. automatically overwritten. Required au
                                              log be maintained andMedium
                             Configure the system 2.0.8.8 the required minimum Event log sizes. (Analyze the system
                                              PGD to have
Inadequate log size will cause the log to fill up quickly and require frequent clearing by administrative personnel. using the Securi
                                                                       Medium
                             Configure the system to prevent an to access shared files and directories. Allowing anonymous FTP mak
The FTP (File Transfer Protocol) service PGD 2.0.8.8 usersinstalled FTP service from allowing prohibited logons. (In the ―Comman
                                              allows remote            Medium
                             Configure unattended. Unattended systems are susceptible to unauthorized use. Control Panel -> shou
The system should be locked when The policy values forr User Configuration -> Administrative Templates ->The screen saver Displa
                                              PGD 2.0.8.8              Medium
                             Configure the Security Option:

                                               directory permissions, allows the possibility of unauthorized andpermissions apply to anon
Failure to properly configure ACL file andPGD 2.0.8.8 
         Windows 2003 - ―Network access: Let everyone anonymous modification
                                                                       Medium
                             Configure the system 2.0.8.8 to the the password used to gain access to a saved. (Analyze the system u
The default Windows configuration enables theto preventsavedial-up networking password from being remote server using the dial-u
                                              PGD option               Medium
                             Configure the system default forr authentication of users who are logging on to domain accounts from com
                                              PGD to the
The Kerberos v5 authentication protocol is the 2.0.8.8required level of LanMan authentication. (Analyze the system using the Securi
                                                                          High
                             Configure the system 2.0.8.8 logins by the built-in guest accounts, which are a member of
                                              PGD to give
This is a Category 1 finding because allowing network the right "Deny access to this computer from the network" to the Accounts/Gr
                                                                          High                                                      Everyone gr
                             Configure the system 2.0.8.8 minimum, lock user is removed from the smart card (Analyze the system us
                                              PGD to, at a
Determines what should happen when the smart card forr a logged-onthe system if a smart card is removed.reader.The options are:
                                                                       Medium
                              causes the Windows to have the SMB Server sign SMB packets when possible. (Analyze the
If this policy is enabled, itConfigure the system 2.0.8.8 Message Block (SMB) server to perforrm SMB packet signing. system usin
                                              PGD Server               Medium
                             From the Internet Services Manager Select the web site to of examined; Select Web this tab; under conne
                                              PGD 2.0.8.8              Medium
This check verifies that the web site is not configured to permit an unlimited number be HTTP requests. When Site parameter is set
                             Create a Custom Security control list Medium Security Template MMC Snap-in to set the When a service
                                                                       forr the
When configuring either the startup mode or accessTemplate using a service, you must configure the other as well. permissions as r
                                              PGD 2.0.8.8
                             Configure the system 2.0.8.8
                                              PGD as specified in theHigh drive. As prevent the setup file of programs and the music
Autoplay begins reading from a drive as soon as you insert media manual check to a result, removable media from autoplaying. (Ana
                                                                            in the
                             Using the Internet Inforrmation Services Console, locate the web site system files of Select this web site
Web content is accessible to the anonymous web user. For such an account to have access tobeing reviewed.any type is a major sa
                                              PGD 2.0.8.8              Medium
                             Configure the forr remote controlremote High Servicescomputer by setting thea Category 1 forr Computer C
                                              PGD to prevent of Terminal of the user sessions. This is policy value finding because
This setting is used to control the rules system 2.0.8.8                   control
                             Windows the system to wait network Medium initialization initialization beforre allowing a user to log this initializa
The setting determines if Configure waits PGD 2.0.8.8 forr complete networkbeforre allowing the user to log on. Part of on. This is d
                                              forr complete
                             Configure solicited remote assistance isHigh
                                              PGD to disable Remote allowed from this computer. Solicited assistance is help that is sp
This setting controls whether or not the system 2.0.8.8                    Assistance by setting the policy value forr Computer Configuration
             Comments                   References       IA Controls               Affected
Configuration                                                         localhost
                                                                      localhost
Manual Review                                         CVE-1999-0504", "CVE-1999-0505", "CVE-1999-0506", "CVE-2000-0222"
                                                                      localhost
                                  http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
W2K Business Risk Justification                                       localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
False Finding/Documentation Neededhttp://www.openssl.org/docs/apps/ciphers.html
                                                                      localhost;localhost
                                                                      localhost
                                                      CVE-2002-1117   localhost
                                  http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      localhost
                                                                      computer1;computer1;computer1;computer1;computer1;com
                                                      ECVP-1 - Technical Implementation
                                                                       Protection;
False Finding/Documentation NeededDesktop Application Security Viruscomputer1;computer2 Guide - Section 4
Configuration                                         ECTP-1 - Auditcomputer1;computer2
                                                                       Trail Protection;
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 6.1.2
Configuration                                          Server - Audit Record Content; ECAR-2 - Audit Record
                                                                      computer1;computer2
                                  Microsoft WindowsECAR-12003 Security Guide - V2.0, Chap. 4, p. 60-61 Content; ECAR-3
Configuration                                          Vista Security computer1;computer2 48
                                                                       Guide - Appenidx A, p.
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                    Vista Security computer1;computer2
                                                                       Guide - Appendix A,
                                  Microsoft WindowsECLO-1 - Logon; ECLO-2 - Logon; pp. 6-7
GPO                                                    Vista Security computer1;computer2
                                                                       Guide - Appendix A,
                                  Microsoft WindowsECLO-1 - Logon; ECLO-2 - Logon; p. 7
GPO                                                    Vista Security computer1;computer2
                                                                       Guide - Appendix A,
                                  Microsoft WindowsECLO-1 - Logon; ECLO-2 - Logon; p. 6
GPO                                                   ECLP-1 - Least Privilege;
                                                                      computer1;computer2
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 5
GPO                                                    Vista - Individual Identification and p.
                                                                       Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security computer1;computer2 3-4
GPO                                                    Vista - Individual Identification and p.
                                                                       Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security computer1;computer2 3
                                                       Vista Security computer1;computer2 30
                                                                       Guide - Appendix A, p.
                                  Microsoft WindowsIAAC-1 - Account Control;
                                                       Vista Security computer1;computer2 29-30
                                                                       Guide - Appendix A, pp.
                                  Microsoft WindowsIAAC-1 - Account Control;
Configuration                                         ECRR-1 - Audit Record - V6.1, Section 6.2
                                                                      computer1;computer2
                                  Windows 2003/XP/2000/VISTA AddendumRetention;
Configuration                                         ECRR-1 - Audit Record Retention;
                                                                      computer1;computer2
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
                                                      ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 5.1
                                                                      computer1
                                  WEB SERVER SECURITY - Security Configuration Compliance;
Configuration                                         PESL-1 - Screen Lock;
                                                                      computer1;computer2
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.8
Configuration                                         ECCD-1 - Changes to Data; ECCD-2 - Changes to Data;
                                                                      computer1;computer2
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 4.2
                                                      ECSC-1 - Security Configuration Compliance;
                                                                      computer1;computer2
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
GPO                                                    Vista - Individual Identification and p.
                                                                       Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security computer1;computer2 51
GPO                                                    Vista Security computer1;computer2
                                                                       Privilege;
                                  Microsoft WindowsECLP-1 - LeastGuide - Appendix A, p. 22
GPO                                                    Vista Security computer1;computer2 37
                                                                       Guide - Appendix A, p.
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                    Vista Security computer1;computer2 39
                                                                       Guide - Appendix A, p.
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                      ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 3.4
                                                                      computer1
                                  WEB SERVER SECURITY - Security Configuration Compliance;
                                                      ECCD-1 - Changes to Data; ECCD-2 - Changes to Data;
                                                                      computer1;computer2
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.9
GPO                                                    Vista Security computer1;computer2
                                                                       Privilege; ECSC-1 - Security Configuration Compliance;
                                  Microsoft WindowsECLP-1 - LeastGuide - Appendix A, p. 43
                                                      DCPA-1 - Partitioning the Application;
                                                                      computer1
                                  Web Site Administration Policies & Procedures, With Amendments and Corrections incorpora
Configuration                                         ECSC-1 - Security Configuration Compliance;
                                                                      computer1;computer2
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
GPO                                                   ECSC-1 - Security Configuration Compliance;
                                                                      computer1;computer2
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.11
GPO                                                    Vista Security computer1;computer2 74 -75
                                                                       Guide - Appendix A, pp.
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
1;computer1;computer1;computer1;computer1;computer1;computer1;computer1;computer2;computer2;computer2;computer2;computer2;computer2;com
;computer2;computer2;computer2;computer2;computer2
Open   V0003348   Windows 2003   Windows Messenger - Do Not Allow To Run
Open   V0003349   Windows 2003   Windows Messenger - Do Not Start Automatically
Open   V0003374   Windows 2003   Strong Session Key
Open   V0003375   Windows 2003   Domain Controller authentication forr unlock
Open   V0003376   Windows 2003   Storage of Credentials or .NET Passports
Open   V0003379   Windows 2003   LAN Manager Hash Value Stored
Open   V0003380   Windows 2003   Force Logoff When Logon Hours Expire
Open   V0003382   Windows 2003   Session Security forr NTLM SSP Based Clients
Open   V0003383   Windows 2003   FIPS Compliant Algorithms
Open   V0003384   Windows 2003   Owner of Objects Created by Administrators
Open   V0003426   Windows 2003   NetMeeting Disable Remote Desktop Sharing
Open   V0003427   Windows 2003   IE - Zones: Use Only Machine Settings
Open   V0003428   Windows 2003   IE - Zones: Do Not Allow Users to Change Policies
Open   V0003429   Windows 2003   IE - Zones: Do Not Allow Users to Add/Delete Sites
Open   V0003431   Windows 2003   IE - Disable Automatic Install of IE Compenents
Open   V0003432   Windows 2003   IE - Disable Periodic Check forr IE Updates
Open   V0003449   Windows 2003   Terminal Services - Session Limit
Open   V0003450   Windows 2003   Terminal Services - Limit Number of Connections
Open   V0003452   Windows 2003   The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fW
Open   V0003453   Windows 2003   Terminal Services - Password Prompting
Open   V0003454   Windows 2003   Terminal Services - Set Encryption Level
Open   V0003455   Windows 2003   Terminal Services - Do Not Use Temp Folders
Open   V0003456   Windows 2003   Terminal Services - Delete Temp Folders
Open   V0003457   Windows 2003   Terminal Services - Time Limit forr Disc. Session
Open   V0003458   Windows 2003   Terminal Services - Time Limit forr Idle Session
Open   V0003459   Windows 2003   Terminal Services - Original Client Reconnection
Open   V0003460   Windows 2003   Terminal Services - Enforrce Session Time Limit
Open   V0003470   Windows 2003   Remote Assistance - Offer Remote Assistance
Open   V0003471   Windows 2003   Error Reporting - Report Errors
Open   V0003478   Windows 2003   Printers - Disallow Installation of Drivers
Open   V0003479   Windows 2003   Safe DLL Search Mode
Open   V0003480   Windows 2003   Media Player - Disabe Automatic Updates
Open   V0003481   Windows 2003   Media Player - Prevent Codec Download
Open   V0003487   Windows 2003   Unnecessary Services
Open   V0003666   Windows 2003   Session Security forr NTLM SSP based Servers
Open   V0004444   Windows 2003   Strong Key Protection
Open   V0004446   Windows 2003   Software Restriction Policies
Open   V0004447   Windows 2003   Terminal Services - Secure RPC Connection.
Open   V0004448   Windows 2003   Group Policy - Registry Policy Processing
Open   V0006228   Windows 2003   DTBI001 - The IE home page is not set correctly
Open   V0006231   Windows 2003   DTBI004-IE Internet zone parameter is set incorrec
Open   V0006234   Windows 2003   DTBI007-IE third party cookies not set correctly
Open   V0006238   Windows 2003   DTBI014-IE SSL/TLS parameter is not set correctly
Open   V0006239   Windows 2003   DTBI015-IE warning of invalid certificates not set
Open   V0006240   Windows 2003   DTBI016-IE changing zones is not set correctly
Open   V0006241   Windows 2003   DTBI017-IE forrm redirect is not set correctly
Open   V0006242   Windows 2003   DTBI021-Users can change advanced settings in IE
Open   V0006243   Windows 2003   DTBI022-Download signed Active X controls-Internet
Open   V0006244   Windows 2003   DTBI023-Download unsigned ActiveX controls-Interne
Open   V0006245   Windows 2003   DTBI024-Initialize and script ActiveX controls
Open   V0006246   Windows 2003   DTBI026-Script ActiveX marked safe forr scripting
Open   V0006248   Windows 2003   DTBI030-Font download control - Internet Zone
Open   V0006249   Windows 2003   DTBI031-Java Permissions not set forr Internet Zone
Open   V0006250   Windows 2003   DTBI032-Access data sources across domains-Interne
Open   V0006251   Windows 2003   DTBI034-Display mixed content - Internet Zone
Open   V0006253   Windows 2003   DTBI036-Drag and drop or copy and paste-Internet
                           Windows the policy value forr beingMedium   run. Instant Messaging clients must be in compliance of Compone
This setting prevents the Configure Messenger 2.0.8.8 Computer Configuration -> Administrative Templates -> Windowswith the In
                                             PGD client from
                           automatic launch of value forr Computer at user logon. Administrative Templates -> Windows Compone
This setting prevents the Configure the policy Windows MessengerConfiguration ->Instant Messaging clients must be in compliance
                                             PGD 2.0.8.8            Medium
                           Configure the system session the Medium
                                             PGD to require
This setting controls the required strength of a 2.0.8.8 key. use of a strong session key. (Analyze the system using the Security Co
                           Configure the systemto require attempt to unlock the workstation. If this setting is enabled, the the syste
This setting controls the behavior ofthe system 2.0.8.8 youcredentials to be passed to a domain controller beforre unlockingsystem w
                                             PGD when               Medium
                           Configure the system 2.0.8.8
                                             PGD to credentials orMedium
                                                                       .NET passports on and .NET passports on the local system. (Analy
This setting controls the storage of authentication prevent the storage of credentials the local system. Such credentials should neve
                           Configure a LAN Manager hash the LAN Manager hash fromthe SAM the next time the (Analyze the chang
                                             PGD to prevent of the password is stored in being stored in the SAM. password is system
This setting controls whether or not the system 2.0.8.8                 High
                           Configure usersPGDforrced to users when their allowed logon hours expire. If logon the system using the
                                              are to log
This setting controls whether or not the system 2.0.8.8off log off when their allowed logon hours expire. (Analyze hours are set forr use
                                                                    Medium
                           Configure the system 2.0.8.8 a variety of forr NTLM SSP based clients. (Windows 2003/XP - Analyze th
                                             PGD to meet
Starting with Windows 2000 Microsoft has implementedrequirementssecurity support providers forr use with RPC sessions. In a hom
                                                                    Medium
                                             PGD to require are FIPS FIPS compliant algorithms. (Analyze the system using the Secu
This setting ensures that Configure the system 2.0.8.8that the use of compliant forr encryption, hashing, and signing. FIPS compliant
                           the system uses algorithms               Medium
                           Set the value forr ―System owns objects created forr object created Administrators the Administrators gro
Either the object creator or the Administrators groupobjects: Default owner by members of the by members of group. In order to ens
                                             PGD 2.0.8.8            Medium
                                              users to interact and control one desktop. This could allow unauthorized users Compone
Remote desktop sharing Configure the policy value forr Computer Configuration -> Administrative Templates -> Windowsto control
                           enables severalPGD 2.0.8.8               Medium
                           Configure the policy 2.0.8.8 Computer of the computer. Security Zones control browser behavior at var
This setting enforrces consistent securityPGDvalue forr to all usersConfiguration -> Administrative Templates -> Windows Compone
                                              zone settings         Medium
                           Configure the policy Internet Computer Configuration -> Administrative Templates -> be made by Admin
This setting prevents users from changing thevalue forrExplorerMedium on the machine. Policy changes shouldWindows Compone
                                             PGD 2.0.8.8              policies
                           Configure the sites value forr security zones. Users should not be able to add sites to different Compone
This setting prevents users from addingpolicy to various Computer Configuration -> Administrative Templates -> Windows zones, as
                                             PGD 2.0.8.8            Medium
                           Configure the policy 2.0.8.8 Computer install components if it goes to a site that -> Windows Compone
                                              Explorer forr
This setting controls the ability of InternetPGDvalueto automaticallyConfiguration -> Administrative Templatesrequires components th
                                                                    Medium
                           Configure the policy value forr will periodically check the Administrative Templates -> Windows Compone
This setting determines whether or not Internet2.0.8.8 Computer Configuration ->Microsoft web sites to determine if there are upda
                                             PGD Explorer           Medium
                           2003/XP - Configure the is possible, forr Computer Configuration -> Administrative Templates -> Windows
This setting limits users to one remote session. It policy value ifMedium
                                             PGD 2.0.8.8              this setting is disabled, forr users to establish multiple sessions.
                           Configure the policy 2.0.8.8
                                             PGD connections allowed to the terminal Administrative Templates -> Windows Compone
This setting limits the number of simultaneousvalue forr Computer Configuration ->server. By default, unlimited connections are allo
                                                                    Medium
                                             PGD 2.0.8.8
                           Configure the Encryption forr Computer Configuration -> Administrative Templates -> Windows Compone
This setting, which is located under the policy valueand SecurityMedium of the Terminal Services configuration option, controls the a
                                             PGD 2.0.8.8              section
                           Configure the Encryption forr Computer Configuration -> Administrative Templates -> Windows Compone
This setting, which is located under the policy valueand SecurityMedium of the Terminal Services configuration option, controls the e
                                             PGD 2.0.8.8              section
                           Configure the Temporary forr Computer of the Terminal Administrative Templates -> Windows the use o
This setting, which is located under the policy valueFolders sectionConfiguration -> Services configuration option, controls Compone
                                             PGD 2.0.8.8            Medium
                           Configure the Temporary forr Computer of the Terminal Administrative Templates -> Windows the deleti
This setting, which is located under the policy valueFolders sectionConfiguration -> Services configuration option, controls Compone
                                             PGD 2.0.8.8            Medium
                           Configure the Sessions section of the Medium Services Administrative Templates -> how long Compone
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows a session
                                             PGD 2.0.8.8             Terminal
                           Configure the Sessions section of the Medium Services Administrative Templates -> how long Compone
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows a session
                                             PGD 2.0.8.8             Terminal
                           Configure the Sessions section of the Medium Services Administrative Templates -> whether a different
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows Compone
                                             PGD 2.0.8.8             Terminal
                           Configure the Sessions section of the Medium Services Administrative Templates -> whether or not clien
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows Compone
                                             PGD 2.0.8.8             Terminal
                           Configure the system to prevent unsolicited remote assistance offers users allowed to offer remote Comp
This setting controls whether unsolicited offers 2.0.8.8 to this computer are allowed. The list ofby setting the policy value forr assista
                                             PGD of help            Medium
                           Configure the system 2.0.8.8
                                             PGD to prevent error forrwarding by setting the policy value forr Computer Configuration
This setting controls the reporting of errors to Microsoft and, if defined, a corporate error reporting site. This does not interfere with-
                                                                    Medium
                           Configure the system to prevent it from allowing the installation of kernel-mode drivers by setting the policy
                                             PGD kernel             Medium
Kernel-mode drivers are drivers that operate in2.0.8.8 mode. Kernel mode allows virtually unlimited access to hardware and memo
                           Configure the system 2.0.8.8 a function in a Mode. (Analyze the system is to the Security Configuration
                                             PGD to calls
The default search behavior, when an application use Safe Dll Search Dynamic Link Library (DLL), usingsearch the current directorya
                                                                    Medium
                            updates perforrm by the Windows Media Player must -> Administrative Templates -> platforrm and to pr
The automatic check forrConfigure the policy value forr Computer Configurationbe disabled to ensure a constantWindows Compone
                                             PGD 2.0.8.8            Medium
                           Configure the policy value forr referred to as CODECs, to play back media files. Windows Components ->
The Windows Media Player uses software components,User Configuration -> Administrative Templates -> By default, when an unkn
                                             PGD 2.0.8.8            Medium
                           Configure attack surface of
                                             PGD to disable any services that are not required. (Windows 2003
         

                                                                                                                       Select ―Start‖

Unnecessary Services increase thethe system 2.0.8.8a system. MediumServices may be run under the local System Account, which
                                                                       Some                                                          Right-clic
                           Configure the system 2.0.8.8 a minimum requirement forr session forr use with RPC SSP based a hom
                                             PGD to meet
Starting with Windows 2000 Microsoft has implementedthevariety of security support providerssecurity forr NTLM sessions. InServe
                                                                    Medium
                           Configure the system 2.0.8.8
                                             PGD to require a userMedium forr accessing password) every time the use a using th
                                                                      password
Configuring this setting so that users must provide a password (distinct from their domainprivate keys. (Analyze theysystemkey mak
                           Configure protect users and
                                             PGD to enforrce software restriction policies. (Analyze the system viruses and Trojans hor
Software restriction policies help to the system 2.0.8.8 computers from executing unauthorized code such as using the Security Conf
                                                                    Medium
                           Configure the exposes the server to man in the middle attacks and data disclosure attacks. A man in the
Allowing unsecure RPC communicationpolicy value forr Computer Configuration -> Administrative Templates -> Windows Compone
                                             PGD 2.0.8.8            Medium
                           then selecting the Process even if the Medium objects thathave not changed option ensures that the polic
                                             PGD to reprocess Group Policy
Enabling this setting and Configure the system 2.0.8.8               Group Policy objects have changed by setting the policy value forr
                            appropriately, aPGD 2.0.8.8
                                              malicious about:blank, a trusted site, or a local file. browser which may Windows Regis
                                                                    Medium
By setting this parameterChange StartPage value toweb site will be automatically loaded into a(Procedure: Use thecontain mobile c
                           Change the value of so the HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
                                             level 2.0.8.8          Medium
The Internet zone must be set to custom PGDregistryother required settings forr the zone can take effect.
                           Under Tools/Internet Options, select the Privacy Tab and click the a site other than Change third party co
                                             PGD 2.0.8.8            Medium
This parameter ensures that third party cookies are blocked. Third party cookies come fromAdvanced button. the site being browsed
                           Change TLS arekey 2.0.8.8used fromMedium
                                               able to be             the browser.
This parameter ensures SSL and registryPGDHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings so that value Se
                           Change certifcate being presented byMedium site is invalid. Since server certificates are used the value
                                             PGD 2.0.8.8              the web
This parameter warns users if thethe registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings to to validate
                           Change the registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings user isvalue
                                             PGD between
This parameter warns the user when changing 2.0.8.8 zones. Medium     This conveys important inforrmation to the user so the to the remin
                           Change the registry key forrm is being redirected to another web site. Since the forrm may contain value
                                             from 2.0.8.8           Medium
This parameter warns the user that input PGD theHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings to the sensiti
                           Change be registry through the GUI, Medium
                                             PGD 2.0.8.8             it is important to ensure that Explorer\Control Panel to the value S
Since most of the IE settings can thechangedkey HKCU\Software\Policies\Microsoft\Internetuser's cannot change these settings.Ad
                           Change the registry key code and must only be allowed to be downloaded from trusted sites.
                                             PGD 2.0.8.8            Medium
Active X controls can contain potentially maliciousHKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key code and must only be allowed to be downloaded from trusted sites and they mu
                                             PGD 2.0.8.8            Medium
Active X controls can contain potentially maliciousHKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                              scripting should not be executed. Although this is not a complete security measure forr a
ActiveX controls that are Change the safePGD 2.0.8.8                Medium
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                              forr 2.0.8.8          Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change contain malicious code.
                                             PGD 2.0.8.8            Medium
Download of fonts can sometimesthe registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             PGD 2.0.8.8            Medium
Java must have level of protections based upon the site being browsed.
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             PGD 2.0.8.8            Medium
Access to data sources across multiple domains must be controlled based upon the site being browsed.
                           Change level ofPGD 2.0.8.8
                                              protection based upon the site being browsed.
                                                                    Medium
Display mixed content must have the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           If value forr this zone is present and Medium
                                             PGD 2.0.8.8             not based change the registry key HKLM\Software\Policies\Microso
Drag and Drop or copy andapaste files must have level of protectionset to 3 upon the site being accessed.
                                    Vista Security computer1;computer2 92
                                                   Guide - Appendix A, p.
                Microsoft WindowsECIM-1 - Instant Messaging;
                                   ECIM-1 - Instant Messaging;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.2
GPO                                 Vista Security computer1;computer2 34
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                 Server - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft WindowsECSC-12008 Security Guide - Appendix A, pp. 29 - 32
Configuration                       Vista Security computer1;computer2 48
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
Configuration                       Vista - Individual Identification and p.
                                                   Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                Microsoft WindowsIAIA-1 Security computer1;computer2 51
GPO                                 Vista Security computer1;computer2 51
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                ECCT-1 - Encryption for Confidentiality in Windows Server 2003 - Encrypt
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings(Data in Transit); ECCT-2 and Wind
Configuration                      ECCT-1 - Encryption for Confidentiality in Windows Server 2003 - Encrypt
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings(Data in Transit); ECCT-2 and Wind
GPO                                ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                       Vista Security computer1;computer2 89
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.4
GPO                                ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.4
GPO                                ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.4
GPO                                DCSL-1 - System Library V6.1, Section 8.2.4
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
GPO                                DCSL-1 - System Library V6.1, Section 8.2.4
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
                                   ECLO-1 - Logon; ECLO-2 - Logon;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                   ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                                   computer1;computer2
                                    Vista - Individual Identification and pp.
                                                   Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                Microsoft WindowsIAIA-1 Security computer1;computer2 91 -92
                                    Vista Security computer1;computer2 (Data in Transit); ECCT-2 - Encrypt
                                                   Guide - Appendix A, p.
                Microsoft WindowsECCT-1 - Encryption for Confidentiality92
                                   ECRC-1 - Resource Control;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                   ECRC-1 - Resource Control;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                   ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
                                   ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000 Addendum - V6.1, Section 8.2.1
                                   ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
                                   ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
GPO                                 Vista Security computer1;computer2 74 - 75
                                                   Guide - Appendix A, pp.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
Configuration                      ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                      DCSL-1 - System Library V6.1, Section 7.14
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
Configuration                       Vista Security computer1;computer2 44
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                DCSL-1 - System Library V6.1, Section 8.2.3
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
Configuration                      DCSL-1 - System Library V6.1, Section 8.2.3
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
Configuration                      ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.9
GPO                                 Vista Security computer1;computer2 (Data in Transit); ECCT-2 - Encrypt
                                                   Guide - Appendix A, p.
                Microsoft WindowsECCT-1 - Encryption for Confidentiality52
GPO                                 Server Individual Identification and Authentication;
                                                   computer1;computer2
                Microsoft WindowsIAIA-1 - 2008 Security Guide - Appendix A, p. 50 IAIA-2 - Individual Iden
Configuration                       Server - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft WindowsECSC-12008 Security Guide - Appendix A, pp. 51 - 52
Configuration                      ECSC-1 - Security Configuration Compliance;
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                       Vista Security computer1;computer2 74
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                                   computer2
                Desktop Application Security Technical Implementation Guide
                                   ECSC-1 - Technical Implementation Guide
                                                   computer1;computer2
                Desktop Application Security Security Configuration Compliance;
                                   ECSC-1 - Technical Implementation Guide
                                                   computer1;computer2
                Desktop Application Security Security Configuration Compliance;
                                   ECSC-1 - Technical Implementation Guide
                                                   computer1;computer2
                Desktop Application Security Security Configuration Compliance;
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   ECSC-1 - Technical Implementation Guide
                                                   computer1;computer2
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   computer1;computer2
                Desktop Application Security Security Configuration Compliance;
Open   V0006254   Windows 2003   DTBI037-Installation of desktop items - Internet
Open   V0006255   Windows 2003   DTBI038-Launching programs and files in IFRAME-Int
Open   V0006256   Windows 2003   DTBI039-Navigate sub-frames across domains-Interne
Open   V0006257   Windows 2003   DTBI040-Software channel permissions - Internet
Open   V0006258   Windows 2003   DTBI041-Submit non-encryped forrm data - Internet
Open   V0006259   Windows 2003   DTBI042-Userdata persistence - Internet Zone
Open   V0006260   Windows 2003   DTBI044-Allow paste operations via script-Internet
Open   V0006261   Windows 2003   DTBI045-Scripting of Java applets - Internet Zone
Open   V0006262   Windows 2003   DTBI046-User Authentication-Logon - Internet Zone
Open   V0006266   Windows 2003   DTBI056-Script ActiveX controls marked safe-Local
Open   V0006267   Windows 2003   DTBI061-Java Permissions not set - Local Zone
Open   V0006271   Windows 2003   DTBI065-Dont prompt client certificate - Local zon
Open   V0006274   Windows 2003   DTBI070-Software channel permissions - Local Zone
Open   V0006275   Windows 2003   DTBI074-Allow paste operations via script - Local
Open   V0006276   Windows 2003   DTBI076-User Authentication - Logon - Local Zone
Open   V0006280   Windows 2003   DTBI086-Activex controls marked safe - Trusted Sit
Open   V0006281   Windows 2003   DTBI091-Java Permissions not set - Trusted Sites
Open   V0006286   Windows 2003   DTBI100-Software channel permissions - Trusted Sit
Open   V0006287   Windows 2003   DTBI104-Allow paste operations via script-Trusted
Open   V0006288   Windows 2003   DTBI106-User Authentication - Logon - Trusted Site
Open   V0006289   Windows 2003   DTBI112-Download signed ActiveX - Restricted Sites
Open   V0006290   Windows 2003   DTBI113-Download unsigned ActiveX - Restricted Sit
Open   V0006291   Windows 2003   DTBI114-Initialize and script ActiveX - Restricted
Open   V0006292   Windows 2003   DTBI115-Run ActiveX controls and plugins-Restricte
Open   V0006293   Windows 2003   DTBI116-Script ActiveX controls marked safe-Restri
Open   V0006294   Windows 2003   DTBI119-File download control - Restricted Sites
Open   V0006295   Windows 2003   DTBI120-Font download control - Restricted Sites
Open   V0006297   Windows 2003   DTBI122-Access data sources - Restricted Sites
Open   V0006298   Windows 2003   DTBI123-Allow META REFRESH - Restricted Sites
Open   V0006299   Windows 2003   DTBI124-Display mixed content - Restricted Sites
Open   V0006301   Windows 2003   DTBI126-Drag and drop or copy and paste - Restrict
Open   V0006302   Windows 2003   DTBI127-Installation of desktop items - Restricted
Open   V0006303   Windows 2003   DTBI128-Launching programs and files in IFRAME-Res
Open   V0006304   Windows 2003   DTBI129-Navigate sub-frames across domain - Restri
Open   V0006305   Windows 2003   DTBI130-Software channel permissions - Restricted
Open   V0006306   Windows 2003   DTBI131-Submit non-encrypted forrm data-Restricted
Open   V0006307   Windows 2003   DTBI132-Userdata persistence - Restricted Sites
Open   V0006308   Windows 2003   DTBI133-Active scripting - Restricted Sites
Open   V0006309   Windows 2003   DTBI134-Allow paste operations via scripts-Restric
Open   V0006311   Windows 2003   DTBI136-User Authentication - Logon - Restricted
Open   V0006316   Windows 2003   DTBI160-Hash setting forr SHA is not set properly
Open   V0006318   Windows 2003   DTBG010-DoD Root Certificate is not installed
Open   V0006470   Windows 2003   DTAM005-McAfee VirusScan remove messages
Open   V0006472   Windows 2003   DTAM007-McAfee VirusScan delete infected file
Open   V0006475   Windows 2003   DTAM010-McAfee VirusScan limit log size parameter
Open   V0006476   Windows 2003   DTAM011-McAfee VirusScan log session parameter
Open   V0006592   Windows 2003   DTAM029-McAfee VirusScan allowed actions email
Open   V0006593   Windows 2003   DTAM030-McAfee VirusScan action prompt email
Open   V0006597   Windows 2003   DTAM036-McAfee VirusScan limit log size email
Open   V0006598   Windows 2003   DTAM037-McAfee VirusScan log content email
Open   V0006612   Windows 2003   DTAM053-McAfee VirusScan decode MIME encoded
Open   V0006617   Windows 2003   DTAM057-McAfee VirusScan secondary action
Open   V0006620   Windows 2003   DTAM060-McAfee VirusScan log file limit parameter
Open   V0006621   Windows 2003   DTAM061-McAfee VirusScan log session settings
Open   V0006627   Windows 2003   DTAM070-McAfee VirusScan schedule
Open   V0006754   Windows 2003   WA000-WI080
                           have level registry key based upon the site being accessed.
                                            PGD 2.0.8.8             Medium
Installation of items must Change theof protection HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Launching of programs in IFRAME must have level of protection based upon the site being accessed.
                           Change the domains2.0.8.8security concern because the user may think they are accessing Settings\Zon
                                            PGD are a               Medium
Frames that navigate across differentregistry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet pages on one
                           Procedure: havethe Windows
                                              level of protection based upon the site to the following
                                                                     Editor to
Software Channel permissions must Use PGD 2.0.8.8 RegistryMedium navigatebeing accessed. key: HKLM\Software\Policies\Mic
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
The user needs to be prompted beforre sending inforrmation from a browser that is not encrypted.
                           Change the of protection based uponMedium being accessed.
                                            PGD 2.0.8.8              the site
Userdata persistence must have levelregistry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Allow paste operations via script must have level of protection based upon the site being accessed.
                           Change the registry key upon the site Medium
                                            PGD 2.0.8.8             being accessed.
Java Applets must have level of protection based HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             and 2.0.8.8            Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default Windows credentials are passe
                           not marked registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             upon the site
Java must have level of protection basedPGD 2.0.8.8 being browsed.  Medium
                           not be presented to key sites without the user's acknowledgement.
                                            PGD 2.0.8.8             Medium
Client certificates should Change the registry web HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                                             level of protection based upon the site being accessed.
Software channel permissions must havePGD 2.0.8.8                   Medium
                           Change the must have HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                                            PGD 2.0.8.8             Medium
The Allow paste operations via script registry keylevel of protection based upon the site being accessed.
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet credentials are passe
                                             and 2.0.8.8            Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default WindowsSettings\Zones\1Crite
                           not marked registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             upon the site
Java must have level of protection basedPGD 2.0.8.8 being browsed.  Medium
                           Change the registry level of protection based upon the site being accessed.
                                            PGD 2.0.8.8             Medium
The Software channel permissions must havekey HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                            PGD 2.0.8.8             Medium
Allow paste operations via script must have level of protection based upon the site being accessed.
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet credentials are passe
                                             and 2.0.8.8            Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default WindowsSettings\Zones\2Crite
                           Change the registry key code and must only be allowed to be downloaded from trusted sites.
                                            PGD 2.0.8.8             Medium
ActiveX controls can contain potentially malicious HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key code and must only be allowed to be downloaded from trusted sites and they mu
                                            PGD 2.0.8.8             Medium
ActiveX controls can contain potentially malicious HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Files should not be able to be downloaded from sites that are considered restricted.
                           Change contain malicious code. Files should not be downloaded from restricted sites.
                                            PGD 2.0.8.8             Medium
Download of fonts can sometimesthe registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry 2.0.8.8
                                            PGD This zone must be set properly to ensure Outlook is secured.
                                                                    Medium
The restricted zones is used forr MS Outlook.key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           must have registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Allow META REFRESH Change the level of protection based upon the site being browsed.
                           Procedure: Usefrom a restricted site. Medium
                                             the 2.0.8.8
Mixed content poses a risk when coming PGDWindows Registry Editor to navigate to the following key: HKLM\Software\Policies\Mic
                           Change level ofPGD 2.0.8.8
                                             protection based upon the site being accessed.
                                                                    Medium
Drag and Drop of files must have the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4Crite
                           have level registry key based upon the site being accessed.
                                            PGD 2.0.8.8             Medium
Installation of items must Change theof protection HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Launching of programs in IFRAME must have level of protection based upon the site being accessed.
                           Change the domains2.0.8.8security concern because the user may think they are accessing Settings\Zon
                                            PGD are a               Medium
Frames that navigate across differentregistry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet pages on one
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             level of protection based upon the site being accessed.
Software channel permissions must havePGD 2.0.8.8                   Medium
                           Change must have key of protection based upon the site being accessed.
                                            PGD 2.0.8.8             Medium
Submit non-encrypted forrm data the registrylevelHKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4Crite
                           Change the registry in the Restricted sites zone.
                                            PGD 2.0.8.8             Medium
No perseistant data should exist and be used key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry based upon the site being accessed.
                                            PGD 2.0.8.8             Medium
Active Scripting must have level of protection key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the must have HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
The Allow paste operations via script registry keylevel of protection based upon the site being browsed.
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             and 2.0.8.8            Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default Windows credentials are passe
                           Navigate to SHA is enabled.
                                            PGD 2.0.8.8             Medium
This ensures that the Hash value forrthe registry key HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ha
                           will ensure that PGDcertificate. (Netscape Procedure: On the Edit issue select the Preferences… item. O
                                            root 2.0.8.8
The DOD root certificate Install the DOD the trust chain is established forr server certificatedmenu, from the DOD CA.
                                                                    Medium
                           Change the registry key alerts from the display.
                                            PGD 2.0.8.8             Medium
This parameter controls if users can remove virusHKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                           Change the registry key HKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                                            PGD 2.0.8.8
This parameter controls if infected files are deleted.              Medium
                           Change the       PGD 2.0.8.8             Medium
This parameter controls the log size. registry key HKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                           Change settings are 2.0.8.8
                                            PGD being logged. Medium
This parameter controls if sessionthe registry key HKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                           Change the should key HKLM\Software\McAfee\VSCore\Email scanner\Outlook\Ondelivery\ActionOptions
                                            PGD 2.0.8.8             Medium
This parameter controls what actions registry happen when a virus is detected.
                           Change the registry key HKLM\Software\McAfee\VSCore\Email scanner\Outlook\OnDelivery\ActionOption
                                            PGD 2.0.8.8             Medium
This parameter ensures appropriate actions are prompted forr when a virus is found.
                           Change the registry key HKLM\Software\McAfee\VSCore\Email
                                            PGD file to             Medium
This parameter deteremines the size of the log2.0.8.8ensure data is available forr review. Scanner\Outlook\OnDelivery\ReportOption
                           Change the registry key HKLM\Software\McAfee\VSCore\Email Scanner\OnDelivery\ReportOptions so tha
                                            PGD in the              Medium
This setting controls the entries that are stored2.0.8.8virus scanning log.
                           Change the files are scanned forr viruses.
                                            PGD 2.0.8.8             Medium
This file ensures that MIME encoded registry key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                           Change the registry that is perforrmedMedium virus is found.
                                            PGD 2.0.8.8              when a
This parameter controls the secondary action key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                           Change the registry key the log to ensure enough data is available forr review.
                                            size 2.0.8.8            Medium
This parameter determines the minimum PGDforr HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                           Change the registry are logged.
                                            PGD 2.0.8.8             Medium
This parameter ensures that session settings key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                           Change the scan is scheduled to be executed.
                                            PGD 2.0.8.8             Medium
This parameter ensures that the virusregistry key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                           the five most widely exploited holes inMedium
                                                                     unpatched versions of IIS in 2001, Windows 2000 and 2003 include
Cited by SANS as one ofProcedure: Start>>Run>>Regedt32>>navigate to \\Hkey_Local_Machine\Software\Policies\Microsoft\Wind
                                            PGD 2.0.8.8
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
Configuration                                   DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
Configuration                                   DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
                                                DCMC-1 - Mobile Code;
                                                               computer1;computer2
                              Desktop Application Security Technical Implementation Guide
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
GPO                                             ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
Configuration                                   ECSC-1 - Technical Implementation Guide
                                                               computer1;computer2
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                     ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                     ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
Configuration                                   ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                     ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                     ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                     ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 - Technical Implementation Guide
                                                               computer1
                              Desktop Application Security Security Configuration Compliance;
                                                ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 2.1
                                                               computer1
                              WEB SERVER SECURITY - Security Configuration Compliance;
Open   V0006832   Windows 2003   SMB Client Packet Signing (Always)
Open   V0006833   Windows 2003   SMB Server Packet Signing (Always)
Open   V0006836   Windows 2003   Minimum Password Length
Open   V0006840   Windows 2003   Password Expiration
Open   V0006850   Windows 2003   Auditing Configuration
Open   V0007002   Windows 2003   Password Requirement
Open   V0007006   Windows 2003   DTBI011-IE search parameter is not set correctly.
Open   V0007007   Windows 2003   DTBI121-Java Permissions not set forr Restricted
Open   V0013461   Windows 2003   2006-A-0056
Open   V0013603   Windows 2003   2007-B-0004
Open   V0013698   Windows 2003   WA000-WI035
Open   V0013700   Windows 2003   WA000-WI100
Open   V0013715   Windows 2003   WA000-WI6082
Open   V0013716   Windows 2003   WA000-WI6084
Open   V0013720   Windows 2003   WA000-WI6092
Open   V0013883   Windows 2003   2007-A-0020
Open   V0013934   Windows 2003   2007-A-0021
Open   V0013937   Windows 2003   2007-B-0009
Open   V0014353   Windows 2003   schannel.dll is the wrong version.
Open   V0014354   Windows 2003   2007-B-0011
Open   V0014358   Windows 2003   2007-A-0035
Open   V0014473   Windows 2003   2007-A-0037
Open   V0014474   Windows 2003   ntdsa.dll is the wrong version.
Open   V0014618   Windows 2003   DTAM090-McAfee VirusScan onaccess scan scripts
Open   V0014620   Windows 2003   DTAM092-McAfee VirusScan onaccess scan blocking
Open   V0014621   Windows 2003   DTAM093-McAfee VirusScan onaccess scan blocking
Open   V0014628   Windows 2003   DTAM106-McAfee VirusScan scan inside archive
Open   V0014629   Windows 2003   DTAM107-McAfee VirusScan scan MIME files parameter
Open   V0014652   Windows 2003   DTAM039-McAfee VirusScan unwanted programs action
Open   V0014661   Windows 2003   DTAM134-McAfee VirusScan log size limitation
Open   V0014662   Windows 2003   DTAM135-McAfee VirusScan detection of Spyware
Open   V0014663   Windows 2003   DTAM136-McAfee VirusScan detection of Adware
Open   V0014819   Windows 2003   2007-A-0042
Open   V0014825   Windows 2003   2007-A-0045
Open   V0014832   Windows 2003   2007-B-0026
Open   V0015305   Windows 2003   2007-T-0040
Open   V0015397   Windows 2003   2007-A-0053
Open   V0015505   Windows 2003   HBSS CMA Agent
Open   V0015588   Windows 2003   2007-A-0056
Open   V0015663   Windows 2003   2008-B-0003
Open   V0015739   Windows 2003   2008-B-0016
Open   V0015742   Windows 2003   2008-A-0005
Open   V0015744   Windows 2003   2008-A-0006
Open   V0015940   Windows 2003   2008-B-0034
Open   V0015943   Windows 2003   2008-B-0033
Open   V0015944   Windows 2003   2008-B-0035
Open   V0016036   Windows 2003   2008-A-0040
Open   V0016038   Windows 2003   2008-T-0025
Open   V0016041   Windows 2003   2008-T-0024
Open   V0016147   Windows 2003   2008-A-0044
Open   V0016737   Windows 2003   2008-A-0060
Open   V0016744   Windows 2003   2008-T-0039
Open   V0016745   Windows 2003   2008-B-0056
Open   V0016879   Windows 2003   DTBI025 - The Download signed ActiveX controls pro
Open   V0017793   Windows 2003   2008-B-0075
Open   V0017799   Windows 2003   Srv.sys is the wrong version.
                              causes the Windows to always sign SMB client traffic. (Analyze the system using signing when communi
If this policy is enabled, itConfigure the system 2.0.8.8 Message Block (SMB) client to perforrm SMB packetthe Security Configuratio
                                               PGD Server             Medium
                              causes the Windows so that MessageServer (SMB) server to always perforrm packets. (Analyze the
If this policy is enabled, itConfigure the system 2.0.8.8 the SMB Mediumpolicy is set to always sign SMB SMB packet signing. syste
                                               PGD Server               Block
                              protected all inforrmation systems to require passwords of the minimun length specified inthe opportunity f
                                               PGD password schemes including passwords of minimum length provide the check. (Ana
Inforrmation systems not Configure with strong 2.0.8.8                Medium
                             Configure reused increase the exposure of a password with greater probability of being   
Select ―Dump Users
Passwords that do not expire or areall inforrmation systems to expire passwords. (Using the DUMPSEC utility:
 discovered or crac
                                               PGD 2.0.8.8            Medium
                             of system the system 2.0.8.8
Maintaining an audit trail Configure activity logsto audit categories as outlined in check procedure. (Windows 2000/2003/XP - Analyz
                                                                      Medium
                                               PGD can help identify configuration errors, troubleshoot service disruptions, analyze com
                             Configure all DOD inforrmation systemsHigh
                                               anyone to gain                                                   The
                                                                                                                

                                                                         to require passwords to gain access.
 password required flag
The lack of password protection enables PGD 2.0.8.8 access to the inforrmation system, which opens a backdoor opportunity for
                             Use the Windows Registry perforrmedMedium address bar. When a web site is not found and searching
                                               PGD 2.0.8.8             from the
This parameter ensures automatic searches are not Editor to navigate to the following key: HKCU\Software\Microsoft\Internet Explo
                             Use the Windows Registry Editor to browsed.
                                                upon the site         Medium
Java must have level of protection basedPGD 2.0.8.8 being navigate to the following key: HKLM\Software\Policies\Microsoft\Wind
                             No Manual Fix Procedures (Windows - 

                                               PGD 2.0.8.8              
Check
                                                                      Medium that the following files are at the version indicated or later:
Two vulnerabilities have been identified affecting Microsoft Windows Media Player. Microsoft Windows Media Player is a multimedia
                                               PGD 2.0.8.8            Medium
                             No Manual Fix Procedures (Windows - Windows XP (x86) fixed by SP3 (not Visual Studio)Verify that the p
                             If is included byPGD 2.0.8.8 IIS. It directory has reset Windows passwords. The use of userid and pass
                                                 default with           High
The IISADMPWD directorypossible, ensure the IISADMPWDallows users tobeen removed from the web server.NOTE: There have
                              are not requiredPGD most Object using theshould be command:regsvr32 scrrun.dll /u (Query the SA or We
                                                 forr 2.0.8.8
Some COM components Unregister the File SystemapplicationsMedium       and following removed if possible. Most notably, consider disablin
                             Use the registry PGD 2.0.8.8
                                                editor and navigate toMedium
                                                                       the following A period and space are ASCII characters, but UTF8
UTF8 lets you represent characters of many languages in an encoded forrm. location in thearegistry:HKEY_LOCAL_MACHINE\Syst
                             Use the registry PGD 2.0.8.8
                                                editor and navigate toMedium
                                                                       the following location in and EnableNonUTF8 is non-zero, Http.sys
If non-zero, Http.sys always tries to decode a URL as UTF-8 first; if that conversion fails the registry:HKEY_LOCAL_MACHINE\Syst
                             Use the registry accepts the
                                                editor and navigate to notation
                                                                       the following location in the registry:HKEY_LOCAL_MACHINE\Syst
If PercentUAllowed is non-zero, Http.sys PGD 2.0.8.8%uNNNN Medium in request URLs. Allowing this type of notation, opens the
                             No Manual Fix Procedures (Windows Microsoft Windows Operating System Graphics Device Interface (GD
                                               PGD 2.0.8.8              High
Microsoft has reported several new vulnerabilities affecting the XP fixed by SP3Windows Vista fixed by SP1Verify that the patch has
                             vulnerability affecting 2.0.8.8 Agent.Medium
                                               PGD Microsoft            Microsoft SP3Verify that software services installed by checking
Microsoft has reported a No Manual Fix Procedures (Windows XP fixed byAgent is a set ofthe patch has beenthat developers can u
                             security bulletin PGD 2.0.8.8three vulnerabilities in Client/Server Run-time Subsystem (CSRSS). CSRSS
                                                addressing              High
Microsoft has released a No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vista fixed by SP1Verify that the pati
                                               PGD 2.0.8.8
                             No Manual Fix MS07-034 (Windows two privately reported and two publicly disclosed vulnerabilities in mu
                                               PGD 2.0.8.8            Medium
Microsoft has released Security Bulletin Proceduresaddressing XP (x86) fixed by SP3Windows Vista fixed by SP1Verify that the pat
                             No Manual Fix MS07-035 (Windows one new fixed by SP3Verify that Application Program Interface (API
                                               PGD 2.0.8.8            Medium
Microsoft has released Security Bulletin Proceduresaddressing XP (x86) vulnerability in a Win32 the patch has been installed by che
                             No Manual Fix Procedures (Verify that addressing several installed by checking that the .NET Framework.
                                               PGD Security            the patch
Executive Summary: Microsoft has released a 2.0.8.8 Bulletin Medium has beenvulnerabilities associated with following file is at
                                               PGD 2.0.8.8
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             Procedure: UsePGD 2.0.8.8
                                                 the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                             No Manual Fix Procedures (XML CoreMedium 3.0 and 6.0 in Windows XP (x86) fixed by SP3Download a
                                               PGD affects             Services
One new vulnerability has been disclosed that 2.0.8.8 Extensible Markup Language (XML) Core Services within Windows Operating
                              vulnerability has been discovered affecting Vector Markup Language (VML) a component of Microsoft In
                                               PGD 2.0.8.8            Medium
A remote code executionNo Manual Fix Procedures (IE 6 on Windows XP (x86) fixed by SP3Windows- Vista fixed by SP1Download
                             No Manual Fix Procedures multiple versions of Windows

Microsoft has reported two new vulnerabilities within (Windows Vista fixed by SP1

                                               PGD 2.0.8.8            Medium               Media Player. apply the appropriate patches from
                                                                                           Download and Windows Media Player is a multim
                             No Windows Remote2.0.8.8
                                               PGD Procedure Call XP (x86) fixed by SP3Windows Vista fixed Microsoft. Microsoft pat
                                                                        High
A new vulnerability affecting Manual Fix Procedures (Windows (RPC) Authentication has been reported byby SP1Verify that the RPC
                             new vulnerability affecting (Windows XP (x86) fixed by SP3Download within Windows XP and 2003 syste
                                               PGD 2.0.8.8            Medium
Microsoft has reported a No Manual Fix ProceduresUniforrm Resource Identifier (URI) Handling and apply the appropriate patches f
None Specified.              Deploy the CMA agent as detailed in the CTO and in accordance with the DOD IA Enterprise Solutions ST
                                               PGD 2.0.8.8            Medium
                             new vulnerability affecting (Windows Vista fixed by SP1Download and apply the appropriate patches from
                                               PGD 2.0.8.8            Medium
Microsoft has reported a No Manual Fix ProceduresWindows Media Format Runtime within Windows 2000, XP, 2003 and Vista. The
                             No Manual Fix Procedures (Windows Vista fixed by SP1
        
Download and apply IGMP (Internet patches from
Microsoft has reported two vulnerabilitiesPGD 2.0.8.8 ICMP (Internet Control Management Protocol), the appropriate Group Mana
                                                in processing           High
                             a remote code vulnerability affecting the way Internet Inforrmation Server (IIS) Microsoft as listed in MS Bu
                                               PGD 2.0.8.8             and apply
Microsoft has addressed No Manual Fix Procedures (DownloadMedium the appropriate patches from handles input to Active Serv
                             new vulnerability affecting (Windows XP (x86) fixed by SP3Download and apply the appropriate Web Dis
                                               PGD 2.0.8.8              High
Microsoft has reported a No Manual Fix ProceduresWebDAV Mini-Redirector within Windows XP, Server 2003 and Vista. patches f
                             new vulnerability affecting (Windows XP (x86) fixed by SP3 (not Visual Basic)Download within Windows 2
                                               PGD 2.0.8.8            Medium
Microsoft has reported a No Manual Fix Proceduresthe Object Linking and Embedding (OLE) Automation protocol and apply the app
                             a vulnerability Procedures (Windows XP (x86)
                                               PGD 2.0.8.8              Script (JScript) SP3Download and apply Edition (VBScript), which
Microsoft has addressed No Manual Fix affecting Microsoft JavaMedium fixed byand Visual Basic Scripting the appropriate patches a
                             a remote code execution vulnerability associated with the ActiveX control used in in Microsoft Bulletin MS
                                               PGD 2.0.8.8             and apply
Microsoft has addressed No Manual Fix Procedures (DownloadMedium the appropriate patches as listedMicrosoft Internet Explor
                             No reported by PGD 2.0.8.8 affects XP (x86) Domain Name System (DNS) clients in Windows Vista, Wi
                                               Microsoft that           High
A new vulnerability has beenManual Fix Procedures (Windows Windows fixed by SP3Download and apply the appropriate patches a
                             No Manual Fix Procedures (DownloadMedium the appropriate patches as parsing. An MJPEG file MS
                                                in Microsoft           and apply
Microsoft has reported two vulnerabilitiesPGD 2.0.8.8 DirectX affecting MJPEG File and SAMI forrmatlisted in Microsoft Bulletinis a
                             two vulnerabilities affecting the Pragmatic apply the appropriate patches as that could allow a denial of se
                                               PGD 2.0.8.8              High
Microsoft has addressed No Manual Fix Procedures (Download andGeneral Multicast (PGM) protocol listed in Microsoft Bulletin MS
                             vulnerability in Procedures (DownloadMediumthe Microsoft Speech Application Programming Bulletin tha
                                                                       and is
Microsoft has reported a No Manual Fix Microsoft Speech API. SAPIapply the appropriate patches as listed in Microsoftinterface MS
                                               PGD 2.0.8.8
                             No Manual Fix Procedures (Download and apply the Windows XP, Windows Server Microsoft Windows S
                                                that 2.0.8.8            High
Microsoft has reported two vulnerabilitiesPGD affect Microsoft Windows 2000, appropriate patches as listed in 2003, and Bulletin MS
                             vulnerability in Procedures (Download and apply the appropriate patches as listed in Microsoft Bulletin MS
                                               PGD 2.0.8.8              High
Microsoft has reported a No Manual Fix the Microsoft Image Color Management (ICM) system. Microsoft Image Color Managemen
                             No Manual Fix Procedures (Download and apply System that could allow remote in Microsoft Bulletin MS
                                               PGD 2.0.8.8              High
Microsoft has reported multiple vulnerabilities in Microsoft Windows Event the appropriate patches as listedcode execution. Microsof
                             vulnerability in Procedures (DownloadMedium the appropriate patches as listed attacker would create a
                                               PGD 2.0.8.8             and apply
Microsoft has reported a No Manual Fix Outlook Express and Windows Mail. To exploit this vulnerability, anin Microsoft Bulletin MS
                              you to manage whether users Configuration signed ActiveX controls from a Windows Components -> Inte
                                                 forr 2.0.8.8
This policy setting allows The policy valuePGD Computermay download -> Administrative Templates -> page in the zone. If you enab
                                                                      Medium
                             remote code execution vulnerability thatHigh on various Windows systems running IIS with the internet p
                                               PGD 2.0.8.8               exists
Microsoft has addressed No Manual Fix Procedures (Download and apply the appropriate patches as listed in Microsoft Bulletin MS
                                               PGD 2.0.8.8
GPO                                 Vista Security computer1;computer2 37
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                 Vista Security computer1;computer2 39
                                                   Guide - Appendix A, p.
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                 Vista - Individual Identification and p.
                                                   Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                Microsoft WindowsIAIA-1 Security computer1;computer2 4
GPO                                 Vista - Individual Identification and pp.
                                                   Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                Microsoft WindowsIAIA-1 Security computer1;computer2 2 - 5
Configuration                      ECAR-2 - Audit Record Content; ECAR-3 Audit Record Content;
                                                   computer1;computer2
                Microsoft Threats and Countermeasures: Security Settings in-Windows Server 2003 and Wind
GPO                                 Vista - Individual Identification and pp.
                                                   Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                Microsoft WindowsIAIA-1 Security computer1;computer2 2 - 5
                                   ECSC-1 - Technical Implementation Guide
                                                   computer1;computer2
                Desktop Application Security Security Configuration Compliance;
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                                   computer1;computer2
                                   ECMT-1 - Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                   ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 2.1
                                                   computer1
                WEB SERVER SECURITY - Security Configuration Compliance;
                                   ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 2.1
                                                   computer1
                WEB SERVER SECURITY - Security Configuration Compliance;
                                   ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 2.1
                                                   computer1
                WEB SERVER SECURITY - Security Configuration Compliance;
                                   ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 2.1
                                                   computer1
                WEB SERVER SECURITY - Security Configuration Compliance;
                                   ECSC-1 TECHNICAL IMPLEMENTATION GUIDE - Section 2.1
                                                   computer1
                WEB SERVER SECURITY - Security Configuration Compliance;
                                                   computer1;computer2
                                   ECMT-1 - Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                                   computer1;computer2
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECVP-1 - Technical Implementation Guide
                                                    Protection;
                Desktop Application Security Viruscomputer1
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECSC-1 Tasking Order (CTO) - Compliance;
                                                   computer1;computer2
                JTF-GNO Communications - Security Configuration07-12
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                   DCMC-1 - Mobile Code;
                                                   computer1;computer2
                Desktop Application Security Technical Implementation Guide
                                   ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                   computer1;computer2
                                                   computer1;computer2
Open   V0017870   Windows 2003   2008-A-0081
Open   V0017878   Windows 2003   2008-B-0079
Open   V0017900   Windows 2003   Disallow AutoPlay/Autorun from Autorun.inf
Open   V0017909   Windows 2003   2008-A-0087
Open              Windows XP     Microsoft Security Bulletin MS06-010
Open   V0001074   Windows XP     Approved DOD Virus Scan Program
Open   V0001077   Windows XP     Incorrect ACLs forr event logs
Open   V0001080   Windows XP     File Auditing Configuration
Open   V0001081   Windows XP     NTFS Requirement
Open   V0001083   Windows XP     POSIX subsystem registry
Open   V0001093   Windows XP     Restrict Anonymous Network Shares
Open   V0001097   Windows XP     Bad Logon Attempts
Open   V0001098   Windows XP     Bad Logon Counter Reset
Open   V0001099   Windows XP     Lockout Duration
Open   V0001103   Windows XP     User Rights Assignments
Open   V0001104   Windows XP     Maximum Password Age
Open   V0001105   Windows XP     Minimum Password Age
Open   V0001107   Windows XP     Password Uniqueness
Open   V0001113   Windows XP     Disable Guest Account
Open   V0001114   Windows XP     Rename Built-in Guest Account
Open   V0001115   Windows XP     Rename Built-in Administrator Account
Open   V0001118   Windows XP     Event Log Sizes
Open   V0001122   Windows XP     Password Protected Screen Saver
Open   V0001127   Windows XP     Restricted Administrator Group Membership
Open   V0001130   Windows XP     System File ACLs
Open   V0001139   Windows XP     Dial Up Password Saved
Open   V0001153   Windows XP     LanMan Authentication Level
Open   V0001154   Windows XP     Ctrl+Alt+Del Security Attention Sequence
Open   V0001155   Windows XP     Deny Access from the Network
Open   V0001157   Windows XP     Smart Card Removal Option
Open   V0001162   Windows XP     SMB Server Packet Signing (if client agrees)
Open   V0002371   Windows XP     ACLs forr disabled services
Open   V0002374   Windows XP     Disable Media Autoplay
Open   V0003245   Windows XP     File share ACLs
Open   V0003341   Windows XP     Terminal Service - Remote Control Settings
Open   V0003343   Windows XP     Remote Assistance - Solicit Remote Assistance
Open   V0003348   Windows XP     Windows Messenger - Do Not Allow To Run
Open   V0003349   Windows XP     Windows Messenger - Do Not Start Automatically
Open   V0003374   Windows XP     Strong Session Key
Open   V0003376   Windows XP     Storage of Credentials or .NET Passports
Open   V0003378   Windows XP     Sharing and Security Model forr Local Accounts
Open   V0003379   Windows XP     LAN Manager Hash Value Stored
Open   V0003380   Windows XP     Force Logoff When Logon Hours Expire
Open   V0003382   Windows XP     Session Security forr NTLM SSP Based Clients
Open   V0003383   Windows XP     FIPS Compliant Algorithms
Open   V0003426   Windows XP     NetMeeting Disable Remote Desktop Sharing
Open   V0003427   Windows XP     IE - Zones: Use Only Machine Settings
Open   V0003428   Windows XP     IE - Zones: Do Not Allow Users to Change Policies
Open   V0003429   Windows XP     IE - Zones: Do Not Allow Users to Add/Delete Sites
Open   V0003431   Windows XP     IE - Disable Automatic Install of IE Compenents
Open   V0003432   Windows XP     IE - Disable Periodic Check forr IE Updates
Open   V0003449   Windows XP     Terminal Services - Session Limit
Open   V0003450   Windows XP     Terminal Services - Limit Number of Connections
Open   V0003452   Windows XP     The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fW
Open   V0003453   Windows XP     Terminal Services - Password Prompting
Open   V0003454   Windows XP     Terminal Services - Set Encryption Level
                             a remote code execution vulnerability and apply the appropriate out-of-band security bulletin. The vulnera
                                              PGD 2.0.8.8                 the
Microsoft has addressed No Manual Fix Procedures (DownloadinHighServer service in thispatches as listed in Microsoft Bulletin MS
                              a Manual Fix in the 2.0.8.8 Message Block (SMB) appropriate patches as listed in Microsoft Bulletin MS
                                              PGD Server               and apply
Microsoft has announcedNovulnerability Procedures (DownloadMedium theof several Windows operating systems. SMB is a mess
                             Add the registry PGD 2.0.8.8
                                              value as specified in the manual
                                                                         High
This registry key will prevent the autorun.inf from executing commands. check. (In the Registry Editor, navigate to the following re
                             multiple vulnerabilities affecting Microsoft Internet Explorer. To exploit these vulnerabilities, a remote attac
                                              PGD 2.0.8.8              and apply
Microsoft has addressed No Manual Fix Procedures (DownloadMedium the appropriate patches as listed in Microsoft Bulletin MS
                             Client Deployment Inforrmation1. Download the The version of this security update "office2000-kb889167
                                              PGD 2.0.8.8            Medium
This update resolves a newly-discovered, privately-reported vulnerability. clientvulnerability is documented in the "Vulnerability Detai
                             Configure the system 2.0.8.8
                                              PGD with supported, DOD approved defense against the introduction that the signature fi
This is a Category 1 finding because Virus scan programs are a primary line of virus scanning software. Ensure of viruses and malic
                                                                         High
                             Set unauthorized, and possibly following Event Logs as proper in the manual check.
Event logs are susceptible to the ACL permissions on the anonymous, tampering if defined ACLs are not applied.(The event log files
                                              PGD 2.0.8.8            Medium
                             Configure auditing on2.0.8.8
                                              files each partition/drive inoperable. Further, modifications to these system files can hav
                                                                     Medium
Improper modification of the core system PGD can render a system to audit all "Failures" forr the "Everyone" group. (If system-level a
                             Format all the ability 2.0.8.8access permissions and audit critical directories and files use the Properties f
                                              PGD to set                 High
This is a category 1 finding becausepartitions/drives to use the NTFS file system. (Open Windows Explorer andis only available by u
                              with Security requirements, value from the Windows be disabled.
                                              PGD Registry           Medium
For the system to complyRemove the following2.0.8.8 the POSIX subsystem mustRegistry:HKLM\SYSTEM\CurrentControlSet\Contr
                             Configure the system 2.0.8.8
                                              PGD to prevent logon users (null from listing account to list and enumerating and enum
This is a Category 1 finding because it allows anonymous anonymous userssession connections)namesall account namesshared res
                                                                         High
                             Configure the system 2.0.8.8 out an account after 3 invalid on the system. The higher this value is, the les
                                              PGD to lock
The account lockout feature, when enabled, prevents brute-forrce password attacks logon attempts. (Analyze the system using the S
                                                                     Medium
                             the amount of time that must the lockout counter reset itself after a minimum of 60 minutes. (Analyze occ
                                              PGD to have
This parameter specifies Configure the system 2.0.8.8 pass between two successive login attempts to ensure that a lockout willthe s
                                                                     Medium
                             the amount of time that must pass beforre locked-out account is automatically unlocked by (Analyze the
                                              PGD so that
This parameter specifies Configure the system 2.0.8.8 the bad logonalockout duration conforrms to DoD requirements. the system.
                                                                     Medium
                             user and the system 2.0.8.8 can provide system, administrative, and other high level capabilities not req
                                              PGD to rights
Inappropriate granting of Configureadvanced userprevent accounts from having unauthorized User Rights. (Windows 2003 Member
                                                                     Medium
                              in use, the greater the opportunity forr so that it to gain unauthorized exceed 60 days. passwords. Furth
The longer a password isConfigure the Maximum Password Age someone is not "0" and doesn't knowledge of the (Analyze the syste
                                              PGD 2.0.8.8            Medium
                             Configure the immediate succession within the is a minimum of users to cycle passwords through Securi
                                                                        so that
Permitting passwords to be changed in Minimum Password AgeMedium itsame day, allows"1". (Analyze the system using the their h
                                              PGD 2.0.8.8
                             Configure the system 2.0.8.8
                                              PGD to remember a minimum recycle the passwords. (Analyze the system using the req
A system is more vulnerable to unauthorized access when system usersof "24" usedsame password several times without beingSec
                                                                     Medium
                             Configure the system 2.0.8.8 built-in guest Guest is not disabled. This system is a known account that e
                                              PGD to the
A system faces an increased vulnerability threat ifdisable the built-inaccountAccount. (Analyze the account using the Security Configu
                                                                     Medium
                             Configure the system 2.0.8.8 built-in built-in Guest is not renamed or disabled. using the Security Configu
                                              PGD to the
A system faces an increased vulnerability threat ifrename the guest accountaccount (Analyze the system The built-in guest account
                                                                     Medium
                             account is a system 2.0.8.8
                                              PGD to rename can be initialized with a blank password during using the Security Configu
The built-in administrator Configure theknown account that the Administrator account. (Analyze the system the basic installation. This
                                                                     Medium
                             Configure the system 2.0.8.8 the required minimum Event log sizes. (Analyze the system
                                              PGD to have
Inadequate log size will cause the log to fill up quickly and require frequent clearing by administrative personnel. using the Securi
                                                                     Medium
                             Configure unattended. Unattended systems are susceptible to unauthorized use. Control Panel -> shou
The system should be locked when The policy values forr User Configuration -> Administrative Templates ->The screen saver Displa
                                              PGD 2.0.8.8            Medium
                              have administrator duties should not have Administrator having Such rights would allow an account, withou
                                              PGD to prevent non-administrators from rights. Administrator rights. (If the account to byp
An account who does notConfigure the system 2.0.8.8                  Medium
                             Configure the Security Option:

                                               directory permissions, allows the possibility of unauthorized andpermissions apply to anon
Failure to properly configure ACL file andPGD 2.0.8.8 
        Windows 2003 - ―Network access: Let everyone anonymous modification
                                                                     Medium
                             Configure the system 2.0.8.8 to the the password used to gain access to a saved. (Analyze the system u
The default Windows configuration enables theto preventsavedial-up networking password from being remote server using the dial-u
                                              PGD option             Medium
                             Configure the system default forr authentication of users who are logging on to domain accounts from com
                                              PGD to the
The Kerberos v5 authentication protocol is the 2.0.8.8required level of LanMan authentication. (Analyze the system using the Securi
                                                                         High
                             Configure the system 2.0.8.8
                                              PGD to require the Ctrl+Alt+Del key sequence Because only Windows responds to the C
Disabling the Ctrl+Alt+Del security attention sequence can compromise system security. to log on. (Analyze the system using the Se
                                                                     Medium
                             Configure the system 2.0.8.8 logins by the built-in guest accounts, which are a member of
                                              PGD to give
This is a Category 1 finding because allowing network the right "Deny access to this computer from the network" to the Accounts/Gr
                                                                         High                                                      Everyone gr
                             Configure the system 2.0.8.8 minimum, lock user is removed from the smart card (Analyze the system us
                                              PGD to, at a
Determines what should happen when the smart card forr a logged-onthe system if a smart card is removed.reader.The options are:
                                                                     Medium
                              causes the Windows to have the SMB Server sign SMB packets when possible. (Analyze the
If this policy is enabled, itConfigure the system 2.0.8.8 Message Block (SMB) server to perforrm SMB packet signing. system usin
                                              PGD Server             Medium
                             Create a Custom Security control list Medium Security Template MMC Snap-in to set the When a service
                                                                      forr the
When configuring either the startup mode or accessTemplate using a service, you must configure the other as well. permissions as r
                                              PGD 2.0.8.8
                             Configure the system 2.0.8.8
                                              PGD as specified in theHigh drive. As prevent the setup file of programs and the music
Autoplay begins reading from a drive as soon as you insert media manual check to a result, removable media from autoplaying. (Ana
                                                                           in the
                             group is permissions 2.0.8.8 Everyone group from share is created, shares and should be reconfigured
                                              PGD from the
By default, the Everyone Remove given full control to new file shares. When alocally created file permissions assign them to authoriz
                                                                     Medium
                             Configure the forr remote controlremote High Servicescomputer by setting thea Category 1 forr Computer C
                                              PGD to prevent of Terminal of the user sessions. This is policy value finding because
This setting is used to control the rules system 2.0.8.8                 control
                             Configure solicited remote assistance isHigh
                                              PGD to disable Remote allowed from this computer. Solicited assistance is help that is sp
This setting controls whether or not the system 2.0.8.8                   Assistance by setting the policy value forr Computer Configuration
                             Windows the policy value forr beingMedium  run. Instant Messaging clients must be in compliance of Compone
This setting prevents the Configure Messenger 2.0.8.8 Computer Configuration -> Administrative Templates -> Windowswith the In
                                              PGD client from
                             automatic launch of value forr Computer at user logon. Administrative Templates -> Windows Compone
This setting prevents the Configure the policy Windows MessengerConfiguration ->Instant Messaging clients must be in compliance
                                              PGD 2.0.8.8            Medium
                             Configure the system session the Medium
                                              PGD to require
This setting controls the required strength of a 2.0.8.8 key. use of a strong session key. (Analyze the system using the Security Co
                             Configure the system 2.0.8.8
                                              PGD to credentials orMedium
                                                                        .NET passports on and .NET passports on the local system. (Analy
This setting controls the storage of authentication prevent the storage of credentials the local system. Such credentials should neve
                             Configure the securityto use
                                              PGD models—Classic logon, which requires users to log on as themselves. (Analyze the
Windows includes two network-sharing system 2.0.8.8 the Classic and Guest only. With the classic model, local accounts must be pa
                                                                     Medium
                             Configure a LAN Manager hash the LAN Manager hash fromthe SAM the next time the (Analyze the chang
                                              PGD to prevent of the password is stored in being stored in the SAM. password is system
This setting controls whether or not the system 2.0.8.8                  High
                             Configure usersPGDforrced to users when their allowed logon hours expire. If logon the system using the
                                               are to log
This setting controls whether or not the system 2.0.8.8off log off when their allowed logon hours expire. (Analyze hours are set forr use
                                                                     Medium
                             Configure the system 2.0.8.8 a variety of forr NTLM SSP based clients. (Windows 2003/XP - Analyze th
                                              PGD to meet
Starting with Windows 2000 Microsoft has implementedrequirementssecurity support providers forr use with RPC sessions. In a hom
                                                                     Medium
                                              PGD to require are FIPS FIPS compliant algorithms. (Analyze the system using the Secu
This setting ensures that Configure the system 2.0.8.8that the use of compliant forr encryption, hashing, and signing. FIPS compliant
                             the system uses algorithms              Medium
                                              users to interact and control one desktop. This could allow unauthorized users Compone
Remote desktop sharing Configure the policy value forr Computer Configuration -> Administrative Templates -> Windowsto control
                             enables severalPGD 2.0.8.8              Medium
                             Configure the policy 2.0.8.8 Computer of the computer. Security Zones control browser behavior at var
This setting enforrces consistent securityPGDvalue forr to all usersConfiguration -> Administrative Templates -> Windows Compone
                                              zone settings          Medium
                             Configure the policy Internet Computer Configuration -> Administrative Templates -> be made by Admin
This setting prevents users from changing thevalue forrExplorerMedium on the machine. Policy changes shouldWindows Compone
                                              PGD 2.0.8.8              policies
                             Configure the sites value forr security zones. Users should not be able to add sites to different Compone
This setting prevents users from addingpolicy to various Computer Configuration -> Administrative Templates -> Windows zones, as
                                              PGD 2.0.8.8            Medium
                             Configure the policy 2.0.8.8 Computer install components if it goes to a site that -> Windows Compone
                                               Explorer forr
This setting controls the ability of InternetPGDvalueto automaticallyConfiguration -> Administrative Templatesrequires components th
                                                                     Medium
                             Configure the policy value forr will periodically check the Administrative Templates -> Windows Compone
This setting determines whether or not Internet2.0.8.8 Computer Configuration ->Microsoft web sites to determine if there are upda
                                              PGD Explorer           Medium
                             2003/XP - Configure the is possible, forr Computer Configuration -> Administrative Templates -> Windows
This setting limits users to one remote session. It policy value ifMedium
                                              PGD 2.0.8.8              this setting is disabled, forr users to establish multiple sessions.
                             Configure the policy 2.0.8.8
                                              PGD connections allowed to the terminal Administrative Templates -> Windows Compone
This setting limits the number of simultaneousvalue forr Computer Configuration ->server. By default, unlimited connections are allo
                                                                     Medium
                                              PGD 2.0.8.8
                             Configure the Encryption forr Computer Configuration -> Administrative Templates -> Windows Compone
This setting, which is located under the policy valueand SecurityMedium of the Terminal Services configuration option, controls the a
                                              PGD 2.0.8.8              section
                             Configure the Encryption forr Computer Configuration -> Administrative Templates -> Windows Compone
This setting, which is located under the policy valueand SecurityMedium of the Terminal Services configuration option, controls the e
                                              PGD 2.0.8.8              section
                                                     ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                                  Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                                     computer1;computer2
                                                     ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                                  Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                                     computer1;computer2
                                                                     computer1;computer2
                                  JTF-GNO OPORDECSC-1 - Security Configuration Compliance;
                                                     ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
                                  Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                                                     computer1;computer2
                                                                     prolific
                                                     ECVP-1 - Technical Implementation Guide - Section 4
                                                                      Protection;
False Finding/Documentation NeededDesktop Application Security Virusprolific
Configuration                                        ECTP-1 - Auditpopdesktop;prolific;xpvm1
                                                                      Trail Protection;
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 6.1.2
Configuration                                         Server - Audit Record Content; ECAR-2 - Audit Record
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft WindowsECAR-12003 Security Guide - V2.0, Chap. 4, p. 60-61 Content; ECAR-3
Configuration                                        ECCD-1 - Changes to Security Settings in Windows Server 2003 and Wind
                                                                     popdesktop
                                  Microsoft Threats and Countermeasures: Data; ECCD-2 - Changes to Data;
GPO                                                  ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                                         Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appenidx A, p. 48
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A,
                                  Microsoft WindowsECLO-1 - Logon; ECLO-2 - Logon; pp. 6-7
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A,
                                  Microsoft WindowsECLO-1 - Logon; ECLO-2 - Logon; p. 7
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A,
                                  Microsoft WindowsECLO-1 - Logon; ECLO-2 - Logon; p. 6
GPO                                                  ECLP-1 - Least Privilege;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 5
GPO                                                   Vista - Individual Identification and p. 3
                                                                     Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1
GPO                                                   Vista - Individual Identification and p. 3-4
                                                                     Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1
GPO                                                   Vista - Individual Identification and p. 3
                                                                     Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1
GPO                                                   Vista Security popdesktop
                                                                     Guide - Appendix A, p. 29
                                  Microsoft WindowsIAAC-1 - Account Control;
                                                      Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 30
                                  Microsoft WindowsIAAC-1 - Account Control;
                                                      Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, pp. 29-30
                                  Microsoft WindowsIAAC-1 - Account Control;
Configuration                                        ECRR-1 - Audit Record Retention;
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                                        PESL-1 - Screen Lock;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.8
Business Risk Justification                          ECPA-1 Privileged Account Control;
                                                                     popdesktop;prolific;xpvm1
                                  Guide to Securing Microsoft- Windows NT Networks - Chapter 6, p. 35
Configuration                                        ECCD-1 - Changes to Data; ECCD-2 - Changes to Data;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 4.2
                                                     ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
GPO                                                   Vista - Individual Identification and p. 51
                                                                     Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1
                                                      Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, pp. 35-36
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                      Privilege;
                                  Microsoft WindowsECLP-1 - LeastGuide - Appendix A, p. 22
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 37
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 39
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                     ECCD-1 - Changes to Data; ECCD-2 - Changes to Data;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.9
GPO                                                   Vista Security prolific;xpvm1
                                                                      Privilege; ECSC-1 - Security Configuration Compliance;
                                  Microsoft WindowsECLP-1 - LeastGuide - Appendix A, p. 43
Configuration                                        ECAN-1 - Access for Need-to-Know;
                                                                     popdesktop
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 4.2
Configuration                                        ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
GPO                                                   Vista Security popdesktop;prolific;xpvm1 -75
                                                                     Guide - Appendix A, pp. 74
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                      Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 92
                                  Microsoft WindowsECIM-1 - Instant Messaging;
                                                     ECIM-1 - Instant Messaging;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.2
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 34
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
Configuration                                         Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 48
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                      Vista Security popdesktop;prolific;xpvm1
                                  Microsoft WindowsECLO-1 - Logon;   Guide - Appendix A, p. 50
Configuration                                         Vista - Individual Identification and p. 51
                                                                     Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1
GPO                                                   Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 51
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                  ECCT-1 - Encryption for Confidentiality in Windows Server 2003 - Encrypt
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft Threats and Countermeasures: Security Settings(Data in Transit); ECCT-2 and Wind
Configuration                                        ECCT-1 - Encryption for Confidentiality in Windows Server 2003 - Encrypt
                                                                     popdesktop;prolific;xpvm1
                                  Microsoft Threats and Countermeasures: Security Settings(Data in Transit); ECCT-2 and Wind
Configuration                                         Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. 89
                                  Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                                  ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.4
GPO                                                  ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.4
GPO                                                  ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.4
GPO                                                  DCSL-1 - System Library V6.1, Section 8.2.4
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - Management Controls;
GPO                                                  DCSL-1 - System Library V6.1, Section 8.2.4
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - Management Controls;
                                                     ECLO-1 - Logon; ECLO-2 - Logon;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                                     ECSC-1 - Security Configuration Compliance;
                                                                     popdesktop;prolific;xpvm1
                                  Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                                                     popdesktop;prolific;xpvm1
                                                      Vista - Individual Identification and pp. 91
                                                                     Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                                  Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1 -92
                                                      Vista Security popdesktop;prolific;xpvm1
                                                                     Guide - Appendix A, p. (Data in Transit); ECCT-2 - Encrypt
                                  Microsoft WindowsECCT-1 - Encryption for Confidentiality92
Open   V0003455   Windows XP   Terminal Services - Do Not Use Temp Folders
Open   V0003456   Windows XP   Terminal Services - Delete Temp Folders
Open   V0003457   Windows XP   Terminal Services - Time Limit forr Disc. Session
Open   V0003458   Windows XP   Terminal Services - Time Limit forr Idle Session
Open   V0003459   Windows XP   Terminal Services - Original Client Reconnection
Open   V0003460   Windows XP   Terminal Services - Enforrce Session Time Limit
Open   V0003470   Windows XP   Remote Assistance - Offer Remote Assistance
Open   V0003471   Windows XP   Error Reporting - Report Errors
Open   V0003478   Windows XP   Printers - Disallow Installation of Drivers
Open   V0003479   Windows XP   Safe DLL Search Mode
Open   V0003480   Windows XP   Media Player - Disabe Automatic Updates
Open   V0003481   Windows XP   Media Player - Prevent Codec Download
Open   V0003487   Windows XP   Unnecessary Services
Open   V0003666   Windows XP   Session Security forr NTLM SSP based Servers
Open   V0004447   Windows XP   Terminal Services - Secure RPC Connection.
Open   V0004448   Windows XP   Group Policy - Registry Policy Processing
Open   V0006228   Windows XP   DTBI001 - The IE home page is not set correctly
Open   V0006231   Windows XP   DTBI004-IE Internet zone parameter is set incorrec
Open   V0006233   Windows XP   DTBI006-IE Local zone includes parameter not set
Open   V0006234   Windows XP   DTBI007-IE third party cookies not set correctly
Open   V0006237   Windows XP   DTBI013-IE save encrypted pages to disk is not set
Open   V0006238   Windows XP   DTBI014-IE SSL/TLS parameter is not set correctly
Open   V0006239   Windows XP   DTBI015-IE warning of invalid certificates not set
Open   V0006240   Windows XP   DTBI016-IE changing zones is not set correctly
Open   V0006241   Windows XP   DTBI017-IE forrm redirect is not set correctly
Open   V0006242   Windows XP   DTBI021-Users can change advanced settings in IE
Open   V0006243   Windows XP   DTBI022-Download signed Active X controls-Internet
Open   V0006244   Windows XP   DTBI023-Download unsigned ActiveX controls-Interne
Open   V0006245   Windows XP   DTBI024-Initialize and script ActiveX controls
Open   V0006246   Windows XP   DTBI026-Script ActiveX marked safe forr scripting
Open   V0006248   Windows XP   DTBI030-Font download control - Internet Zone
Open   V0006249   Windows XP   DTBI031-Java Permissions not set forr Internet Zone
Open   V0006250   Windows XP   DTBI032-Access data sources across domains-Interne
Open   V0006251   Windows XP   DTBI034-Display mixed content - Internet Zone
Open   V0006253   Windows XP   DTBI036-Drag and drop or copy and paste-Internet
Open   V0006254   Windows XP   DTBI037-Installation of desktop items - Internet
Open   V0006255   Windows XP   DTBI038-Launching programs and files in IFRAME-Int
Open   V0006256   Windows XP   DTBI039-Navigate sub-frames across domains-Interne
Open   V0006257   Windows XP   DTBI040-Software channel permissions - Internet
Open   V0006258   Windows XP   DTBI041-Submit non-encryped forrm data - Internet
Open   V0006259   Windows XP   DTBI042-Userdata persistence - Internet Zone
Open   V0006260   Windows XP   DTBI044-Allow paste operations via script-Internet
Open   V0006261   Windows XP   DTBI045-Scripting of Java applets - Internet Zone
Open   V0006262   Windows XP   DTBI046-User Authentication-Logon - Internet Zone
Open   V0006266   Windows XP   DTBI056-Script ActiveX controls marked safe-Local
Open   V0006267   Windows XP   DTBI061-Java Permissions not set - Local Zone
Open   V0006271   Windows XP   DTBI065-Dont prompt client certificate - Local zon
Open   V0006274   Windows XP   DTBI070-Software channel permissions - Local Zone
Open   V0006275   Windows XP   DTBI074-Allow paste operations via script - Local
Open   V0006276   Windows XP   DTBI076-User Authentication - Logon - Local Zone
Open   V0006277   Windows XP   DTBI082-Download signed ActiveX - Trusted Sites
Open   V0006278   Windows XP   DTBI083-Download unsigned ActiveX - Trusted Sites
Open   V0006279   Windows XP   DTBI084-Initialize and script Activex - Trusted Si
Open   V0006280   Windows XP   DTBI086-Activex controls marked safe - Trusted Sit
Open   V0006281   Windows XP   DTBI091-Java Permissions not set - Trusted Sites
Open   V0006282   Windows XP   DTBI092-Access data sources across domains-Trusted
                           Configure the Temporary forr Computer of the Terminal Administrative Templates -> Windows the use o
This setting, which is located under the policy valueFolders sectionConfiguration -> Services configuration option, controls Compone
                                            PGD 2.0.8.8             Medium
                           Configure the Temporary forr Computer of the Terminal Administrative Templates -> Windows the deleti
This setting, which is located under the policy valueFolders sectionConfiguration -> Services configuration option, controls Compone
                                            PGD 2.0.8.8             Medium
                           Configure the Sessions section of the Medium Services Administrative Templates -> how long Compone
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows a session
                                            PGD 2.0.8.8             Terminal
                           Configure the Sessions section of the Medium Services Administrative Templates -> how long Compone
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows a session
                                            PGD 2.0.8.8             Terminal
                           Configure the Sessions section of the Medium Services Administrative Templates -> whether a different
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows Compone
                                            PGD 2.0.8.8             Terminal
                           Configure the Sessions section of the Medium Services Administrative Templates -> whether or not clien
This setting, which is located under the policy value forr Computer Configuration ->configuration option, controls Windows Compone
                                            PGD 2.0.8.8             Terminal
                           Configure the system to prevent unsolicited remote assistance offers users allowed to offer remote Comp
This setting controls whether unsolicited offers 2.0.8.8 to this computer are allowed. The list ofby setting the policy value forr assista
                                            PGD of help             Medium
                           Configure the system 2.0.8.8
                                            PGD to prevent error forrwarding by setting the policy value forr Computer Configuration
This setting controls the reporting of errors to Microsoft and, if defined, a corporate error reporting site. This does not interfere with-
                                                                    Medium
                           Configure the system to prevent it from allowing the installation of kernel-mode drivers by setting the policy
                                            PGD kernel              Medium
Kernel-mode drivers are drivers that operate in2.0.8.8 mode. Kernel mode allows virtually unlimited access to hardware and memo
                           Configure the system 2.0.8.8 a function in a Mode. (Analyze the system is to the Security Configuration
                                            PGD to calls
The default search behavior, when an application use Safe Dll Search Dynamic Link Library (DLL), usingsearch the current directorya
                                                                    Medium
                            updates perforrm by the Windows Media Player must -> Administrative Templates -> platforrm and to pr
The automatic check forrConfigure the policy value forr Computer Configurationbe disabled to ensure a constantWindows Compone
                                            PGD 2.0.8.8             Medium
                           Configure the policy value forr referred to as CODECs, to play back media files. Windows Components ->
The Windows Media Player uses software components,User Configuration -> Administrative Templates -> By default, when an unkn
                                            PGD 2.0.8.8             Medium
                           Configure attack surface of
                                            PGD to disable any services that are not required. (Windows 2003
      

                                                                                                                   Select ―Start‖

Unnecessary Services increase thethe system 2.0.8.8a system. MediumServices may be run under the local System Account, which
                                                                      Some                                                        Right-clic
                           Configure the system 2.0.8.8 a minimum requirement forr session forr use with RPC SSP based a hom
                                            PGD to meet
Starting with Windows 2000 Microsoft has implementedthevariety of security support providerssecurity forr NTLM sessions. InServe
                                                                    Medium
                           Configure the exposes the server to man in the middle attacks and data disclosure attacks. A man in the
Allowing unsecure RPC communicationpolicy value forr Computer Configuration -> Administrative Templates -> Windows Compone
                                            PGD 2.0.8.8             Medium
                           then selecting the Process even if the Medium objects thathave not changed option ensures that the polic
                                            PGD to reprocess Group Policy
Enabling this setting and Configure the system 2.0.8.8              Group Policy objects have changed by setting the policy value forr
                            appropriately, aPGD 2.0.8.8
                                             malicious about:blank, a trusted site, or a local file. browser which may Windows Regis
                                                                    Medium
By setting this parameterChange StartPage value toweb site will be automatically loaded into a(Procedure: Use thecontain mobile c
                           Change the value of so the HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
                                            level 2.0.8.8           Medium
The Internet zone must be set to custom PGDregistryother required settings forr the zone can take effect.
                           Change the value of registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
This parameter controls which sites are by default in the local zone. Since this is the least restrictive zone these settings ensure tha
                           Under Tools/Internet Options, select the Privacy Tab and click the a site other than Change third party co
                                            PGD 2.0.8.8             Medium
This parameter ensures that third party cookies are blocked. Third party cookies come fromAdvanced button. the site being browsed
                           Change the SSL or registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet web site doe
                                            PGD 2.0.8.8             Medium
This parameter ensures pages using value ofTLS are not cached to the local drive. This ensures sensitive data from a Settings to D
                           Change TLS arekey 2.0.8.8used fromMedium
                                              able to be             the browser.
This parameter ensures SSL and registryPGDHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings so that value Se
                           Change certifcate being presented byMedium site is invalid. Since server certificates are used the value
                                            PGD 2.0.8.8              the web
This parameter warns users if thethe registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings to to validate
                           Change the registry key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings user isvalue
                                            PGD between
This parameter warns the user when changing 2.0.8.8 zones. Medium    This conveys important inforrmation to the user so the to the remin
                           Change the registry key forrm is being redirected to another web site. Since the forrm may contain value
                                            from 2.0.8.8            Medium
This parameter warns the user that input PGD theHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings to the sensiti
                           Change be registry through the GUI, Medium
                                            PGD 2.0.8.8             it is important to ensure that Explorer\Control Panel to the value S
Since most of the IE settings can thechangedkey HKCU\Software\Policies\Microsoft\Internetuser's cannot change these settings.Ad
                           Change the registry key code and must only be allowed to be downloaded from trusted sites.
                                            PGD 2.0.8.8             Medium
Active X controls can contain potentially maliciousHKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key code and must only be allowed to be downloaded from trusted sites and they mu
                                            PGD 2.0.8.8             Medium
Active X controls can contain potentially maliciousHKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             scripting should not be executed. Although this is not a complete security measure forr a
ActiveX controls that are Change the safePGD 2.0.8.8                Medium
                           not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change contain malicious code.
                                            PGD 2.0.8.8             Medium
Download of fonts can sometimesthe registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Java must have level of protections based upon the site being browsed.
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Access to data sources across multiple domains must be controlled based upon the site being browsed.
                           Change level ofPGD 2.0.8.8
                                             protection based upon the site being browsed.
                                                                    Medium
Display mixed content must have the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           If value forr this zone is present and Medium
                                            PGD 2.0.8.8             not based change the registry key HKLM\Software\Policies\Microso
Drag and Drop or copy andapaste files must have level of protectionset to 3 upon the site being accessed.
                            have level registry key based upon the site being accessed.
                                            PGD 2.0.8.8             Medium
Installation of items must Change theof protection HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Launching of programs in IFRAME must have level of protection based upon the site being accessed.
                           Change the domains2.0.8.8security concern because the user may think they are accessing Settings\Zon
                                            PGD are a               Medium
Frames that navigate across differentregistry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet pages on one
                           Procedure: havethe Windows
                                              level of protection based upon the site to the following
                                                                     Editor to
Software Channel permissions must Use PGD 2.0.8.8 RegistryMedium navigatebeing accessed. key: HKLM\Software\Policies\Mic
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
The user needs to be prompted beforre sending inforrmation from a browser that is not encrypted.
                           Change the of protection based uponMedium being accessed.
                                            PGD 2.0.8.8              the site
Userdata persistence must have levelregistry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                            PGD 2.0.8.8             Medium
Allow paste operations via script must have level of protection based upon the site being accessed.
                           Change the registry key upon the site Medium
                                            PGD 2.0.8.8             being accessed.
Java Applets must have level of protection based HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             and 2.0.8.8            Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default Windows credentials are passe
                           not marked registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             upon the site
Java must have level of protection basedPGD 2.0.8.8 being browsed.  Medium
                           not be presented to key sites without the user's acknowledgement.
                                            PGD 2.0.8.8             Medium
Client certificates should Change the registry web HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                                             level of protection based upon the site being accessed.
Software channel permissions must havePGD 2.0.8.8                   Medium
                           Change the must have HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1Crite
                                            PGD 2.0.8.8             Medium
The Allow paste operations via script registry keylevel of protection based upon the site being accessed.
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet credentials are passe
                                             and 2.0.8.8            Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default WindowsSettings\Zones\1Crite
                           Change the registry key code and must only be allowed to be downloaded from trusted sites and they mus
                                            PGD 2.0.8.8             Medium
ActiveX controls can contain potentially malicious HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                           Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crit
                                            PGD 2.0.8.8             Medium
ActiveX controls can contain potentially malicious code and must only be allowed to be downloaded from trusted sites and they mus
                           not marked registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           not marked registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                             forr 2.0.8.8           Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                           Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                             upon the site
Java must have level of protection basedPGD 2.0.8.8 being browsed.  Medium
                           Change the must have HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                            PGD 2.0.8.8             Medium
Access data sources across domainsregistry key level of protection based upon the site being accessed.
                                   ECRC-1 - Resource Control;
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                   ECRC-1 - Resource Control;
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
                                   ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
                                   ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000 Addendum - V6.1, Section 8.2.1
                                   ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
                                   ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 8.2.1
GPO                                 Vista Security popdesktop;prolific;xpvm1 - 75
                                                   Guide - Appendix A, pp. 74
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
Configuration                      ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                      DCSL-1 - System Library V6.1, Section 7.14
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
Configuration                       Vista Security popdesktop;prolific;xpvm1
                                                   Guide - Appendix A, p. 44
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                DCSL-1 - System Library V6.1, Section 8.2.3
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
Configuration                      DCSL-1 - System Library V6.1, Section 8.2.3
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - Management Controls;
Configuration                      ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Windows 2003/XP/2000/VISTA Addendum - V6.1, Section 7.9
GPO                                 Vista Security popdesktop;prolific;xpvm1
                                                   Guide - Appendix A, p. (Data in Transit); ECCT-2 - Encrypt
                Microsoft WindowsECCT-1 - Encryption for Confidentiality52
Configuration                      ECSC-1 - Security Configuration Compliance;
                                                   popdesktop;prolific;xpvm1
                Microsoft Threats and Countermeasures: Security Settings in Windows Server 2003 and Wind
Configuration                       Vista Security popdesktop;prolific;xpvm1
                                                   Guide - Appendix A, p. 74
                Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                   DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
                                                   popdesktop
                Desktop Application Security Technical Implementation Guide
Configuration                      ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
                                   ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
                                   ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
                                   ECSC-1 - Technical Implementation Guide
                                                   prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
                                   ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
                                   DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
                                   ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
                                   DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                ECSC-1 - Technical Implementation Guide
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Security Configuration Compliance;
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
Configuration                      DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
GPO                                DCMC-1 - Mobile Code;
                                                   popdesktop;prolific;xpvm1
                Desktop Application Security Technical Implementation Guide
Open   V0006283   Windows XP   DTBI095-Dont prompt client certificates - Trusted
Open   V0006284   Windows XP   DTBI097-Installation of desktop items - Trusted Si
Open   V0006285   Windows XP   DTBI098-Launching programs and files in IFRAME-Tru
Open   V0006286   Windows XP   DTBI100-Software channel permissions - Trusted Sit
Open   V0006287   Windows XP   DTBI104-Allow paste operations via script-Trusted
Open   V0006288   Windows XP   DTBI106-User Authentication - Logon - Trusted Site
Open   V0006289   Windows XP   DTBI112-Download signed ActiveX - Restricted Sites
Open   V0006290   Windows XP   DTBI113-Download unsigned ActiveX - Restricted Sit
Open   V0006291   Windows XP   DTBI114-Initialize and script ActiveX - Restricted
Open   V0006292   Windows XP   DTBI115-Run ActiveX controls and plugins-Restricte
Open   V0006293   Windows XP   DTBI116-Script ActiveX controls marked safe-Restri
Open   V0006294   Windows XP   DTBI119-File download control - Restricted Sites
Open   V0006295   Windows XP   DTBI120-Font download control - Restricted Sites
Open   V0006297   Windows XP   DTBI122-Access data sources - Restricted Sites
Open   V0006298   Windows XP   DTBI123-Allow META REFRESH - Restricted Sites
Open   V0006299   Windows XP   DTBI124-Display mixed content - Restricted Sites
Open   V0006301   Windows XP   DTBI126-Drag and drop or copy and paste - Restrict
Open   V0006302   Windows XP   DTBI127-Installation of desktop items - Restricted
Open   V0006303   Windows XP   DTBI128-Launching programs and files in IFRAME-Res
Open   V0006304   Windows XP   DTBI129-Navigate sub-frames across domain - Restri
Open   V0006305   Windows XP   DTBI130-Software channel permissions - Restricted
Open   V0006306   Windows XP   DTBI131-Submit non-encrypted forrm data-Restricted
Open   V0006307   Windows XP   DTBI132-Userdata persistence - Restricted Sites
Open   V0006308   Windows XP   DTBI133-Active scripting - Restricted Sites
Open   V0006309   Windows XP   DTBI134-Allow paste operations via scripts-Restric
Open   V0006311   Windows XP   DTBI136-User Authentication - Logon - Restricted
Open   V0006312   Windows XP   DTBI150-Microsoft Java VM is installed
Open   V0006316   Windows XP   DTBI160-Hash setting forr SHA is not set properly
Open   V0006318   Windows XP   DTBG010-DoD Root Certificate is not installed
Open   V0006328   Windows XP   DTOO003
Open   V0006470   Windows XP   DTAM005-McAfee VirusScan remove messages
Open   V0006472   Windows XP   DTAM007-McAfee VirusScan delete infected file
Open   V0006475   Windows XP   DTAM010-McAfee VirusScan limit log size parameter
Open   V0006476   Windows XP   DTAM011-McAfee VirusScan log session parameter
Open   V0006592   Windows XP   DTAM029-McAfee VirusScan allowed actions email
Open   V0006593   Windows XP   DTAM030-McAfee VirusScan action prompt email
Open   V0006597   Windows XP   DTAM036-McAfee VirusScan limit log size email
Open   V0006598   Windows XP   DTAM037-McAfee VirusScan log content email
Open   V0006612   Windows XP   DTAM053-McAfee VirusScan decode MIME encoded
Open   V0006617   Windows XP   DTAM057-McAfee VirusScan secondary action
Open   V0006620   Windows XP   DTAM060-McAfee VirusScan log file limit parameter
Open   V0006621   Windows XP   DTAM061-McAfee VirusScan log session settings
Open   V0006627   Windows XP   DTAM070-McAfee VirusScan schedule
Open   V0006832   Windows XP   SMB Client Packet Signing (Always)
Open   V0006833   Windows XP   SMB Server Packet Signing (Always)
Open   V0006836   Windows XP   Minimum Password Length
Open   V0006840   Windows XP   Password Expiration
Open   V0006850   Windows XP   Auditing Configuration
Open   V0007002   Windows XP   Password Requirement
Open   V0007006   Windows XP   DTBI011-IE search parameter is not set correctly.
Open   V0007007   Windows XP   DTBI121-Java Permissions not set forr Restricted
Open   V0014247   Windows XP   Terminal Services - Prevent Password Saving
Open   V0014253   Windows XP   RPC - Unathenticated RPC Clients
Open   V0014254   Windows XP   RPC - Endpoint Mapper Authentication
Open   V0014255   Windows XP   Publish to Web
Open   V0014256   Windows XP   Internet Download / Online Ordering
                             not be presented to key sites without the user's acknowledgement.
                                              PGD 2.0.8.8            Medium
Client certificates should Change the registry web HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 to th
                             have level registry key based upon the site being accessed.
                                              PGD 2.0.8.8            Medium
Installation of items must Change theof protection HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                             Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                              PGD 2.0.8.8            Medium
Launching of programs in IFRAME must have level of protection based upon the site being accessed.
                             Change the registry level of protection based upon the site being accessed.
                                              PGD 2.0.8.8            Medium
The Software channel permissions must havekey HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                             Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2Crite
                                              PGD 2.0.8.8            Medium
Allow paste operations via script must have level of protection based upon the site being accessed.
                             Change the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet credentials are passe
                                               and 2.0.8.8           Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default WindowsSettings\Zones\2Crite
                             Change the registry key code and must only be allowed to be downloaded from trusted sites.
                                              PGD 2.0.8.8            Medium
ActiveX controls can contain potentially malicious HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                             Change the registry key code and must only be allowed to be downloaded from trusted sites and they mu
                                              PGD 2.0.8.8            Medium
ActiveX controls can contain potentially malicious HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                             not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                               forr 2.0.8.8          Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                             not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                               forr 2.0.8.8          Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                             not marked registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                               forr 2.0.8.8          Medium
ActiveX controls that are Change the safePGD scripting should not be executed. Although this is not a complete security measure fo
                             Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                              PGD 2.0.8.8            Medium
Files should not be able to be downloaded from sites that are considered restricted.
                             Change contain malicious code. Files should not be downloaded from restricted sites.
                                              PGD 2.0.8.8            Medium
Download of fonts can sometimesthe registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                             Change the registry 2.0.8.8
                                              PGD This zone must be set properly to ensure Outlook is secured.
                                                                     Medium
The restricted zones is used forr MS Outlook.key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                              must have registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                              PGD 2.0.8.8            Medium
Allow META REFRESH Change the level of protection based upon the site being browsed.
                             Procedure: Usefrom a restricted site. Medium
                                               the 2.0.8.8
Mixed content poses a risk when coming PGDWindows Registry Editor to navigate to the following key: HKLM\Software\Policies\Mic
                             Change level ofPGD 2.0.8.8
                                               protection based upon the site being accessed.
                                                                     Medium
Drag and Drop of files must have the registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4Crite
                             have level registry key based upon the site being accessed.
                                              PGD 2.0.8.8            Medium
Installation of items must Change theof protection HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                             Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                              PGD 2.0.8.8            Medium
Launching of programs in IFRAME must have level of protection based upon the site being accessed.
                             Change the domains2.0.8.8security concern because the user may think they are accessing Settings\Zon
                                              PGD are a              Medium
Frames that navigate across differentregistry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet pages on one
                             Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                               level of protection based upon the site being accessed.
Software channel permissions must havePGD 2.0.8.8                    Medium
                             Change must have key of protection based upon the site being accessed.
                                              PGD 2.0.8.8            Medium
Submit non-encrypted forrm data the registrylevelHKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4Crite
                             Change the registry in the Restricted sites zone.
                                              PGD 2.0.8.8            Medium
No perseistant data should exist and be used key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                             Change the registry based upon the site being accessed.
                                              PGD 2.0.8.8            Medium
Active Scripting must have level of protection key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                             Change the must have HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                              PGD 2.0.8.8            Medium
The Allow paste operations via script registry keylevel of protection based upon the site being browsed.
                             Change the registry key HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zon
                                               and 2.0.8.8           Medium
Care must be taken with user credentialsPGD how automatic logons are perforrmed and how default Windows credentials are passe
                             Delete support and should the %System
This software is no longer being the file msjava.dll in be removed. root%\System32 by going to the Start menu, Search | For Files o
                                              PGD 2.0.8.8            Medium
                             Navigate to SHA is enabled.
                                              PGD 2.0.8.8            Medium
This ensures that the Hash value forrthe registry key HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ha
                             will ensure that PGDcertificate. (Netscape Procedure: On the Edit issue select the Preferences… item. O
                                              root 2.0.8.8
The DOD root certificate Install the DOD the trust chain is established forr server certificatedmenu, from the DOD CA.
                                                                     Medium
                             For Office application data to the keyMedium
                                              PGD 2.0.8.8             HKCU\Software\Policies\Microsoft\Office\10.0\Common. Change th
This could potentially send senstiveXP, navigate to registryvendor and needs to be disabled.
                             Change the registry key alerts from the display.
                                              PGD 2.0.8.8            Medium
This parameter controls if users can remove virusHKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                             Change the registry key HKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                                              PGD 2.0.8.8
This parameter controls if infected files are deleted.               Medium
                             Change the       PGD 2.0.8.8            Medium
This parameter controls the log size. registry key HKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                             Change settings are 2.0.8.8
                                              PGD being logged. Medium
This parameter controls if sessionthe registry key HKLM\Software\Network Associates\TVD\Shared Components\On Access Scann
                             Change the should key HKLM\Software\McAfee\VSCore\Email scanner\Outlook\Ondelivery\ActionOptions
                                              PGD 2.0.8.8            Medium
This parameter controls what actions registry happen when a virus is detected.
                             Change the registry key HKLM\Software\McAfee\VSCore\Email scanner\Outlook\OnDelivery\ActionOption
                                              PGD 2.0.8.8            Medium
This parameter ensures appropriate actions are prompted forr when a virus is found.
                             Change the registry key HKLM\Software\McAfee\VSCore\Email
                                              PGD file to            Medium
This parameter deteremines the size of the log2.0.8.8ensure data is available forr review. Scanner\Outlook\OnDelivery\ReportOption
                             Change the registry key HKLM\Software\McAfee\VSCore\Email Scanner\OnDelivery\ReportOptions so tha
                                              PGD in the             Medium
This setting controls the entries that are stored2.0.8.8virus scanning log.
                             Change the files are scanned forr viruses.
                                              PGD 2.0.8.8            Medium
This file ensures that MIME encoded registry key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                             Change the registry that is perforrmedMedium virus is found.
                                              PGD 2.0.8.8              when a
This parameter controls the secondary action key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                             Change the registry key the log to ensure enough data is available forr review.
                                              size 2.0.8.8           Medium
This parameter determines the minimum PGDforr HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                             Change the registry are logged.
                                              PGD 2.0.8.8            Medium
This parameter ensures that session settings key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                             Change the scan is scheduled to be executed.
                                              PGD 2.0.8.8            Medium
This parameter ensures that the virusregistry key HKLM\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\Ta
                              causes the Windows to always sign SMB client traffic. (Analyze the system using signing when communi
If this policy is enabled, itConfigure the system 2.0.8.8 Message Block (SMB) client to perforrm SMB packetthe Security Configuratio
                                              PGD Server             Medium
                              causes the Windows so that MessageServer (SMB) server to always perforrm packets. (Analyze the
If this policy is enabled, itConfigure the system 2.0.8.8 the SMB Mediumpolicy is set to always sign SMB SMB packet signing. syste
                                              PGD Server               Block
                             protected all inforrmation systems to require passwords of the minimun length specified inthe opportunity f
                                              PGD password schemes including passwords of minimum length provide the check. (Ana
Inforrmation systems not Configure with strong 2.0.8.8               Medium
                             Configure reused increase the exposure of a password with greater probability of being 

                                                                                                                    Select ―Dump Users
Passwords that do not expire or areall inforrmation systems to expire passwords. (Using the DUMPSEC utility:
 discovered or crac
                                              PGD 2.0.8.8            Medium
                             of system the system 2.0.8.8
Maintaining an audit trail Configure activity logsto audit categories as outlined in check procedure. (Windows 2000/2003/XP - Analyz
                                                                     Medium
                                              PGD can help identify configuration errors, troubleshoot service disruptions, analyze com
                             Configure all DOD inforrmation systemsHigh
                                              anyone to gain                                                
The
                                                                        to require passwords to gain access.
 password required flag
The lack of password protection enables PGD 2.0.8.8 access to the inforrmation system, which opens a backdoor opportunity for
                             Use the Windows Registry perforrmedMedium address bar. When a web site is not found and searching
                                              PGD 2.0.8.8             from the
This parameter ensures automatic searches are not Editor to navigate to the following key: HKCU\Software\Microsoft\Internet Explo
                             Use the Windows Registry Editor to browsed.
                                               upon the site         Medium
Java must have level of protection basedPGD 2.0.8.8 being navigate to the following key: HKLM\Software\Policies\Microsoft\Wind
                             Vista - Configure the policy value Users from saving passwords Administrative Templates -> Windows Co
This check verifies that the system is configured to preventforr Computer Configuration -> in the Remote Desktop Client.
                                              PGD 2.0.8.8            Medium
                             Configure the policy value forr Computer Configuration clients from connecting to the System -> Remote
This check verifies that the system is configured to restrict unauthenticated RPC -> Administrative Templates ->RPC server.
                                              PGD 2.0.8.8            Medium
                                                                      computers to provide authentication beforre an System -> Remote
                             Configure the policy value forr Computer Configuration -> Administrative Templates ->RPC communication
                                              PGD 2.0.8.8
This check verifies that the system is configured to forrce client Medium
                             Configure the policy value forr Computer Configuration -> Administrative Templates -> and Folder Tasks
This check verifies that the system is configured to make the options to publish to the web unavailable from File System -> Internetin
                                              PGD 2.0.8.8            Medium
                             Configure the policy value forr Computer Configuration -> Administrative Templates the Web publishing an
This check verifies that the system is configured to prevent Windows from downloading a list of providers forr -> System -> Internet
                                              PGD 2.0.8.8            Medium
GPO                                              ECSC-1 - Technical Implementation Guide
                                                                 prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
GPO                                              DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
GPO                                              DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
GPO                                              DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
GPO                                              ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
GPO                                              ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
Configuration                                    DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
GPO                                              DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
GPO                                              ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
GPO                                              ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
GPO                                              ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Configuration                                    ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Configuration                                    ECSC-1 - Technical Implementation Guide - E.1.6
                                                                 popdesktop;popdesktop;popdesktop;popdesktop;popdeskto
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                      ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                      ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Configuration                                    ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                      ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                      ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
Business Risk Justification                      ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 popdesktop;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 ECSC-1 - Technical Implementation Guide
                                                                 xpvm1
                              Desktop Application Security Security Configuration Compliance;
GPO                                               Vista Security popdesktop;prolific;xpvm1
                                                                 Guide - Appendix A, p. 37
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                               Vista Security popdesktop;prolific;xpvm1
                                                                 Guide - Appendix A, p. 39
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
GPO                                               Vista - Individual Identification and p. 4
                                                                 Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                              Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1
GPO                                               Vista - Individual Identification and pp. 2
                                                                 Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                              Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1 - 5
Configuration                                    ECAR-2 - Audit Record Content; ECAR-3 Audit Record Content;
                                                                 popdesktop;prolific;xpvm1
                              Microsoft Threats and Countermeasures: Security Settings in-Windows Server 2003 and Wind
GPO                                               Vista - Individual Identification and pp. 2
                                                                 Guide - Appendix A, Authentication; IAIA-2 - Individual Iden
                              Microsoft WindowsIAIA-1 Security popdesktop;prolific;xpvm1 - 5
                                                 ECSC-1 - Technical Implementation Guide
                                                                 prolific;xpvm1
                              Desktop Application Security Security Configuration Compliance;
                                                 DCMC-1 - Mobile Code;
                                                                 popdesktop;prolific;xpvm1
                              Desktop Application Security Technical Implementation Guide
                                                  Vista Security popdesktop;prolific;xpvm1
                                                                 Guide - Appendix A, p. 90
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                  XP Security Guide - pp. 109 - 110
                                                                 popdesktop;prolific;xpvm1
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                  XP Security Guide - pp. 109 - 110
                                                                 popdesktop;prolific;xpvm1
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                  XP Security Guide - pp. 110 - 112
                                                                 popdesktop;prolific;xpvm1
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
                                                  XP Security Guide - pp. 110 - 112
                                                                 popdesktop;prolific;xpvm1
                              Microsoft WindowsECSC-1 - Security Configuration Compliance;
op;popdesktop;popdesktop;popdesktop;popdesktop;popdesktop;popdesktop
Open   V0014257   Windows XP   Windows Messenger Experience Improvement
Open   V0014258   Windows XP   Search Companion Content File Updates
Open   V0014259   Windows XP   Printing Over HTTP
Open   V0014260   Windows XP   HTTP Printer Drivers
Open   V0014261   Windows XP   Windows Update Device Drive Searching
Open   V0014267   Windows XP   Power Managment - Require Password on Resume
Open   V0014268   Windows XP   Attachment Managaer - Preserve Zone Info
Open   V0014269   Windows XP   Attachment Mgr - Hide Mech to Remove Zone Info
Open   V0014270   Windows XP   Attachment Mgr - Scan with Antivirus
Open   V0014620   Windows XP   DTAM092-McAfee VirusScan onaccess scan blocking
Open   V0014621   Windows XP   DTAM093-McAfee VirusScan onaccess scan blocking
Open   V0014628   Windows XP   DTAM106-McAfee VirusScan scan inside archive
Open   V0014629   Windows XP   DTAM107-McAfee VirusScan scan MIME files parameter
Open   V0014652   Windows XP   DTAM039-McAfee VirusScan unwanted programs action
Open   V0014661   Windows XP   DTAM134-McAfee VirusScan log size limitation
Open   V0014662   Windows XP   DTAM135-McAfee VirusScan detection of Spyware
Open   V0014663   Windows XP   DTAM136-McAfee VirusScan detection of Adware
Open   V0015505   Windows XP   HBSS CMA Agent
Open   V0015666   Windows XP   Windows Peer to Peer Networking
Open   V0015667   Windows XP   Prohibit Network Bridge
Open   V0015669   Windows XP   Prohibit Internet Connection Sharing
Open   V0015674   Windows XP   Internet File Association Service
Open   V0015677   Windows XP   Windows Movie Maker Codec Downloads
Open   V0015678   Windows XP   Windows Movie Maker Web Links
Open   V0015679   Windows XP   Windows Movie Maker Online Hosting
Open   V0015681   Windows XP   Prevent Internet Inforrmation Service (IIS) Install
Open   V0015683   Windows XP   Windows Explorer – Shell Protocol Protected Mode
Open   V0015684   Windows XP   Windows Installer – IE Security Prompt
Open   V0015685   Windows XP   Windows Installer – User Control
Open   V0015764   Windows XP   2008-A-0012
Open   V0016014   Windows XP   2008-A-0029
Open   V0016015   Windows XP   2008-A-0028
Open   V0016036   Windows XP   2008-A-0040
Open   V0016147   Windows XP   2008-A-0044
Open   V0016737   Windows XP   2008-A-0060
Open   V0016738   Windows XP   2008-A-0061
Open   V0016744   Windows XP   2008-T-0039
Open   V0016879   Windows XP   DTBI025 - The Download signed ActiveX controls pro
Open   V0017390   Windows XP   XP Firewall Domain – File and Printer Sharing
Open   V0017391   Windows XP   XP Firewall Domain – ICMP Exceptions
Open   V0017392   Windows XP   XP Firewall Domain – Local Port Exceptions
Open   V0017393   Windows XP   XP Firewall Domain – Local Program Excepti
Open   V0017397   Windows XP   XP Firewall Domain – Plug and Play
Open   V0017399   Windows XP   XP Firewall Domain – Unicast Response
Open   V0017400   Windows XP   XP Firewall Standard – File and Printer Sharing
Open   V0017401   Windows XP   XP Firewall Standard – ICMP Requests
Open   V0017402   Windows XP   XP Firewall Standard – Local Port Exceptions
Open   V0017403   Windows XP   XP Firewall Standard – Local Program Exceptions
Open   V0017404   Windows XP   XP Firewall Standard – Remote Administration
Open   V0017405   Windows XP   XP Firewall Standard – Remote Desktop
Open   V0017406   Windows XP   XP Firewall Standard – Plug and Play
Open   V0017407   Windows XP   XP Firewall Standard – No Exceptions
Open   V0017409   Windows XP   XP Firewall Standard – Unicast Response
Open   V0017410   Windows XP   XP Firewall Domain – Enable Firewall
Open   V0017411   Windows XP   XP Firewall Standard – Enable Firewall
Open   V0017793   Windows XP   2008-B-0075
                           Configure the policy value forr Computer Configuration from collecting anonymous -> System -> Internet
This check verifies that the system is configured to prevent Windows Messenger-> Administrative Templates inforrmation about how
                                             PGD 2.0.8.8            Medium
                           Configure tThe policy 2.0.8.8forr Computer Configuration -> automatically Templates -> System -> Interne
                                             PGD value
This check verifies that the system is configured to prevent Search Companion from Administrativedownload content updates during
                                                                    Medium
                           Configure the policy value forr Computer Configuration -> Administrative Templates -> System -> Internet
                                                                    client computer‘s ability to print over HTTP, which allows the comput
This check verifies that the system is configured to prevent the Medium
                                             PGD 2.0.8.8
                           Configure the policy value forr Computer Configuration -> Administrative Templates -> System -> Internet
                                             PGD 2.0.8.8            computer
This check verifies that the system is configured to prevent the Medium from downloading print driver packages over HTTP.
                           Configure the policy value forr Computer Configuration -> Administrative Templates -> System -> Internet
                                             PGD 2.0.8.8            Medium
This check verifies that the system is configured to prevent Windows from searching Windows Update forr device drivers when no l
                           Configure the policy value forr User on resume from Administrative Templates -> System ->Power Manage
This check verifies that the user is prompted forr a password Configuration -> hibernate/suspend.
                                             PGD 2.0.8.8            Medium
                           Configure the are marked with their zone of origin allowing Windows to determine risk.
This check verifies that file attachmentspolicy value forr User Configuration -> Administrative Templates -> Windows Components ->
                                             PGD 2.0.8.8            Medium
                           Configure the policy value forr User Configuration -> saved file attachments.
This check verifies that users cannot manually 2.0.8.8 zone inforrmation from Administrative Templates -> Windows Components ->
                                             PGD remove             Medium
                           Configure policyPGD notified Configuration -> a file attachment.
                                               value forr User
This check verifies that antivirus programs are 2.0.8.8 when a user opens Administrative Templates -> Windows Components -> At
                                                                    Medium
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
                           Procedure: UsePGD 2.0.8.8
                                               the                  Medium
This setting is required forr the virus software.Windows Registry Editor to navigate to the following key:HKLM\Software\Network Ass
None Specified.            Deploy the CMA agent as detailed in the CTO and in accordance with the DOD IA Enterprise Solutions ST
                                             PGD 2.0.8.8            Medium
                           Configure the policy value forr Computer Configuration -> Administrative Templates -> Network -> Microso
                                             PGD 2.0.8.8            Medium
This check verifies Microsoft Peer-to-Peer Networking Service is turned off.
                           Configure the policy value forr
This check verifies the Network Bridge can not2.0.8.8 Computer Configuration -> Administrative Templates -> Network -> Network
                                                                     configured.
                                             PGD be installed and Medium
                           Configure the Sharing can not be installed and configured.
This check verifies Internet Connection policy value forr Computer Configuration -> Administrative Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                                                                    the Microsoft Web Administrative Templates ->
                           Configure the policy value forr Computer Configuration ->service to find an application. System -> Internet
                                             PGD 2.0.8.8
This check verifies that unhandled file associations will not use Medium
                           Configure the policy automatically downloaded forr Windows Movie Maker.
This check verifies that the codecs will not be value forr Computer Configuration -> Administrative Templates -> System -> Internet
                                             PGD 2.0.8.8            Medium
                           Configure the sites value forr Computer Configuration -> Administrative Templates -> System -> Internet
This check verifies that the links to webpolicy in Windows MovieMediumwill not be available.
                                             PGD 2.0.8.8             Maker
                           Configure not be sent to a video hosting Configuration -> Administrative Templates -> System -> Internet
This check verifies that movies can the policy value forr Computer provider on the web.
                                             PGD 2.0.8.8            Medium
This check verifies IIS is Configure the policy value forr Computer Configuration -> Administrative Templates -> Windows Compone
                                             PGD installed          Medium
                           prevented from being2.0.8.8 on the system.
                           Configure the policy 2.0.8.8
                                              is run in protected mode. (This allows -> Administrative Templates -> folders.)
This check verifies that the shell protocol PGDvalue forr Computer Configuration applications to only open limitedWindows Compone
                                                                    Medium
                           Configure the policy web-based program Configuration -> Administrative Templates -> Windows Compone
This check verifies that users are notifiedPGDvalue forr Computer attempts to install software.
                                               if a 2.0.8.8         Medium
                           Configure the policy value forr Computer Configuration
This check verifies that users are prevented from changing installation options. -> Administrative Templates -> Windows Compone
                                             PGD 2.0.8.8            Medium
                           remote code execution vulnerability affecting Microsoft Outlook. To exploit this vulnerability, an attacker wo
                                             PGD 2.0.8.8            Medium
Microsoft has reported a No Manual Fix Procedures (Windows - Download and apply the appropriate patches from Microsoft as liste
                            a vulnerability Procedures (DownloadMedium the appropriate patches as listed attacker would create a
                                             PGD 2.0.8.8             and apply
Microsoft has addressed No Manual Fix affecting Microsoft Office Publisher. To exploit this vulnerability, an in Microsoft Bulletin MS
                            two vulnerabilities affecting Microsoft Medium the appropriate patches as an attacker would have to cre
                                             PGD 2.0.8.8             and apply
Microsoft has addressed No Manual Fix Procedures (DownloadWord. To exploit these vulnerabilities, listed in Microsoft Bulletin MS
                           No Manual Fix Procedures (DownloadMedium the appropriate patches as parsing. An MJPEG file MS
                                              in Microsoft           and apply
Microsoft has reported two vulnerabilitiesPGD 2.0.8.8 DirectX affecting MJPEG File and SAMI forrmatlisted in Microsoft Bulletinis a
                           No Manual Fix Procedures (Download and apply the Windows XP, Windows Server Microsoft Windows S
                                              that 2.0.8.8            High
Microsoft has reported two vulnerabilitiesPGD affect Microsoft Windows 2000, appropriate patches as listed in 2003, and Bulletin MS
                           vulnerability in Procedures (Download and apply the appropriate patches as listed in Microsoft Bulletin MS
                                             PGD 2.0.8.8              High
Microsoft has reported a No Manual Fix the Microsoft Image Color Management (ICM) system. Microsoft Image Color Managemen
                           No vulnerabilities in Microsoft Office PowerPoint and Microsoft Office PowerPoint in Microsoft Bulletin MS
                                             PGD 2.0.8.8             and apply
Microsoft has reported three Manual Fix Procedures (DownloadMedium the appropriate patches as listed Viewer. To exploit these
                           No Manual Fix Procedures (Download and apply System that could allow remote in Microsoft Bulletin MS
                                             PGD 2.0.8.8              High
Microsoft has reported multiple vulnerabilities in Microsoft Windows Event the appropriate patches as listedcode execution. Microsof
                            you to manage whether users Configuration signed ActiveX controls from a Windows Components -> Inte
                                                forr 2.0.8.8
This policy setting allows The policy valuePGD Computermay download -> Administrative Templates -> page in the zone. If you enab
                                                                    Medium
                            will not be available value forr Computer Configuration -> Administrative
Shared files and printers Configure the policy to other computers when connected to the domain. Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                             requests the policy value forr connected to the domain.
Only Inbound ICMP echoConfigure will be allowed whenComputer Configuration -> Administrative Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the policy 2.0.8.8
Local port exceptions can not be defined PGDvalue forr Computer Configuration -> Administrative Templates -> Network -> Network
                                                                    Medium
                                              when connected to the domain.
                           Configure the policy when connected to Configuration
Local program exceptions can not be defined value forr Computerthe domain. -> Administrative Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the policy 2.0.8.8
Unsolicited Plug and Play messages will PGDvalue forr Computer Configuration -> Administrative Templates -> Network -> Network
                                                                    Medium
                                             be blocked when connected to the domain.
                           Configure outgoing value forr Computer Configuration -> Administrative Templates -> Network -> Network
The receipt of unicast responses to the policy multicast or broadcast messages will be blocked when connected to the domain.
                                             PGD 2.0.8.8            Medium
                            will not be available value forr Computer Configuration -> Administrative Templates -> Network -> Network
Shared files and printers Configure the policy to other computers when not connected to the domain.
                                             PGD 2.0.8.8            Medium
                           Configure the policy value to the domain.
ICMP requests will be blocked when not connected forr Computer Configuration -> Administrative Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the policy 2.0.8.8 Computer Configuration -> Administrative Templates -> Network -> Network
                                              when not forr
Local port exceptions can not be defined PGDvalueconnected to the domain.
                                                                    Medium
                           Configure the policy when not Computer to the domain.
Local program exceptions can not be defined value forr connected Configuration -> Administrative Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the related 2.0.8.8
Blocks incoming unsolicited messages policy value forr Computer Configuration -> Administrative Templates -> Network -> Network
                                                                    Medium
                                             PGD to remote administration when not connected to the domain.
                           Configure the not connected Computer Configuration -> Administrative Templates -> Network -> Network
Blocks Remote Desktop requests whenpolicy value forrto the domain.
                                             PGD 2.0.8.8            Medium
                           Configure the policy value forr Computer Configuration
Blocks unsolicited Plug and Play messages when not connected to the domain. -> Administrative Templates -> Network -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the policy 2.0.8.8 not connected to the domain.
All unsolicited incoming messages will bePGDvalue forr Computer Configuration -> Administrative Templates -> Network -> Network
                                               blocked when         Medium
                           Configure outgoing value forr Computer Configuration -> Administrative Templates -> Network domain.
The receipt of unicast responses to the policy multicast or broadcast messages will be blocked when not connected to the -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the policy value forr Computer Configuration -> Administrative Templates -> Network system is
This setting enables the Windows Firewall when connected to the domain.The domain profile settings are used when the -> Network
                                             PGD 2.0.8.8            Medium
                           Configure the policy value connected Medium
                                                                    to Configuration -> Administrative settings are Network -> Network
This setting enables the Windows Firewall when notforr Computer the domain.The standard profileTemplates ->used when the syste
                                             PGD 2.0.8.8
                            remote code execution vulnerability thatHigh on various Windows systems running IIS with the internet p
                                             PGD 2.0.8.8               exists
Microsoft has addressed No Manual Fix Procedures (Download and apply the appropriate patches as listed in Microsoft Bulletin MS
                   XP Security Guide - pp. 110 - 112
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 110 - 112
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 110 - 112
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 110 - 112
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 110 - 112
                                  popdesktop;prolific;xpvm1
Microsoft WindowsDCSL-1 - System Library Management Controls;
                   XP Security Guide - p. 131
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 128 - 129
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 128 - 129
                                  popdesktop;prolific;xpvm1
Microsoft WindowsECSC-1 - Security Configuration Compliance;
                   XP Security Guide - pp. 128 - 129
                                   Protection;
Microsoft WindowsECVP-1 - Viruspopdesktop;prolific;xpvm1
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECVP-1 - Technical Implementation
                                   Protection;
Desktop Application Security Viruspopdesktop;xpvm1 Guide
                  ECSC-1 Tasking Order (CTO) - Compliance;
                                  popdesktop;prolific;xpvm1
JTF-GNO Communications - Security Configuration07-12
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  popdesktop
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  popdesktop
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  popdesktop
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  prolific
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  prolific
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  prolific
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  popdesktop
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  prolific
                  DCMC-1 - Mobile Code;
                                  popdesktop;prolific;xpvm1
Desktop Application Security Technical Implementation Guide
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECSC-1 - Security Configuration Compliance;
                                  popdesktop;prolific;xpvm1
Federal Desktop Core Configuration (FDCC)
                  ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  popdesktop;prolific;xpvm1
Open   V0017900   Windows XP   Disallow AutoPlay/Autorun from Autorun.inf
Open   V0017909   Windows XP   2008-A-0087
Open   1052       Windows XP   Account Lockout Reset Time
Open   1053       Windows XP   Account Lockout Threshold
Open   10545      Windows XP   2009-A-0097 Microsoft Office ActiveX ATL Vulnerabilities (973965) - Out
Open   10546      Windows XP   2009-A-0097 Microsoft Office ActiveX ATL Vulnerabilities (973965) - Vis
Open   10562      Windows XP   2009-A-0099 Microsoft Windows GDI+ Multiple Vulnerabilities (957488)
Open   12         Windows XP   Minimum Password Length
Open   173        Windows XP   Clear Page File
Open   185        Windows XP   MSCHAPv2 VPN
Open   190        Windows XP   Microsoft Windows Secure Print Driver Installation
Open   202        Windows XP   Dialup Save Password
Open   2052       Windows XP   Windows AutoReboot Enabled
Open   208        Windows XP   MS RAS Encrypt
Open   209        Windows XP   MS RAS Logging
Open   2110       Windows XP   Windows Event Auditing Disabled
Open   219        Windows XP   PPP Client Security
Open   2729       Windows XP   Microsoft Windows Malicious Software Removal Tool
Open   2913       Windows XP   Null Session Registry Settings
Open   3009       Windows XP   Microsoft Update Not Installed
Open   418        Windows XP   Auto Sharing Drive Problem - Server
Open   419        Windows XP   Auto Sharing Drive Problem - Wks
Open   5354       Windows XP   Service Control - Error Reporting Service
Open   5367       Windows XP   Service Control - Indexing Service
Open   5387       Windows XP   Service Control - NetMeeting Remote Desktop Sharing
Open   5400       Windows XP   Service Control - Remote Access Connection Manager
Open   5437       Windows XP   Service Control - Universal Plug and Play Device Host
Open   5443       Windows XP   Service Control - WebClient
Open   5454       Windows XP   Service Control - Wireless Zero Configuration
Open   5802       Windows XP   2007-A-0030 Microsoft Office Remote Code Execution (934873) - Office
Open   5853       Windows XP   DCOM Enabled
Open   5867       Windows XP   Microsoft Publisher Remote Code Execution (936548)
Open   5915       Windows XP   2007-A-0042 Microsoft XML Core Services Remote Code Execution (936
Open   6368       Windows XP   2008-A-0012 Microsoft Outlook Malforrmed mailto URI Handling (949031
Open   6390       Windows XP   Virtual Environment Detected
Open   6410       Windows XP   Account Lockout Threshold - FDCC
Open   6411       Windows XP   Minimum Password Length - FDCC
Open   6412       Windows XP   Microsoft Windows Policy Change Success Auditing - FDCC
Open   6413       Windows XP   Microsoft Windows System Event Success Auditing - FDCC
Open   6415       Windows XP   Microsoft Windows sc.exe ACL
Open   6421       Windows XP   Windows Legal Notice Text Not Enabled
Open   6441       Windows XP   Microsoft Windows User Rights Assignment - Deny Logon Terminal Serv
Open   6504       Windows XP   Adobe Flash Player Multiple Vulnerabilities - April 2008 - IE
Open   6607       Windows XP   Microsoft Windows Null Sessions can Enumerate Local SAM Accounts a
Open   6621       Windows XP   2008-A-0028 Microsoft Word CSS and RTF Memory Corruption (951207
Open   6622       Windows XP   2008-A-0028 Microsoft Word CSS and RTF Memory Corruption (951207
Open   6628       Windows XP   2008-A-0029 Microsoft Publisher Object Handler Remote Code Executio
Open   6646       Windows XP   Microsoft Windows User Rights Assignment - Bypass Traverse Setting -
Open   6790       Windows XP   Verify Microsoft Windows Automatic MTU Size Detection - FDCC
Open   6798       Windows XP   Verify Microsoft Windows Anonymous SID/Name Translation
Open   6799       Windows XP   Verify Microsoft Windows Password Complexity
Open   6823       Windows XP   Verify Microsoft Windows Hidden Computer Name - FDCC
Open   6824       Windows XP   Verify Microsoft Windows Event Retention Method - FDCC - Application
Open   6825       Windows XP   Verify Microsoft Windows Event Retention Method - FDCC - Security
Open   6826       Windows XP   Verify Microsoft Windows Event Retention Method - FDCC - System
Open   6827       Windows XP   Verify Microsoft Windows Default IPSec Exemptions - FDCC
                           Add the registry PGD 2.0.8.8
                                             value as specified in the manual
                                                                       High
This registry key will prevent the autorun.inf from executing commands. check. (In the Registry Editor, navigate to the following re
                           multiple vulnerabilities affecting Microsoft Internet Explorer. To exploit these vulnerabilities, a remote attac
                                             PGD 2.0.8.8              and apply
Microsoft has addressed No Manual Fix Procedures (DownloadMedium the appropriate patches as listed in Microsoft Bulletin MS
                           It is recommendedRetina
                                                 that minutes that must elapse after a to 60 minutes. To set the account lockout counte
                                                                     Medium
Account lockout reset determines the number of account lockout reset time be setfailed logon attempt beforre the bad logon attemp
                           It is recommendedRetina
                                                 that account failed Medium
                                                                     logon attempts that will cause a or 5 attempts forr locked Desktop
The account lockout threshold determines the number of lockout threshold be set to 3 attempts,user account to beFederal out. Note
                           Install the appropriate patch from Microsoft or
                                                Retina                 included with Windows Update.<BR><BR>Note: Microsoft is adv
Multiple vulnerabilities exist in the Active Template Library (ATL) High throughvarious Microsoft Office ActiveX controls. Compone
                           Install the appropriate patch from Microsoft or
                                                Retina                 included with Windows Update.<BR><BR>Note: Microsoft is adv
Multiple vulnerabilities exist in the Active Template Library (ATL) High throughvarious Microsoft Office ActiveX controls. Compone
                            contains appropriate patch from Microsoft or through Windows Update.
                                                Retina                 High
Microsoft Windows GDI+Install themultiple vulnerabilities when processing malforrmed image files (WMF, PNG, TIFF, BMP), proce
                           It is recommendedRetina
                                                 that account passwords are a minimum of 14 characters, a 12 characters forr Linux/Un
                                                                     Medium
The minimum password length does not contain the recommended amount of characters required forror password. Note: Federal
                            virtual memory. It can contain sensitive inforrmation such shutdown set and passwords.
                                                Retina               Medium
The page file is used forrTo have the page file automatically cleared on a reboot or as usernamesthe following Registry key settings
                           To enforrce MSCHAP V2 set the following key:<BR><b>Hive: </b>HKEY_LOCAL_MACHINE<BR><b>Pa
                                                Retina               Medium
It is recommended to enforrce MSCHAP V2; this forrces the server to drop any VPN (Virtual Private Network) connections that do n
                           To restrict the users from installing printer drivers. By Administrators level user can bypass the security
                                                Retina               Medium
The system is not configured to preventinstallation of printer drivers to only allowdefault, any low and Print Operators set the followino
                           To disable the caching of the dial-up password passwords between <BR><b>Hive: </b>HKEY_LOCAL_M
                                                Retina               Medium
Windows Remote Access Services (RAS) are configured to save dial-upset the following key: sessions. It is recommended not to ca
                           this system has system from perforrming an automatic reboot upon lock-up or failure, right click on the 'M
Retina has detected that To configure thisthe AutoReboot option enabled.
                                                Retina            Informational
                           To forrce encrypted transfers set the following
                                                Retina                data transfers. It is recommended to encrypt all transfers between c
The current MS RAS (Remote Access Server) is not encryptingMedium Registry key settings:<br><b>Hive: </b>HKEY_LOCAL_MA
                           To enable logging,Retina following Registry key settings:<BR><b>Hive: </b>HKEY_LOCAL_MACHINE<B
                                                 set the             Medium
The current MS RAS (Remote Access Server) is not logging connections. It is recommended to log all RAS connection inforrmation
                           the recommendedRetina that event auditing auditing
                                                                      be enabled in the Even specific Security Policy. that auditing polic
Retina has detected that It is scanned host has Windows event Medium disabled. system's Local event categories The are set to gen
                           To require authentication set the without any sort of authentication. It is recommended that you require use
                                                Retina               Medium
By default, users are permitted to make RAS connections following key:<br><b>Hive: </b>HKEY_LOCAL_MACHINE<br><b>Path:
                              is recommendedRetina the removal tool, and/or not installed latest is not up-to-date with the latest d
                                                 to install       Informational
Retina has found that theItMicrosoft Malicious Software Removal Tool is eitherupdate to the and/ordefinitions.
                           Important: Make sure to test
                                                Retina                 High
Anonymous access to the Registry is not restricted. the following configuration changes carefully beforre deployment to productio
                           Install Microsoft Update via the referenced site.
Microsoft Update is not found on this system.   Retina            Informational
                           To remove this functionality, set coded Administrative ACL's. Even if these shares are removed, they are
                                                Retina               Medium
By Default, all drives on a machine are shared using hardthe following Registry key settings:<BR><b>Hive: </b>HKEY_LOCAL_MA
                           To remove this functionality, set coded Administrative ACL's. Even if these shares are removed, they are
                                                Retina               Medium
By Default, all drives on a machine are shared using hardthe following Registry key settings:<BR><b>Hive: </b>HKEY_LOCAL_MA
                           To configure the Error Reporting Service to be service is properly Click Start, point to Settings,
                                                the Error         Informational
This check verifies that the startup type forr Retina Reporting Service Disabled: <BR>1 - configured to be Disabled. click Contro
                           To configure the Indexing
                                                the Indexing Service service is properly Click Start, point to Settings,
                                                                  Informational
This check verifies that the startup type forr Retina Service to be Disabled: <BR>1 - configured to be Disabled. click Control Pane
                           To configure the NetMeeting Remote Desktop Sharing to be Disabled: <BR>1 - configured to be Disabled.
                                                the NetMeeting Remote Desktop Sharing service is properly Click Start, point to Setting
This check verifies that the startup type forr Retina             Informational
                           To configure the Remote
                                                the Remote Access Connection Manager service is properly Click Start, point to Setting
                                                                  Informational
This check verifies that the startup type forr Retina Access Connection Manager to be Disabled: <BR>1 - configured to be Disabled.
                           To configure the Universal
                                                the Universal Plug andDevice
                                                                   Play Play Device Host service is properly Click Start, point to Setting
This check verifies that the startup type forr Retina Plug andInformational Host to be Disabled: <BR>1 - configured to be Disabled.
                           To configure the WebClient
                                                the WebClient service is properly Click Start, point to Settings,
                                                                  Informational
This check verifies that the startup type forr Retina to be Disabled: <BR>1 - configured to be Disabled. click Control Panel, and
                           To configure the Wireless
                                                the Wireless Configuration service is properly Click Start, point to Settings,
                                                                  Informational
This check verifies that the startup type forr Retina Configuration to be Disabled: <BR>1 - configured to be Disabled. click Contro
                            vulnerability has been identified in the through automatic updates.
                                                Retina                 High
A remote code executionDownload the update from Microsoft orway Microsoft Office handles drawing objects. An Office file with a
                           <B>To disable DCOM:</B> 1. detected on the target system. Although a patched Enter is not Window
                                                Retina            Informational
DCOM (Distributed Component Object Model) has been Click Start 2. Click Run 3. Type in dcomcnfg 4. Hitsystem 5. (Fornecessar
                            vulnerability existsRetina Microsoft Publisher. The vulnerability
                                                  within               High
A remote code executionInstall the update from Microsoft or through Automatic Updates. comprises a method of bypassing sanitiza
                            vulnerability existsRetina Microsoft or through automatic update.<BR><BR>Note: This bulletin has been r
                                                   from                High
A remote code executionDownload the patchin Microsoft XML Core Services that could allow an attacker who successfully exploited
                           Apply appropriate patch from Microsoft or through Windows Update.
                                                Retina                 High
Microsoft Outlook contains a vulnerability when processing malforrmed mailto URI's that could allow remote execution of arbitrary c
                           This audit checks the target system.
                                                 the target       Informational
A virtual environment has been detected onRetina MAC address to determine if the machine is running in a virtual environment s
                           It is recommendedRetina
                                                 that account failed Medium
                                                                     logon attempts that will cause a or 5 attempts forr locked Desktop
The account lockout threshold determines the number of lockout threshold be set to 3 attempts,user account to beFederal out. Fede
                           It is recommendedRetina
                                                 that account passwords are a minimum of 14 characters, a 12 characters forr Linux/Un
                                                                     Medium
The minimum password length does not contain the recommended amount of characters required forror password. Note: Federal
                           Edit does not meet minimum FDCC requirements.
                                                Retina            Informational
System-auditing configurationAudit Policy Change via Local Computer Policy -> Computer Configuration -> Windows Settings -> Se
                           Edit does not meet minimum FDCC requirements.
                                                Retina            Informational
System-auditing configurationAudit System Events via the Local Computer Policy -> Computer Configuration -> Windows Settings -
                           This may be a potential false positive on Windows XP and 2003. It has been determined that the default A
The ACL forr sc.exe is improperly configured.   Retina            Informational
                           the legal notice text is not
                                                 link below to addInformational
                                                                   legal machine.
Retina has detected that Please refer to the Retina enabled on this notice text.
                           Configure the logon through Terminal Services" logon through
                                                 rights           Informational
The user rights assignment forr: "Deny userRetina assignment forr "Deny is incorrect. Terminal Services" in the Local Security Se
                           Upgrade Adobe Flash Player to 9.0.124.0 or could release.
                                                in Adobe               High
Multiple vulnerabilities have been identified Retina Flash Player thatnewestallow DNS rebinding, cross-domain policy bypass, cros
                           Set DWORD valueRetina  RestrictAnonymous in HKLM\System\CurrentControlSet\Control\Lsa equal
                                                                     Medium
Anonymous access to the Registry is not restricted. Null Sessions can Enumerate Local SAM Accounts and Shares. to 1 or 2
                           two memory corruption vulnerabilities when processing Word files with malforrmed Cascading Style Sheet
                                                Retina                 High
Microsoft Word contains Install the appropriate patch from Microsoft or through Windows Update.
                           two memory corruption vulnerabilities when processing Word files with malforrmed Cascading Style Sheet
                                                Retina                 High
Microsoft Word contains Install the appropriate patch from Microsoft or through Windows Update.
                           Install the appropriate patch from Microsoft processing Publisher files containing malforrmed object heade
                                                Retina                 High
Microsoft Publisher contains a memory corruption vulnerability when or through Windows Update.
                           Configure the userRetina Setting" does not meet Federal Core Desktop Configuration (FDCC) requiremen
                                                 rights           Informational
The user rights assignment forr: "Bypass Traverseassignment forr: "Bypass Traverse Setting" in the Local Security Settings of the m
                           Federal Desktop Core Configuration this setting. not define this setting. Manually check detection that A
                                                Retina              (FDCC) does
Federal Desktop Core Configuration (FDCC) does not defineInformational Manually check to ensure that Automatic to ensure of the
                           This is an could allow anonymous users to request the security identifier (SID) attributes forr other is disab
                                                Retina            Informational
Anonymous SID/Name Translation inforrmational check. Manually check to ensure that Anonymous SID/Name Translation user acc
                           This is Manually check check. Manually check to ensure requirements are enforrced.
                                                Retina            Informational
This is an inforrmational check. an inforrmationalto ensure that password complexitythat password complexity requirements are enfo
                           Federal Desktop Core to ensure that the "Hide computer from the browse list" setting is defined per comp
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this setting. Manually check to ensure that th
                           Federal Desktop Core to ensure that an event retention method setting. Manually check to ensure that
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this is defined per company security policy. a
                           Federal Desktop Core to ensure that an event retention method setting. Manually check to ensure that
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this is defined per company security policy. a
                           Federal Desktop Core to ensure that an event retention method setting. Manually check to ensure that
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this is defined per company security policy. a
                           Federal Desktop Core to ensure that default IPSec exemptions are defined per company to ensure that
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this setting. Manually check security policy.d
                                  popdesktop;prolific;xpvm1
JTF-GNO OPORDECSC-1 - Security Configuration Compliance;
                    ECMT-1 - of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Inforrmat
Chairman of the Joint Chiefs Conformance Monitoring and Testing; ECMT-2 - Conformance M
                                  prolific
                                  SCANME
                                  SCANME
                                  SCANME;SCANME
http://support.microsoft.com/default.aspx?scid=97396http://www.microsoft.com/technet/securi
                                  SCANME
http://support.microsoft.com/default.aspx?scid=97396http://www.microsoft.com/technet/securi
                                  SCANME;SCANME
http://support.microsoft.com/default.aspx?scid=9574http://www.microsoft.com/technet/security
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
http://www.microsoft.co           SCANME
                                  SCANME
                                  SCANME
                                  SCANME
http://www.microsoft.com/technet/security/guidance/secmod50.msp
                                  SCANME
                                  SCANME
http://www.microsoft.com/security/malwareremove/default.mspx#ruhttp://support.microsoft.com
                                  SCANME
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q24626http://mit.edu/pismere/suppor
                                  SCANME
http://update.microsoft.com/microsoftupdat
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
http://www.microsoft.com/technet/security/bulletin/ms07-025.msp
                                  SCANME
                                  SCANME
http://www.microsoft.com/technet/security/Bulletin/ms07-037.msp
                                  SCANME
http://www.kb.cert.org/vuls/id/36196http://secunia.com/advisories/26447http://www.microsoft.c
                                  SCANME
http://www.kb.cert.org/vuls/id/39330http://secunia.com/advisories/29320http://support.microso
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
http://windows.stanforrd.edu/docs/legalnotice.htm
                                  SCANME
                                  SCANME
http://www.kb.cert.org/vuls/id/34781http://www.kb.cert.org/vuls/id/93573http://www.us-cert.gov
                                  SCANME
                                  SCANME
http://www.kb.cert.org/vuls/id/54390http://secunia.com/advisories/30143http://support.microso
                                  SCANME
http://www.kb.cert.org/vuls/id/54390http://secunia.com/advisories/30143http://support.microso
                                  SCANME
http://secunia.com/advisories/30150http://support.microsoft.com/default.aspx?scid=95120http
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
                                  SCANME
Open   6833       Windows XP   Verify Microsoft Windows SDDL DCOM Access Restrictions - FDCC
Open   6834       Windows XP   Verify Microsoft Windows SDDL DCOM Launch Restrictions - FDCC
Open   6835       Windows XP   Verify Microsoft Windows Server Operating Task Scheduling - FDCC
Open   6836       Windows XP   Verify Microsoft Windows LDAP Server Signing Requirements - FDCC
Open   6837       Windows XP   Verify Microsoft Windows Refuse Account Password Changes - FDCC
Open   6838       Windows XP   Verify Microsoft Windows Smart Card Logon - FDCC
Open   6840       Windows XP   Verify Microsoft Windows Task Scheduler Service - FDCC
Open   6883       Windows XP   Verify Microsoft Windows Event Preservation - FDCC
Open   7019       Windows XP   Verify Microsoft Windows Undock Without Logon - FDCC
Open   7020       Windows XP   Verify Microsoft Windows Remote Access Connection Manager Service
Open   7033       Windows XP   2008-A-0061 Microsoft PowerPoint Remote Code Execution (949785) - P
Open   7099       Windows XP   2008-B-0058 Microsoft Office OneNote URI Remote Code Execution (95
Open   7100       Windows XP   2008-B-0058 Microsoft Office OneNote URI Remote Code Execution (95
Open   7108       Windows XP   Microsoft Windows GDI+ Multiple Vulnerabilities (954593) - 2007 Office/
Open   7209       Windows XP   2008-A-0077 Microsoft Excel Remote Code Execution (956416) - Excel 2
Open   7212       Windows XP   2008-A-0077 Microsoft Excel Remote Code Execution (956416) - 2007 C
Open   7249       Windows XP   Verify Microsoft Windows Users with Administrative Privileges
Open   7250       Windows XP   Verify Microsoft Windows Users with Backup Operator Privileges
Open   7254       Windows XP   Verify Microsoft Windows Prompt For Password On Resume
Open   7255       Windows XP   Verify Microsoft Windows Attachment Manager Settings
Open   7258       Windows XP   Adobe Flash Player Multiple Vulnerabilities (20081015) - IE
Open   7281       Windows XP   Verify Micosoft Windows Service Status
Open   7282       Windows XP   Verify Software Certificate Installation Files
Open   7321       Windows XP   2008-A-0084 Microsoft XML Core Services Remote Code Execution (955
Open   7430       Windows XP   2008-A-0089 Microsoft Office Word Remote Code Execution (957173) -
Open   7431       Windows XP   2008-A-0089 Microsoft Office Word Remote Code Execution (957173) -
Open   7440       Windows XP   2008-A-0085 Microsoft Office Excel Remote Code Execution (959070) -
Open   7442       Windows XP   2008-A-0085 Microsoft Office Excel Remote Code Execution (959070) -
Open   7465       Windows XP   2008-A-0088 Microsoft Visual Basic 6.0 ActiveX Runtimes Code Executi
Open   7475       Windows XP   2008-A-0088 Microsoft Visual Basic 6.0 ActiveX Runtimes Code Executi
Open   7685       Windows XP   2009-A-0017 Adobe Flash Player Multiple Vulnerabilities (20090224) - IE
Open   7728       Windows XP   2009-A-0020 Microsoft Windows Kernel Remote Code Execution (95869
Open   7844       Windows XP   Microsoft Office Excel Remote Code Execution (968557) - Excel 2007
Open   7847       Windows XP   Microsoft Office Excel Remote Code Execution (968557) - 2007 Compat
Open   7938       Windows XP   Microsoft Office 2007 Service Pack 2 Not Installed
Open   7966       Windows XP   2009-A-0039 Microsoft PowerPoint Remote Code Execution (967340) - P
Open   8052       Windows XP   2009-A-0046 Microsoft Office Word Remote Code Execution (969514) -
Open   8053       Windows XP   2009-A-0046 Microsoft Office Word Remote Code Execution (969514) -
Open   8061       Windows XP   2009-A-0044 Microsoft Office Excel Remote Code Execution (969462) -
Open   8063       Windows XP   2009-A-0044 Microsoft Office Excel Remote Code Execution (969462) -
Open   8071       Windows XP   2009-B-0025 Microsoft Works Converter Remote Code Execution (9576
Open   8097       Windows XP   Microsoft DNS Client Devolution Security Issue (971888)
Open   9065       Windows XP   2009-B-0032 Microsoft Office Publisher Remote Code Execution (96951
Open   9729       Windows XP   2009-A-0061 Adobe Flash Player Multiple Vulnerabilities (20090730) - IE
Open   V0002424   SQL Server   DBMS shared account authorization
Open   V0002427   SQL Server   Fixed Server roles should have only authorized users or groups assigned
Open   V0002436   SQL Server   MS SQL Server Instance name includes a SQL Server or other software
Open   V0002451   SQL Server   The guest account is not disabled. msdb Guest user has access to the
Open   V0002457   SQL Server   Unauthorized object permission grants
Open   V0002473   SQL Server   Access to registry extended stored procedures is not restricted to sysadm
Open   V0002500   SQL Server   Trace Rollover is not enabled for audit traces that have a maximum trace
Open   V0002508   SQL Server   DBMS user account authorization
Open   V0005683   SQL Server   DBMS application object owner accounts
Open   V0005685   SQL Server   Required auditing parameters for database auditing are not set.
Open   V0005686   SQL Server   DBMS audit record access
Open   V0015105   SQL Server   Unauthorized access to external database objects has not been removed
                           Federal Desktop Core to ensure that Security Descriptor Definition Language (SDDL) DCOM access rest
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this setting. Manually check to ensure that S
                           Federal Desktop Core to ensure that Security Descriptor Definition Language (SDDL) DCOM launch restr
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this setting. Manually check to ensure that S
                           Federal Desktop Core to ensure that server does not define this setting. Manually company security poli
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) operator task scheduling is defined percheck to ensure that s
                           Federal Desktop Core to ensure that LDAP does signing requirements Manually check to ensure that L
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC)servernot define this setting. are defined per company security
                           Federal Desktop Core to ensure that the security not define this setting. Manually check to ensure that th
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does option forr changing machine account passwords is defi
                           Federal Desktop Core to ensure that smart does not define this setting. Manually check policy.
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC)card logons are defined per company security to ensure that s
                           Federal Desktop Core to ensure the status of Windows Task Scheduler Manually check to ensure the st
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this setting. Service is defined per company s
                           Federal Desktop Core to ensure that application, not define these settings. preservation are defined tha
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) doessecurity, and system event Manually check to ensureper
                           Federal Desktop Core to ensure that "Devices: Allow define without having to log check to ensure that "D
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not undockthis setting. Manually on" is defined per com
                           Federal Desktop Core to ensure the status of Remote Access Connection Manager Service is defined st
                                                Retina            Informational
This is an inforrmational check. Manually checkConfiguration (FDCC) does not define this setting. Manually check to ensure thepe
                           Install the appropriate patch when handling malforrmed PowerPoint files.
                                                Retina                 High
Microsoft PowerPoint contains multiple vulnerabilities from Microsoft or through Windows Update. Successful exploitation could all
                           Install the appropriate patch from Microsoft or through Windows Update.
                                                Retina                 High
Microsoft Office OneNote contains a vulnerability when handling malforrmed OneNote URI's (onenote://). Successful exploitation o
                           Install the appropriate patch from Microsoft or through Windows Update.
                                                Retina                 High
Microsoft Office OneNote contains a vulnerability when handling malforrmed OneNote URI's (onenote://). Successful exploitation o
                            contains appropriate patch from Microsoft or through Windows Update.
                                                Retina                 High
Microsoft Windows GDI+Install themultiple overflow vulnerabilities when processing malforrmed image files (EMF, GIF, WMF, BMP
                           multiple vulnerabilities when parsing malforrmed Excel files that Update.
                                                Retina                 High
Microsoft Excel contains Install the appropriate patch from Microsoft or through Windows could allow remote execution of arbitrary c
                           multiple vulnerabilities when parsing malforrmed Excel files that Update.
                                                Retina                 High
Microsoft Excel contains Install the appropriate patch from Microsoft or through Windows could allow remote execution of arbitrary c
                           Manually verify that users with Administrative privilege have separate accounts forr administrative duties
                                                Retina            Informational
This is an inforrmational check. Manually verify that users with Administrative privilege have separate accounts forr administrativead
                           Manually verify that users with Backup Operator privilege have separate accounts forr backup duties dutie
                                                Retina            Informational
This is an inforrmational check. Manually verify that users with Backup Operator privilege have separate accounts forr backupand n
                           To enable prompt forr password on Informational
                                                Retina            resume, Management is registry key: HKEY_Current_User\\Software
This is an inforrmational check. Manually check to ensure that Poweredit the followingconfigured to prompt forr password on resum
                           Configure the following to ensure that Attachment
                                                Retina            Manager settings by editing the registry:<BR><BR><b>Preserve Zone
This is an inforrmational check. Manually check Attachment Informational Manager preserves zone inforrmation, hides mechanism
                           Upgrade Adobe Flash Player to 9.0.151.0, 10.0.12.36, or an unauthenticated remote attacker the ability to
                                                in Adobe              Medium
Multiple vulnerabilities have been identified Retina Flash Player that could allow newer release.
                           Manually check check to the statusInformational listed services are per local security policy:<BR><li>Ba
                                                ensure               status of the
This is an inforrmational check. Manuallyto Retina ensure theof the listed services are definedproperly defined per local security po
                           P12 and PFX files Retina sensitive Informationalsuch as certificates, been and private keys. Search
                                                contain            inforrmation
This is an inforrmational check. Manually check to ensure that certificate installation files havepublic,removed from all drives. all d
                           Install the appropriate vulnerabilities when or through Windows Update.
                                                Retina                 High
Microsoft XML Core Services contains multiple patch from Microsoftprocessing malforrmed XML documents and HTTP requests. S
                           Install multiple vulnerabilities when handling files containing malforrmed
                                                Retina                 High
Microsoft Office Word contains the appropriate patch from Microsoft or through Windows Update.records, values, control words, ob
                           Install multiple vulnerabilities when handling files containing malforrmed
                                                Retina                 High
Microsoft Office Word contains the appropriate patch from Microsoft or through Windows Update.records, values, control words, ob
                           Install multiple vulnerabilities when loading or through Windows Update.
                                                Retina                 High
Microsoft Office Excel contains the appropriate patch from Microsoft Excel records containing malforrmed objects. Successful explo
                           Install multiple vulnerabilities when loading or through Windows Update.
                                                Retina                 High
Microsoft Office Excel contains the appropriate patch from Microsoft Excel records containing malforrmed objects. Successful explo
                           Install the Extended Files (ActiveX Controls) contain vulnerabilities when
                                                Retina                 High
Microsoft Visual Basic 6.0 Runtime appropriate patch from Microsoft or through Windows Update. processing malforrmed argumen
                           Install the Extended Files (ActiveX Controls) contain vulnerabilities when
                                                Retina                 High
Microsoft Visual Basic 6.0 Runtime appropriate patch from Microsoft or through Windows Update. processing malforrmed argumen
                           Upgrade affected Retina Flash Player that could allow an unauthenticated remote attacker the ability to
                                                in Adobe               High
Multiple vulnerabilities have been identifiedapplication to the appropriate version:<BR><b>Adobe Flash Player: </b>Upgrade to 9.0
                           Install the appropriate patch from Microsoft handling Windows Update. WMF image files that could allow
                                                Retina                 High
The Microsoft Windows Kernel contains multiple vulnerabilities whenor throughmalforrmed EMF or This replaces bulletin MS08-061.
                           two vulnerabilities when handling Microsoft containing malforrmed objects. Successful exploitation of the
                                                Retina                 High
Microsoft Excel contains Install the appropriate patch from Excel filesor through Windows Update.
                           two vulnerabilities when handling Microsoft containing malforrmed objects. Successful exploitation of the
                                                Retina                 High
Microsoft Excel contains Install the appropriate patch from Excel filesor through Windows Update.
                           Install Microsoft Office 2007 Service Pack 2.
                                                Retina                 High
Microsoft Office 2007 SP2 has not been detected. Although all of the patches included in the Service Pack may be installed separa
                           Install the appropriate patch when handling malforrmed PowerPoint files. Successful exploitation could is
                                                Retina                 High
Microsoft PowerPoint contains multiple vulnerabilities from Microsoft or through Windows Update.<BR><BR>Note: There may be all
                           Install multiple vulnerabilities when handling files containing malforrmed
                                                Retina                 High
Microsoft Office Word contains the appropriate patch from Microsoft or through Windows Update.records. Successful exploitation c
                           Install multiple vulnerabilities when handling files containing malforrmed
                                                Retina                 High
Microsoft Office Word contains the appropriate patch from Microsoft or through Windows Update.records. Successful exploitation c
                           multiple vulnerabilities when handling Excel files containing malforrmed
                                                Retina                 High
Microsoft Excel contains Install the appropriate patch from Microsoft or through Windows Update.objects. Successful exploitation of
                           multiple vulnerabilities when handling Excel files containing malforrmed
                                                Retina                 High
Microsoft Excel contains Install the appropriate patch from Microsoft or through Windows Update.objects. Successful exploitation of
                           Install the used byRetina Microsoft Office products, Windows buffer overflow vulnerability when handlin
                                                 various               High
The Microsoft Works Converter, as appropriate patch from Microsoft or throughcontains a Update.
                           Apply security issue update from the Medium Download Center.
                                                Retina                Microsoft
Microsoft DNS client contains athe appropriatein the the devolution feature that could cause clients to treat systems out of their boun
                           Install the a pointer dereference Microsoft or through Windows Update.
                                                Retina                 High
Microsoft Office Publisher contains appropriate patch fromvulnerability when handling Publisher files containing malforrmed object h
                           Upgrade affected Retina Flash Player that could allow an unauthenticated Flash attacker the ability to
                                                in Adobe               High
Multiple vulnerabilities have been identifiedapplication to the appropriate fixed version:<BR><b>Adobe remotePlayer: </b>Upgrade
                                             SRR V8R1.3
Unauthorized shared accounts limit accountability of individual users.Medium
                                             SRR V8R1.3
                                             SRR V8R1.3
                                             SRR V8R1.3
                           DB-DM1715-SQLServer (Manual) Revoke unauthorized permissions assigned to application user roles.Fro
                                             SRR V8R1.3               Medium
Securely designed applications require only that database application user accounts have permissions to access and manipulate on
                                             SRR V8R1.3
                                             SRR V8R1.3
                                             SRR V8R1.3               Medium
Unauthorized user accounts provide unauthorized access to the database and may allow access to database objects. Only authoriz
                           DB-DG0004-SQLServer (Manual) to the owned object. Access to the applicationaccounts or members of d
                                             SRR permissions Disable logins for all application object owner object owner accounts re
Object ownership provides all database objectV8R1.3                   Medium
                                             SRR V8R1.3
                           DB-DG0032-DB2 (Manual) Restrict access a the db2audit.log file activity. The protection of the audit trail
                                             SRR V8R1.3               Medium
Audit data is frequently targeted by malicious users as it can provide to means to detect theirto authorized auditors and audit mainten
                                             SRR V8R1.3
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
http://secunia.com/advisories/31453http://support.microsoft.com/default.aspx?scid=94978http
                                   SCANME
http://secunia.com/advisories/31744http://support.microsoft.com/default.aspx?scid=95504http
                                   SCANME
http://secunia.com/advisories/31744http://support.microsoft.com/default.aspx?scid=95504http
                                   SCANME
http://www.us-cert.gov/cas/techalerts/TA08-253A.htmhttp://www.zerodayinitiative.com/advisor
                                   SCANME
http://secunia.com/advisories/32211http://labs.idefense.com/intelligence/vulnerabilities/display
                                   SCANME
http://secunia.com/advisories/32211http://labs.idefense.com/intelligence/vulnerabilities/display
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
                                   SCANME
http://secunia.com/advisories/32163http://securitytracker.com/alerts/2007/Dec/1019116.htmht
                                   SCANME
                                   SCANME
                                   SCANME
http://secunia.com/advisories/2365http://support.microsoft.com/default.aspx?scid=95521http:/
                                   SCANME
http://securitytracker.com/alerts/2008/Dec/1021370.htmhttp://secunia.com/advisories/30285ht
                                   SCANME
http://securitytracker.com/alerts/2008/Dec/1021370.htmhttp://secunia.com/advisories/30285ht
                                   SCANME
http://secunia.com/advisories/31593http://www.securitytracker.com/alerts/2008/Dec/1021368.h
                                   SCANME
http://secunia.com/advisories/31593http://www.securitytracker.com/alerts/2008/Dec/1021368.h
                                   SCANME
http://secunia.com/advisories/26534http://securitytracker.com/alerts/2008/Dec/1021369.htmht
                                   SCANME
http://secunia.com/advisories/26534http://securitytracker.com/alerts/2008/Dec/1021369.htmht
                                   SCANME
https://rhn.redhat.com/errata/RHSA-2009-0332.htmhttp://secunia.com/advisories/34012http://w
                                   SCANME
http://secunia.com/advisories/34117http://support.microsoft.com/default.aspx?scid=95869http
                                   SCANME
http://secunia.com/advisories/3395http://www.microsoft.com/technet/security/advisory/968272
                                   SCANME
http://secunia.com/advisories/3395http://www.microsoft.com/technet/security/advisory/968272
                                   SCANME
http://www.microsoft.com/downloads/details.aspx?FamilyId=B444BF18-79EA-46C6-8A81-9DB
                                   SCANME;SCANME
http://secunia.com/advisories/34572http://www.zerodayinitiative.com/advisories/ZDI-09-019htt
                                   SCANME;SCANME
http://secunia.com/advisories/35377http://support.microsoft.com/default.aspx?scid=96951http
                                   SCANME;SCANME
http://secunia.com/advisories/35377http://support.microsoft.com/default.aspx?scid=96951http
                                   SCANME;SCANME
http://secunia.com/advisories/35364http://support.microsoft.com/default.aspx?scid=96946http
                                   SCANME;SCANME
http://secunia.com/advisories/35364http://support.microsoft.com/default.aspx?scid=96946http
                                   SCANME
http://secunia.com/advisories/35371http://support.microsoft.com/default.aspx?scid=95763http
                                   SCANME
http://www.microsoft.com/technet/security/advisory/971888.msphttp://go.microsoft.com/fwlink/
                                   SCANME
http://secunia.com/advisories/3577http://support.microsoft.com/kb/96951http://support.microso
                                   SCANME
http://www.kb.cert.org/vuls/id/25942http://secunia.com/advisories/3594http://www.adobe.com/
 Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                   192.168.2.57
                      IAGA-1 Group Identification and Authentication
                                   192.168.2.57
                                   192.168.2.57
                                   192.168.2.57
 Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                     Privilege
                      ECLP-1 Least192.168.2.57;192.168.2.57;192.168.2.57;192.168.2.57
                                   192.168.2.57
                                   192.168.2.57
 Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                   192.168.2.57
                      IAAC-1 Account Control
 Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                     Privilege
                      ECLP-1 Least192.168.2.57;192.168.2.57
                                   192.168.2.57
                       Technical Implementation
                                    Trail Protection
 Database Security ECTP-1 Audit192.168.2.57Guide 3.3.22
                                   192.168.2.57
2.57;192.168.2.57;192.168.2.57;192.168.2.57
Open   V0015107   SQL Server   DBMS privileges to restore database data or other DBMS configurations
Open   V0015119   SQL Server   DBMS files critical for DBMS recovery should be stored on RAID or othe
Open   V0015128   SQL Server   DBMS application user role privilege assignment
Open   V0015130   SQL Server   DBMS inactive accounts
Open   V0015151   SQL Server   Fixed database role members
Open   V0015153   SQL Server   DBMS account passwords should be set to expire every 60 days or more
Open   V0015172   SQL Server   DBMS object permission grants to PUBLIC or Guest
Open   V0015618   SQL Server   Access to external DBMS executables is not disabled or restricted. mast
Open   V0015626   SQL Server   Database privileged role assignments are not restricted to IAO-authorize
Open   V0015635   SQL Server   DBMS default accounts have not been assigned custom passwords. mas
Open   V0015638   SQL Server   DBMS default account names have not been changed.
Open   V0015646   SQL Server   Audit records do not contain required information.
                                         SRR V8R1.3
                                         SRR V8R1.3
                        DB-DG0105-SQLServer (Manual) UseMedium and revoke commands to assign the authorized privileges
                                         SRR V8R1.3              the grant
Unauthorized access to the data can lead to loss of confidentiality and integrity of the data.
                                         SRR V8R1.3             Medium
Unused or expired DBMS accounts provide a means for undetected, unauthorized access to the database.
                        DB-DM0531-SQLSvr2K (Manual) Grant fixed roles to authorized personnel only. Remove unauthorized ac
                                         SRR grant groups of privileges to users. These privilege groupings are defined by the insta
Fixed database roles provide a mechanism to V8R1.3              Medium
                                         SRR V8R1.3
                        DB-DM6196-SQLSvr2K (Manual) Revoke accounts privileges assigned to PUBLIC or is granted to all us
                                         SRR V8R1.3             Medium
The guest account is available to users that do not have authorized any objecton the database. The PUBLIC role GUEST.For SQL S
                                         SRR V8R1.3
                                         SRR V8R1.3
                                         SRR V8R1.3
                                         SRR V8R1.3
                                         SRR V8R1.3
                                192.168.2.57
                                192.168.2.57
                  DCFA-1 Functional Architecture for 6510.01, ―Defense-in-Depth: Informat
Chairman of the Joint Chiefs of Staff Manual (CJCSM) AIS Applications
                                192.168.2.57
Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                192.168.2.57
                  IAAC-1 Account Control
Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                 Privilege
                  ECLP-1 Least192.168.2.57;192.168.2.57;192.168.2.57;192.168.2.57;192.
                                192.168.2.57
Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, ―Defense-in-Depth: Informat
                                 Privilege
                  ECLP-1 Least192.168.2.57;192.168.2.57;192.168.2.57;192.168.2.57;192.
                                192.168.2.57
                                192.168.2.57
                                192.168.2.57
                                192.168.2.57
                                192.168.2.57
2.57;192.168.2.57;192.168.2.57;192.168.2.57;192.168.2.57

2.57;192.168.2.57;192.168.2.57;192.168.2.57;192.168.2.57
               Finding                                 Consequences
                                       Microsoft Windows XP contains vulnerabilities within the TCP/IP protocol stack when handling
2009-A-0077 Microsoft Windows XP TCP/IP Denial of Service (Zero-Day)
Password Does Not Expire               If a users password does not expire you allow a remote attacker endless amount of time to try
Password Does Not Expire               If a users password does not expire you allow a remote attacker endless amount of time to try
Terminal Services enabled              Retina has detected that the scanned host has Windows Terminal Services enabled.
                                       The client-side SMB component does not require packet signing.
Microsoft Windows SMB Client Digitally Sign Communications (always)
Allocate CDROMS                        The allocation of the CDROM drive should be restricted to only the currently logged in user. If
Allocate floppies                      The allocation of the floppy drive should be restricted to only the currently logged in user. If an
                                       The
CD Autorun Media Change Notification Media Change Notification (MCN) message is sent to the Windows interface when it dete
NTFS 8 Dot 3                           NTFS has the ability to support backwards compatibility with older 16 bit apps. It is recommen
                                       Retina
Windows Legal Notice Caption Not Enabled has detected that the legal notice caption is not enabled on this machine.
                                       Retina
Windows System Events Logs Overwritten has detected that the system allows System Event logs to be overwritten when the logs
                                       Retina
Windows Security Events Logs Overwritten has detected that the system allows Security Event logs to be overwritten when the log
                                       Retina has
Windows Application Events Logs Overwritten detected that the system allows Application Event logs to be overwritten when the
Forced Logoffs Disabled                Retina has detected that network logoff times are not enforrced on the scanned system. Even
                                       The user rights Global Objects FDCC
Microsoft Windows User Rights Assignment - Create assignment forr-"Create Global Objects" is incorrect.
ICMP Timestamp Request                 ICMP Timestamp request is allowed from arbitrary hosts.
                                       A denial
Internet Connection Sharing DoS (Zero-Day) of service vulnerability exists within the Internet Connection Sharing service in Micros
Microsoft Windows mshta.exe ACL The ACL forr mshta.exe is improperly configured.
                                       Access Auditing
Microsoft Windows Directory Service System-auditing configuration does not meet minimum requirements.
                                       The user rights Locally - Workstations
Microsoft Windows User Rights Assignment - Log Onassignment forr "Log On Locally" is incorrect.
                                       The server-side SMB component does not require packet signing.
Microsoft Windows SMB Server Digitally Sign Communications (always)
                                       The computer browser service has not been disabled. Federal Desktop Core Configuration (F
Microsoft Windows Computer Browser Enabled - FDCC
                                       The user right 'Deny As Batch - Batch
Microsoft Windows User Rights Assignment - Deny Logon Logon as a GuestsJob' is improperly configured.
                                       The user rights assignment forr: "Change
Microsoft Windows User Rights Assignment - Change System Time - 2000/XP System Time" is incorrect.
                                       The user rights assignment forr: "Restore Files and Directories" is incorrect.
Microsoft Windows User Rights Assignment - Restore Files/Directories - XP/Vista
                                       The user rights Operations - XP/Vista
Microsoft Windows User Rights Assignment - Backupassignment forr: "Backup files and directories" is incorrect.
                                       The user rights Programs - forr: "Debug Programs" is incorrect.
Microsoft Windows User Rights Assignment - Debug assignment XP/2003
                                       The LAN Manager
Microsoft Windows LAN Manager Authentication Level challenge/response authentication protocol is improperly set.
                                       The "Devices: Allowed to forrmat and eject removable media" security option does not meet F
Microsoft Windows Eject/Format NTFS Media - FDCC
                                        Saved Passwords
Microsoft Windows Terminal ServicesThe setting to disallow saved passwords has been improperly set.
                                       Microsoft Windows Explorer shell protocol is not in protected mode. Shell protocol protected m
Microsoft Windows Explorer Shell Protocol Protected Mode
                                       Users without
Microsoft Windows Installer Vendor Signed Updatesadministrative privileges are permitted to apply vendor signed updates.
                                       Microsoft Internet Inforrmation Service (IIS) is not prevented from being installed on the system
Microsoft IIS Prevent Installation Disabled
                                       Microsoft Windows is not configured to forrce client computers to provide authentication befor
Microsoft Windows RPC Endpoint Mapper Client Authentication
                                       Microsoft Clients
Microsoft Windows RPC Unauthenticated RPC Windows is not configured to restrict unauthenticated RPC clients from connecting t
                                       Microsoft Windows is not configured to prevent Windows Update from searching forr drivers w
Microsoft Windows Update Device Driver Searching
                                       Microsoft Windows is configured to send movies to a video hosting provider on the web.
Microsoft Windows Movie Maker Online Hosting
                                       Microsoft
Microsoft Windows Movie Maker Web Links Windows Movie Maker web links are available.
                                       Microsoft Windows Movie
Microsoft Windows Movie Maker Automatic Codec Downloads Maker is configured to automatically download codecs.
Microsoft Windows Publish To Web Task  Microsoft Windows is configured to allow the "Publish to Web" task forr files and folders.
                                       Microsoft
Microsoft Windows Order Prints Online Task Windows is configured to allow the "Order Prints Online" task within Windows Explo
                                       Microsft Windows is configured to use the Microsoft Web service to find applications forr unha
Microsoft Windows Internet File Association Service
                                         and Online Ordering
Microsoft Windows Internet DownloadMicrosoft Windows is configured to download a list of providers forr the Web publishing and o
                                       The user rights Traverse Setting - XP
Microsoft Windows User Rights Assignment - Bypassassignment forr: "Bypass Traverse Setting" is incorrect.
Microsoft Windows Autorun.inf Autoplay Windows is configured to allow Autorun.inf files to execute whenever a device is connected to
                                       T
Force User to Log Out if Shell Crasheshe system is not configured to forrce users to restart the interface by logging off and logging
                                        Hazard
Scheduler Service Potential Security If you do not use the Task scheduler you should disable the service. The task scheduler is ofte
Last Username                          By default Windows NT will display the last user to log on to the server. This gives an attacker
POSIX and OS/2 Subsystems Exist POSIX and OS2 should not be enabled. Enabling the POSIX or OS/2 subsystem can allow a
                                       Microsoft Windows is currently configured to associate exported registry files (.reg) to automat
Microsoft Windows Registry Editor File Association Potential Security Issue
Microsoft File System Object RegisteredRetina has detected that the File System Object is registered on the target system. The File S
Caching of logon credentials           The default Windows configuration caches the last logon credentials forr users who log on inte
Halt on Audit Failure                  If the security log is full, it becomes possible forr some events to not be logged. Selecting this
Dormant Accounts                       Outdated or unused accounts, provide penetration points that may go undetected.
Recycle Bin Configuration              The Recycle Bin saves a copy of a file when it is deleted through Windows Explorer. This pos
                   Details                     Risk Rating                  Recommendation
Microsoft Windows XP TCP/IP Denial of Service Low             Microsoft released a statement
                                                   (Zero-Day) [value tested: ][value found: ] that Windows XP SP3 (and prior) do not
Administrator - Password Does Not Expire [valueLow            Remove the password never expires option from the user account.<BR>
                                                    tested: 0x00010000][value found: 0x00010201]
                                                   Low        Remove the password never
Pop - Password Does Not Expire [value tested: 0x00010000][value found: 0x00010201] expires option from the user account.<BR>
                                                   Low         T WB 0300000B06D00000123400][value found: 0300000B06D0000012
TCP:3389 - Terminal Services enabled [value tested: RBC Disable Terminal Services if it is not needed; otherwise, ensure that appr
                                                   Low        To (always) [value tested: Signing, edit the following registry
Microsoft Windows SMB Client Digitally Sign Communicationsrequire client-side SMB OPEN,T,ECL,1][value found: 0 ] settings:<B
                                                   Low
Allocate CDROMS [value tested: OPEN,T,ECL,1][value found: 0 ] To restrict the allocation of CDROMs to only the interactive user, set the
                                                   Low        Restrict the allocation of the floppy drive to only the interactive user. Set
Allocate floppies [value tested: OPEN,T,ECL,1][value found: 0 ]
                                                   Low        It is recommended that 1 ]
CD Autorun Media Change Notification [value tested: OPEN,T,ECL,0][value found:MCN messages be disabled only if Autoplay sett
                                                   Low        To
NTFS 8 Dot 3 [value tested: OPEN,T,ECL,1][value found: 0 ] disable 8.3 file names set the following registry key settings:<BR><b>
                                                   Low        Please refer to the link below to add
Windows Legal Notice Caption Not Enabled [value tested: READ,T,ECL,[[]^$]+][value found: ] a legal notice caption.
                                                   Low        To not allow the system to overwrite log files, please follow these steps:<
Windows System Events Logs Overwritten [value tested: READ,F,ECL,^([[]12]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]|3(0
                                                   Low        To not allow the system to overwrite log files, please follow these steps:<
Windows Security Events Logs Overwritten [value tested: READ,F,ECL,^([[]12]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]|3(0
                                                   Low        To not allow the system to overwrite log files, please follow these steps:<
Windows Application Events Logs Overwritten [value tested: READ,F,ECL,^([[]12]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]?[[]0-9]
                                                   Low        If your organization restricts users' valid logon hours, you should enable
Forced Logoffs Disabled [value tested: Logoffs Disabled][value found: Logoffs Disabled]
                                                   Low        Set the user rights assignment forr "Create Global Objects" to: Administr
Microsoft Windows User Rights Assignment - Create Global Objects - FDCC [value tested: ^(S-1-5-32-544|S-1-5-19|S-1-5-20|S-1-5
ICMP Timestamp Request [value tested: 1][valueLow   found: 1] Filter the ICMP Timestamp request.
                                                   Low         OPEN,T,ECL,4][value found: 2 ]
Internet Connection Sharing DoS (Zero-Day) [value tested:The only forrm of mitigation forr this vulnerability is to deny service to the
                                                    .*:       This may be found: S-1-5-32-547: 0x001200A9]
Microsoft Windows mshta.exe ACL [value tested:Low0x00000000][valuea potential false positive on Windows XP and 2003. It has b
                                                   Low        Enable "Directory Service
Microsoft Windows Directory Service Access Auditing [value tested: ][value found: ] Access Failure" via the Local Computer Policy
                                                   Low        Set Workstations [value tested: "Log On Locally" to allow the following u
Microsoft Windows User Rights Assignment - Log On Locally - the User Rights Assignment ^(S-1-5-32-544|S-1-5-32-545)$][value fo
                                                   Low        To require server-side SMB Signing, edit the following registry
Microsoft Windows SMB Server Digitally Sign Communications (always) [value tested: OPEN,T,ECL,1][value found: 0 ] settings:<
                                                   FDCC To tested: OPEN,T,ECL,4][value found: Disabled: 1 - Open the Servic
Microsoft Windows Computer Browser Enabled - Low [valueconfigure the Computer Browser to be2 ]
                                                   Low        As Batch Guests rights tested: ^(S-1-5-32-546)$][value found: 0]
Microsoft Windows User Rights Assignment - Deny Logon Configure-the user [value assignment forr "'Deny Logon as a Batch Job"
                                                   Low        Configure 2000/XP [value tested: ^(S-1-5-32-544)$][value Time" in the
Microsoft Windows User Rights Assignment - Change System Time - the user rights assignment forr: "Change Systemfound: S-1-5-3
                                                   Low        Configure the user rights assignment forr: "Restore Files and found: S-1
Microsoft Windows User Rights Assignment - Restore Files/Directories - XP/Vista [value tested: ^(S-1-5-32-544)$][value Directories
                                                   Low        Configure the user rights assignment forr: "Backup files found: S-1-5-32-
Microsoft Windows User Rights Assignment - Backup Operations - XP/Vista [value tested: ^(S-1-5-32-544)$][value and directories"
                                                   Low        Configure the user rights assignment forr: "Debug Programs"
Microsoft Windows User Rights Assignment - Debug Programs - XP/2003 [value tested: ^$][value found: S-1-5-32-544] in the Loca
                                                   Level      Set LAN Manager Authentication Level 0 ]
Microsoft Windows LAN Manager Authentication Low [value tested: OPEN,T,ECL,5][value found:to 'Send NTLMv2 response only/
                                                   Low        Set the following registry value to allow 0 ]
Microsoft Windows Eject/Format NTFS Media - FDCC [value tested: OPEN,T,ECL,2][value found: Administrators and Interactive Us
                                                   Low        Set DWORD value DisablePasswordSaving in HKLM\Software\Policies\M
Microsoft Windows Terminal Services Saved Passwords [value tested: ENUMR,T,ECL,DisablePasswordSaving][value found: ]
                                                   Low        To enable shell protocol protected mode, edit the following registry key: H
Microsoft Windows Explorer Shell Protocol Protected Mode [value tested: ENUMR,T,ECL,PreXPSP2ShellProtocolBehavior][value f
                                                   Low         tested: ENUMR,T,ECL,DisableLUAPatching][value signed
Microsoft Windows Installer Vendor Signed Updates [valueTo prohibit non-administrators from applying vendor found: ]updates, edit
                                                   tested: CMP,T,ECL,Software\Policies\Microsoft\Windows NT\IIS\][value found: ]
Microsoft IIS Prevent Installation Disabled [value Low        To prevent IIS installation, edit the following registry key: HKLM:Software
Microsoft Windows RPC Endpoint Mapper Client Low              To enable endpoint mapper authentication, edit the following registry NT
                                                   Authentication [value tested: CMP,T,ECL,Software\Policies\Microsoft\Windowskey
                                                   Low        To restrict unauthenticated clients, edit the following registry NT\Rpc][va
Microsoft Windows RPC Unauthenticated RPC Clients [value tested: CMP,T,ECL,Software\Policies\Microsoft\Windows key: HKLM
                                                   Low         tested: CMP,T,ECL,Software\Policies\Microsoft\Windows\DriverSearchi
Microsoft Windows Update Device Driver Searching [valueTo disable Windows Update device driver searching, edit the following re
                                                   Low        To CMP,T,ECL,Software\Policies\Microsoft\WindowsMovieMaker][value
Microsoft Windows Movie Maker Online Hosting [value tested:disable online video hosting, edit the following registry key: HKLM:So
                                                   Low        To disable web links, edit the following registry key: HKLM:Software\Pol
Microsoft Windows Movie Maker Web Links [value tested: CMP,T,ECL,Software\Policies\Microsoft\WindowsMovieMaker][value fou
                                                   Low        To [value automatic codec downloads, edit the following registry key: H
Microsoft Windows Movie Maker Automatic Codec Downloadsdisable tested: CMP,T,ECL,Software\Policies\Microsoft\WindowsMov
                                                   Low        To disable the publishing wizard, edit the following
Microsoft Windows Publish To Web Task [value tested: ENUMR,T,ECL,NoPublishingWizard][value found: ] registry key: HKLM:S
                                                   Low         ENUMR,T,ECL,NoOnlinePrintsWizard][value found: ]
Microsoft Windows Order Prints Online Task [value tested:To disable the online print wizard, edit the following registry key: HKLM:S
                                                   Low         tested: ENUMR,T,ECL,NoInternetOpenWith][value found: ]
Microsoft Windows Internet File Association Service [valueTo disable the file association service, edit the following registry key: HK
                                                   Low         [value tested: ENUMR,T,ECL,NoWebServices][value found:
Microsoft Windows Internet Download and Online OrderingTo disable internet download forr publishing and wizards, edit ]the followin
                                                   Low        Configure the user rights assignment forr: "Bypass Traverse Setting" fou
Microsoft Windows User Rights Assignment - Bypass Traverse Setting - XP [value tested: ^(S-1-5-32-544|S-1-5-32-545)$][valuein t
                                                   Low        To disable execution of Autorun.inf files, edit the following registry setting
Microsoft Windows Autorun.inf Autoplay [value tested: CMP,T,ECL,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT
                                                   Low        To forrce the user to log out
Force User to Log Out if Shell Crashes [value tested: OPEN,T,ECL,0][value found: 1 ] if system crashes, edit the following registry
                                                   Low        Disable Task Scheduler Service by
Scheduler Service Potential Security Hazard [value tested: OPEN,T,ECL,4][value found: 2 ] setting the following registry key:<BR
                                                   Low          0
Last Username [value tested: OPEN,T,ECL,1][value found:To ]disable the display of the last username change the following Registry
                                                   Low        To disable POSIX and/or OS2, Posix| ]
POSIX and OS/2 Subsystems Exist [value tested: READ,F,ECL,(Os2|Posix)][value found: delete the reference which starts the OS2
                                                   Low        To remove the registry tested: READ,T,ECL,^.?$][value found: regedit.e
Microsoft Windows Registry Editor File Association Potential Security Issue [valueeditor file association, delete the data within the "
                                                   Low        This is a security-related warning. The File System Object (FSO) should
Microsoft File System Object Registered [value tested: CMP,F,2000,HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43
                                                              Configure the system to save the credentials forr
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount is not <= 2. 2 logons or less. (Analy
                                                   Low
                                                   Low        Create site does not equal identifying, in a timely manner, that the syste
The value of System\CurrentControlSet\Control\Lsa\CrashOnAuditFail procedures forr 1.
IWAM_COMPUTER1 last logon was 191 days ago.        Low        Regularly review accounts to determine if they are still active. Accounts
                                                              Configure the system so it doesn't save deleted files
The value of Software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\NukeOnDelete does not equal 1. in the Recycle Bin.
                                                   Low
   IP Address      Hostname    Tool ID     Platform           File
192.168.2.15    SCANME         10451     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME           13      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME           13      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          1408     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          165      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          166      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          167      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          172      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          186      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          2053     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          2056     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          2103     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          2104     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          2116     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          3650     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          3688     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          5590     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6416     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6417     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6440     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6606     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6608     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6609     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6644     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6647     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6649     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6659     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          6878     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7021     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7245     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7251     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7252     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7261     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7262     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7263     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7264     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7265     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7266     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7267     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7269     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7270     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7274     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7275     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7294     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          7578     Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          885      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          899      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME           9       Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          902      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          977      Windows XP     Test_Scan.rtd
192.168.2.15    SCANME          978      Windows XP     Test_Scan.rtd
192.168.0.8     computer1     V0001090   Windows 2003   Pro103.xml
192.168.0.8     computer1     V0001091   Windows 2003   Pro103.xml
192.168.0.8     computer1     V0001112   Windows 2003   Pro103.xml
192.168.0.8     computer1     V0001126   Windows 2003   Pro103.xml
Status   Service   Port      Tool       Subtool
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                         Retina
  O                       PGD 2.0.8.8
  O                       PGD 2.0.8.8
  O                       PGD 2.0.8.8
  O                       PGD 2.0.8.8
Unsigned Driver Installation Behavior Determines what should happen when an attempt is made to install a device driver (by means
IE - Make Proxy Settings Per Machine  This setting controls whether or not the Internet Explorer proxy settings are configured on a pe
Disable Dead Gateway Detection        Allows TCP to peforrm dead-gateway detection, switching to a backup gateway if a number of
Disable IP Source Routing             Protects against IP source routing spoofing.
Disable ICMP Redirect                 When disabled, forrces ICMP to be routed via shortest path first.
Disable Router Discovery              Enables or disables the Internet Router Discovery Protocol (IRDP) used to detect and configu
TCP Connection Keep-Alive Time        Controls how often TCP sends a keep-alive packet in attempting to verify that an idle connecti
Name-Release Attacks                  Prevents a denial-of-service (DoS)+ attack against a WINS server. The DoS consists of sendi
SYN Attack Protection                 Adjusts retransmission of TCP SYN-ACKs. When enabled, connection responses time out mo
                                      In a SYN
TCP Connection Response Retransmissions flood attack, the attacker sends a continuous stream of SYN packets to a server, an
TCP Data Retransmissions              In a SYN flood attack, the attacker sends a continuous stream of SYN packets to a server, an
Screen Saver Grace Period             Allowing more than several seconds makes the computer vulnerable to a potential attack from
Optional Subsystems                   The POSIX subsystem is an Institute of Electrical and Electronic Engineers (IEEE) standard th
Display of Last User Name             The user name of the last user to log onto a system will not be displayed. This eliminates half
Caching of logon credentials          The default Windows configuration caches the last logon credentials forr users who log on inte
Halt on Audit Failure                 If the security log is full, it becomes possible forr some events to not be logged. Selecting this
Recycle Bin Configuration             The Recycle Bin saves a copy of a file when it is deleted through Windows Explorer. This pos
Unsigned Driver Installation Behavior Determines what should happen when an attempt is made to install a device driver (by means
IE - Make Proxy Settings Per Machine  This setting controls whether or not the Internet Explorer proxy settings are configured on a pe
Disable Dead Gateway Detection        Allows TCP to peforrm dead-gateway detection, switching to a backup gateway if a number of
Disable IP Source Routing             Protects against IP source routing spoofing.
Disable ICMP Redirect                 When disabled, forrces ICMP to be routed via shortest path first.
Disable Router Discovery              Enables or disables the Internet Router Discovery Protocol (IRDP) used to detect and configu
TCP Connection Keep-Alive Time        Controls how often TCP sends a keep-alive packet in attempting to verify that an idle connecti
Name-Release Attacks                  Prevents a denial-of-service (DoS)+ attack against a WINS server. The DoS consists of sendi
SYN Attack Protection                 Adjusts retransmission of TCP SYN-ACKs. When enabled, connection responses time out mo
                                      In a SYN
TCP Connection Response Retransmissions flood attack, the attacker sends a continuous stream of SYN packets to a server, an
TCP Data Retransmissions              In a SYN flood attack, the attacker sends a continuous stream of SYN packets to a server, an
Screen Saver Grace Period             Allowing more than several seconds makes the computer vulnerable to a potential attack from
Optional Subsystems                   The POSIX subsystem is an Institute of Electrical and Electronic Engineers (IEEE) standard th
Display of Last User Name             The user name of the last user to log onto a system will not be displayed. This eliminates half
Caching of logon credentials          The default Windows configuration caches the last logon credentials forr users who log on inte
Dormant Accounts                      Outdated or unused accounts, provide penetration points that may go undetected.
Printer Share Permissions             Improperly configured share permissions on printers can permit the addition of unauthorized p
Local Users Exist on a Workstation To minimize potential points of attack, local users, other than built-in accounts such as Admini
Secure Print Driver Installation      By default, the print spooler allows any user to add and to delete printer drivers on the local sy
Unsigned Driver Installation Behavior Determines what should happen when an attempt is made to install a device driver (by means
Audit Log Warning Level               When the audit log reaches a given percent full, an audit event is written to the security log. Th
Disable Dead Gateway Detection        Allows TCP to peforrm dead-gateway detection, switching to a backup gateway if a number of
Disable IP Source Routing             Protects against IP source routing spoofing.
Disable ICMP Redirect                 When disabled, forrces ICMP to be routed via shortest path first.
Disable Router Discovery              Enables or disables the Internet Router Discovery Protocol (IRDP) used to detect and configu
TCP Connection Keep-Alive Time        Controls how often TCP sends a keep-alive packet in attempting to verify that an idle connecti
Name-Release Attacks                  Prevents a denial-of-service (DoS)+ attack against a WINS server. The DoS consists of sendi
SYN Attack Protection                 Adjusts retransmission of TCP SYN-ACKs. When enabled, connection responses time out mo
                                      In a SYN
TCP Connection Response Retransmissions flood attack, the attacker sends a continuous stream of SYN packets to a server, an
TCP Data Retransmissions              In a SYN flood attack, the attacker sends a continuous stream of SYN packets to a server, an
Screen Saver Grace Period             Allowing more than several seconds makes the computer vulnerable to a potential attack from
Display of Last User Name             The user name of the last user to log onto a system will not be displayed. This eliminates half
                                      This
Error Reporting - Display Error Notication check verifies that users will not be given a choice to report errors.
Root Certificates Update              This check verifies that Root Certificates will not be updated automatically from the Microsoft s
Event Viewer Events.asp Links         This check verifies that Events.asp hyperlinks in Event Viewer are available.
                                      This check verifies that the Internet Connection Wizard cannot download a list of Internet Serv
Internet Connection Wizard ISP Downloads
Windows Registration Wizard           This check verifies that the Windows Registration Wizard is blocked from online registration.
Order Prints Online                   This check verifies that the ―Order Prints Online‖ task is not available in Windows Explorer.
Classic Logon                         This check verifies that users will always use the classic logon screen.
                                                           Configure
The value of Software\Microsoft\Driver Signing\Policy is not >= 01. the system to warn the user when an unsigned driver is being
                                                 Low
                                                           Configure the Settings\ProxySettingsPerUser does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                 Low
                                                           Configure the system to disable dead gateway
The value: System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetect does not exist. detection. (Analyze the sy
                                                 Low
                                                           Configure the system to disable does not routing. (Analyze the system u
The value: System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting IP sourceexist.
                                                 Low
                                                           Configure the system to disable ICMP redirection.
The value of System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect does not equal 0. (Analyze the system u
                                                 Low
                                                           Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscovery use of the Internet Router Discovery Pro
                                                 Low
                                                           Configure the system to have a exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime does notTCP Keep-alive time of 5 minutes or less
                                                 Low
                                                           Configure the system to protect against name-release
The value: System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand does not exist. attacks. (Analyze
                                                 Low
                                                           Configure the system to does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtectprotect against SYN attacks. (Analyze the syste
                                                 Low
                                                           Configure the system to control the maximum number of times that
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions does not exist.TCP
                                                 Low
                                                           Configure the system to control the maximum number
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions does not exist. of times that TCP
                                                 Low
                                                           Configure the system to enforrce a screen not exist.
The value: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod doessaver grace period of 5 or less
                                                 Low
                                                           Configure the system to prevent optional subsystems
The value of SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\Optional does not equal (null). such as Posix to o
                                                 Low
                                                 Low       Configure the system so that the last user name is not displayed on the l
The value of software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername does not equal 1.
                                                           Configure the system to save the credentials forr
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount is not <= 2. 2 logons or less. (Analy
                                                 Low
                                                 Low       Create site does not equal identifying, in a timely manner, that the syste
The value of System\CurrentControlSet\Control\Lsa\CrashOnAuditFail procedures forr 1.
                                                           Configure the system so it doesn't save deleted files
The value of Software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\NukeOnDelete does not equal 1. in the Recycle Bin.
                                                 Low
                                                           Configure
The value of Software\Microsoft\Driver Signing\Policy is not >= 01. the system to warn the user when an unsigned driver is being
                                                 Low
                                                           Configure the Settings\ProxySettingsPerUser does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                 Low
                                                           Configure the system to disable dead gateway
The value: System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetect does not exist. detection. (Analyze the sy
                                                 Low
                                                           Configure the system to disable does not routing. (Analyze the system u
The value: System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting IP sourceexist.
                                                 Low
                                                           Configure the system to disable ICMP redirection.
The value of System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect does not equal 0. (Analyze the system u
                                                 Low
                                                           Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscovery use of the Internet Router Discovery Pro
                                                 Low
                                                           Configure the system to have a exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime does notTCP Keep-alive time of 5 minutes or less
                                                 Low
                                                           Configure the system to protect against name-release
The value: System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand does not exist. attacks. (Analyze
                                                 Low
                                                           Configure the system to does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtectprotect against SYN attacks. (Analyze the syste
                                                 Low
                                                           Configure the system to control the maximum number of times that
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions does not exist.TCP
                                                 Low
                                                           Configure the system to control the maximum number
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions does not exist. of times that TCP
                                                 Low
                                                           Configure the system to enforrce a screen not exist.
The value: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod doessaver grace period of 5 or less
                                                 Low
                                                           Configure the system to prevent optional subsystems
The value of SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\Optional does not equal (null). such as Posix to o
                                                 Low
                                                 Low       Configure the system so that the last user name is not displayed on the l
The value of software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername does not equal 1.
                                                           Configure the system to save the credentials forr
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount is not <= 2. 2 logons or less. (Analy
                                                 Low
                                                           Regularly review accounts to 95 days ago.
Administrator has never logged on.ASPNET has Low logged on.remote last logon was determine if they are still active. Accounts
                                                 never
                                                 Low       Configure the permissions on locally shared printers to meet the minimum
The following shared printers have incorrect permissions:Lexmark 2500 Series;
8 accounts exist on the local system. These accounts are :Configure the system to restrict the existence of local user accounts. (If l
                                                 Low         AdministratorASPNETGuestHelpAssistantPopremoteSUPPORT_38894
                                                           Configure the system to restrict the installation of print does not only aut
The value of System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDriversdrivers to equal 1.
                                                 Low
                                                           Configure
The value of Software\Microsoft\Driver Signing\Policy is not >= 01. the system to warn the user when an unsigned driver is being
                                                 Low
                                                 Low       Configure the system to generate an audit entry when the Security Event
The value: SYSTEM\CurrentControlSet\Services\Eventlog\Security\WarningLevel does not exist.
                                                           Configure the system to disable dead gateway
The value: System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetect does not exist. detection. (Analyze the sy
                                                 Low
                                                           Configure the system to disable does not routing. (Analyze the system u
The value: System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting IP sourceexist.
                                                 Low
                                                           Configure the system to disable ICMP redirection.
The value of System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect does not equal 0. (Analyze the system u
                                                 Low
                                                           Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscovery use of the Internet Router Discovery Pro
                                                 Low
                                                           Configure the system to have a exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime does notTCP Keep-alive time of 5 minutes or less
                                                 Low
                                                           Configure the system to protect against name-release
The value: System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand does not exist. attacks. (Analyze
                                                 Low
                                                           Configure the system to does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtectprotect against SYN attacks. (Analyze the syste
                                                 Low
                                                           Configure the system to control the maximum number of times that
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions does not exist.TCP
                                                 Low
                                                           Configure the system to control the maximum number
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions does not exist. of times that TCP
                                                 Low
                                                           Configure the system to enforrce a screen not exist.
The value: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod doessaver grace period of 5 or less
                                                 Low
                                                 Low       Configure the system so that the last user name is not displayed on the l
The value of software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername does not equal 1.
                                                           Configure the does value forr
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\ShowUI policy not exist. Computer Configuration -> Administrative
                                                 Low
                                                 Low       Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate does not exist.
                                                           Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\EventViewer\MicrosoftEventVwrDisableLinks doesComputer Configuration -> Administrative
                                                 Low
                                                           Configure Wizard\ExitOnMSICW does not exist.
The value: Software\Policies\Microsoft\Windows\Internet Connection the policy value forr Computer Configuration -> Administrative
                                                 Low
                                                           Configure Control\NoRegistration does not exist.
The value: Software\Policies\Microsoft\Windows\Registration Wizard the policy value forr Computer Configuration -> Administrative
                                                 Low
                                                           Configure the policy value forr Computer Configuration
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoOnlinePrintsWizard does not exist. -> Administrative
                                                 Low
                                                           Configure the policy value forr not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\system\LogonType does Computer Configuration -> Administrative
                                                 Low
192.168.0.8   computer1    V0001160   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0003430   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004109   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004110   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004111   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004112   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004113   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004116   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004117   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004437   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004438   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004442   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0004445   Windows 2003   Pro103.xml
192.168.0.8   computer1    V0011806   Windows 2003   Pro103.xml
192.168.0.9   computer2    V0001090   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0001091   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0001126   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0001160   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0003430   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004109   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004110   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004111   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004112   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004113   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004116   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004117   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004437   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004438   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004442   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0004445   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0011806   Windows 2003   Pro104.xml
192.168.0.2   popdesktop   V0001090   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001112   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001135   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001148   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001151   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001160   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004108   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004109   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004110   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004111   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004112   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004113   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004116   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004117   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004437   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004438   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0004442   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0011806   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015670   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015671   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015672   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015673   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015675   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015676   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0015680   Windows XP     Pro105.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Windows Installer – Vendor Signed Updates
                                      This check verifies that users are prevented applying vendor signed updates.
Media Player – First Use Dialog Boxes This check verifies that users are not presented with Privacy and Installation options on first u
XP Firewall Domain – Logging          Firewall logging will be enabled and configured as defined when connected to the domain.
XP Firewall Domain – Display Notifications
                                      The display of messages will be prevented when a program requests the Firewall add the prog
XP Firewall Standard – Display Notifications
                                      The display of messages will be blocked when a program requests the Firewall add the progra
Caching of logon credentials          The default Windows configuration caches the last logon credentials forr users who log on inte
Dormant Accounts                      Outdated or unused accounts, provide penetration points that may go undetected.
Local Users Exist on a Workstation To minimize potential points of attack, local users, other than built-in accounts such as Admini
Secure Print Driver Installation      By default, the print spooler allows any user to add and to delete printer drivers on the local sy
Unsigned Driver Installation Behavior Determines what should happen when an attempt is made to install a device driver (by means
Audit Log Warning Level               When the audit log reaches a given percent full, an audit event is written to the security log. Th
Disable Dead Gateway Detection        Allows TCP to peforrm dead-gateway detection, switching to a backup gateway if a number of
Disable IP Source Routing             Protects against IP source routing spoofing.
Disable ICMP Redirect                 When disabled, forrces ICMP to be routed via shortest path first.
Disable Router Discovery              Enables or disables the Internet Router Discovery Protocol (IRDP) used to detect and configu
TCP Connection Keep-Alive Time        Controls how often TCP sends a keep-alive packet in attempting to verify that an idle connecti
Name-Release Attacks                  Prevents a denial-of-service (DoS)+ attack against a WINS server. The DoS consists of sendi
SYN Attack Protection                 Adjusts retransmission of TCP SYN-ACKs. When enabled, connection responses time out mo
                                      In a SYN
TCP Connection Response Retransmissions flood attack, the attacker sends a continuous stream of SYN packets to a server, an
TCP Data Retransmissions              In a SYN flood attack, the attacker sends a continuous stream of SYN packets to a server, an
Screen Saver Grace Period             Allowing more than several seconds makes the computer vulnerable to a potential attack from
Display of Last User Name             The user name of the last user to log onto a system will not be displayed. This eliminates half
                                      This
Error Reporting - Display Error Notication check verifies that users will not be given a choice to report errors.
Root Certificates Update              This check verifies that Root Certificates will not be updated automatically from the Microsoft s
Event Viewer Events.asp Links         This check verifies that Events.asp hyperlinks in Event Viewer are available.
                                      This check verifies that the Internet Connection Wizard cannot download a list of Internet Serv
Internet Connection Wizard ISP Downloads
Windows Registration Wizard           This check verifies that the Windows Registration Wizard is blocked from online registration.
Order Prints Online                   This check verifies that the ―Order Prints Online‖ task is not available in Windows Explorer.
Classic Logon                         This check verifies that users will always use the classic logon screen.
Windows Installer – Vendor Signed Updates
                                      This check verifies that users are prevented applying vendor signed updates.
Media Player – First Use Dialog Boxes This check verifies that users are not presented with Privacy and Installation options on first u
XP Firewall Domain – Logging          Firewall logging will be enabled and configured as defined when connected to the domain.
XP Firewall Domain – Display Notifications
                                      The display of messages will be prevented when a program requests the Firewall add the prog
XP Firewall Standard – Display Notifications
                                      The display of messages will be blocked when a program requests the Firewall add the progra
Caching of logon credentials          The default Windows configuration caches the last logon credentials forr users who log on inte
Dormant Accounts                      Outdated or unused accounts, provide penetration points that may go undetected.
Local Users Exist on a Workstation To minimize potential points of attack, local users, other than built-in accounts such as Admini
Secure Print Driver Installation      By default, the print spooler allows any user to add and to delete printer drivers on the local sy
Unsigned Driver Installation Behavior Determines what should happen when an attempt is made to install a device driver (by means
Audit Log Warning Level               When the audit log reaches a given percent full, an audit event is written to the security log. Th
Disable Dead Gateway Detection        Allows TCP to peforrm dead-gateway detection, switching to a backup gateway if a number of
Disable IP Source Routing             Protects against IP source routing spoofing.
Disable ICMP Redirect                 When disabled, forrces ICMP to be routed via shortest path first.
Disable Router Discovery              Enables or disables the Internet Router Discovery Protocol (IRDP) used to detect and configu
TCP Connection Keep-Alive Time        Controls how often TCP sends a keep-alive packet in attempting to verify that an idle connecti
Name-Release Attacks                  Prevents a denial-of-service (DoS)+ attack against a WINS server. The DoS consists of sendi
SYN Attack Protection                 Adjusts retransmission of TCP SYN-ACKs. When enabled, connection responses time out mo
                                      In a SYN
TCP Connection Response Retransmissions flood attack, the attacker sends a continuous stream of SYN packets to a server, an
TCP Data Retransmissions              In a SYN flood attack, the attacker sends a continuous stream of SYN packets to a server, an
Screen Saver Grace Period             Allowing more than several seconds makes the computer vulnerable to a potential attack from
Display of Last User Name             The user name of the last user to log onto a system will not be displayed. This eliminates half
                                      This
Error Reporting - Display Error Notication check verifies that users will not be given a choice to report errors.
Root Certificates Update              This check verifies that Root Certificates will not be updated automatically from the Microsoft s
Event Viewer Events.asp Links         This check verifies that Events.asp hyperlinks in Event Viewer are available.
                                      This check verifies that the Internet Connection Wizard cannot download a list of Internet Serv
Internet Connection Wizard ISP Downloads
Windows Registration Wizard           This check verifies that the Windows Registration Wizard is blocked from online registration.
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows\Installer\DisableLUAPatching does not exist.
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\WindowsMediaPlayer\GroupPrivacyAcceptance does not exist.
                                                           Configure the policy value forr Computer Configuration exist.The value:
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging\LogDroppedPackets does not-> Administrative
                                                Low
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\DisableNotifications does not exist.
                                                           Configure the policy value forr Computer Configuration
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DisableNotifications does not exist. -> Administrative
                                                Low
                                                           Configure the system to save the credentials forr
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount is not <= 2. 2 logons or less. (Analy
                                                Low
Administrator has never logged on.              Low        Regularly review accounts to determine if they are still active. Accounts
5 accounts exist on the local system. These accounts are :Configure the system to restrict the existence of local user accounts. (If l
                                                Low          AdministratorGuestHelpAssistantSUPPORT_388945a0wbailey
                                                           Configure the system to restrict the installation of print does not only aut
The value of System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDriversdrivers to equal 1.
                                                Low
                                                           Configure
The value of Software\Microsoft\Driver Signing\Policy is not >= 01. the system to warn the user when an unsigned driver is being
                                                Low
                                                Low        Configure the system to generate an audit entry when the Security Event
The value: SYSTEM\CurrentControlSet\Services\Eventlog\Security\WarningLevel does not exist.
                                                           Configure the system to disable dead gateway
The value: System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetect does not exist. detection. (Analyze the sy
                                                Low
                                                           Configure the system to disable does not routing. (Analyze the system u
The value: System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting IP sourceexist.
                                                Low
                                                           Configure the system to disable ICMP redirection.
The value of System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect does not equal 0. (Analyze the system u
                                                Low
                                                           Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscovery use of the Internet Router Discovery Pro
                                                Low
                                                           Configure the system to have a exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime does notTCP Keep-alive time of 5 minutes or less
                                                Low
                                                           Configure the system to protect against name-release
The value: System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand does not exist. attacks. (Analyze
                                                Low
                                                           Configure the system to does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtectprotect against SYN attacks. (Analyze the syste
                                                Low
                                                           Configure the system to control the maximum number of times that
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions does not exist.TCP
                                                Low
                                                           Configure the system to control the maximum number
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions does not exist. of times that TCP
                                                Low
                                                           Configure the system to enforrce a screen not exist.
The value: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod doessaver grace period of 5 or less
                                                Low
                                                Low        Configure the system so that the last user name is not displayed on the l
The value of software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername does not equal 1.
                                                           Configure the does value forr
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\ShowUI policy not exist. Computer Configuration -> Administrative
                                                Low
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate does not exist.
                                                           Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\EventViewer\MicrosoftEventVwrDisableLinks doesComputer Configuration -> Administrative
                                                Low
                                                           Configure Wizard\ExitOnMSICW does not exist.
The value: Software\Policies\Microsoft\Windows\Internet Connection the policy value forr Computer Configuration -> Administrative
                                                Low
                                                           Configure Control\NoRegistration does not exist.
The value: Software\Policies\Microsoft\Windows\Registration Wizard the policy value forr Computer Configuration -> Administrative
                                                Low
                                                           Configure the policy value forr Computer Configuration
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoOnlinePrintsWizard does not exist. -> Administrative
                                                Low
                                                           Configure the policy value forr not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\system\LogonType does Computer Configuration -> Administrative
                                                Low
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows\Installer\DisableLUAPatching does not exist.
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\WindowsMediaPlayer\GroupPrivacyAcceptance does not exist.
                                                           Configure the policy value forr Computer Configuration exist.The value:
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging\LogDroppedPackets does not-> Administrative
                                                Low
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\DisableNotifications does not exist.
                                                           Configure the policy value forr Computer Configuration
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DisableNotifications does not exist. -> Administrative
                                                Low
                                                           Configure the system to save the credentials forr
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount is not <= 2. 2 logons or less. (Analy
                                                Low
Administrator has never logged on.              Low        Regularly review accounts to determine if they are still active. Accounts
5 accounts exist on the local system. These accounts are :Configure the system to restrict the existence of local user accounts. (If l
                                                Low          AdministratorGuestHelpAssistantPopSUPPORT_388945a0
                                                           Configure the system to restrict the installation of print does not only aut
The value of System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDriversdrivers to equal 1.
                                                Low
                                                           Configure
The value of Software\Microsoft\Driver Signing\Policy is not >= 01. the system to warn the user when an unsigned driver is being
                                                Low
                                                Low        Configure the system to generate an audit entry when the Security Event
The value: SYSTEM\CurrentControlSet\Services\Eventlog\Security\WarningLevel does not exist.
                                                           Configure the system to disable dead gateway
The value: System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetect does not exist. detection. (Analyze the sy
                                                Low
                                                           Configure the system to disable does not routing. (Analyze the system u
The value: System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting IP sourceexist.
                                                Low
                                                           Configure the system to disable ICMP redirection.
The value of System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect does not equal 0. (Analyze the system u
                                                Low
                                                           Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscovery use of the Internet Router Discovery Pro
                                                Low
                                                           Configure the system to have a exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime does notTCP Keep-alive time of 5 minutes or less
                                                Low
                                                           Configure the system to protect against name-release
The value: System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand does not exist. attacks. (Analyze
                                                Low
                                                           Configure the system to does not exist.
The value: System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtectprotect against SYN attacks. (Analyze the syste
                                                Low
                                                           Configure the system to control the maximum number of times that
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions does not exist.TCP
                                                Low
                                                           Configure the system to control the maximum number
The value: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions does not exist. of times that TCP
                                                Low
                                                           Configure the system to enforrce a screen not exist.
The value: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod doessaver grace period of 5 or less
                                                Low
                                                Low        Configure the system so that the last user name is not displayed on the l
The value of software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername does not equal 1.
                                                           Configure the does value forr
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\ShowUI policy not exist. Computer Configuration -> Administrative
                                                Low
                                                Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate does not exist.
                                                           Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\EventViewer\MicrosoftEventVwrDisableLinks doesComputer Configuration -> Administrative
                                                Low
                                                           Configure Wizard\ExitOnMSICW does not exist.
The value: Software\Policies\Microsoft\Windows\Internet Connection the policy value forr Computer Configuration -> Administrative
                                                Low
                                                           Configure Control\NoRegistration does not exist.
The value: Software\Policies\Microsoft\Windows\Registration Wizard the policy value forr Computer Configuration -> Administrative
                                                Low
192.168.0.2   popdesktop   V0015686   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015687   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017394   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017398   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017408   Windows XP   Pro105.xml
192.168.0.7   prolific     V0001090   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001112   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001148   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001151   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001160   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004108   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004109   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004110   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004111   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004112   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004113   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004116   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004117   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004437   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004438   Windows XP   Pro106.xml
192.168.0.7   prolific     V0004442   Windows XP   Pro106.xml
192.168.0.7   prolific     V0011806   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015670   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015671   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015672   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015673   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015675   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015676   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015680   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015686   Windows XP   Pro106.xml
192.168.0.7   prolific     V0015687   Windows XP   Pro106.xml
192.168.0.7   prolific     V0017394   Windows XP   Pro106.xml
192.168.0.7   prolific     V0017398   Windows XP   Pro106.xml
192.168.0.7   prolific     V0017408   Windows XP   Pro106.xml
192.168.0.3   xpvm1        V0001090   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0001112   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0001148   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0001151   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0001160   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004108   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004109   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004110   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004111   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004112   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004113   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004116   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004117   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004437   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004438   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0004442   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0011806   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0015670   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0015671   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0015672   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0015673   Windows XP   Pro107.xml
192.168.0.3   xpvm1        V0015675   Windows XP   Pro107.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Order Prints Online                   This check verifies that the ―Order Prints Online‖ task is not available in Windows Explorer.
Classic Logon                         This check verifies that users will always use the classic logon screen.
Windows Installer – Vendor Signed Updates
                                      This check verifies that users are prevented applying vendor signed updates.
Media Player – First Use Dialog Boxes This check verifies that users are not presented with Privacy and Installation options on first u
XP Firewall Domain – Logging          Firewall logging will be enabled and configured as defined when connected to the domain.
XP Firewall Domain – Display Notifications
                                      The display of messages will be prevented when a program requests the Firewall add the prog
XP Firewall Standard – Display Notifications
                                      The display of messages will be blocked when a program requests the Firewall add the progra
                                      ote service encrypts traffic using
SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection TLS / SSL but allows aclient to renegotiate the connection af
                                                          Configure the policy value forr Computer Configuration
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoOnlinePrintsWizard does not exist. -> Administrative
                                               Low
                                                          Configure the policy value forr not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\system\LogonType does Computer Configuration -> Administrative
                                               Low
                                               Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows\Installer\DisableLUAPatching does not exist.
                                               Low        Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\WindowsMediaPlayer\GroupPrivacyAcceptance does not exist.
                                                          Configure the policy value forr Computer Configuration exist.The value:
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging\LogDroppedPackets does not-> Administrative
                                               Low
                                               Low        Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\DisableNotifications does not exist.
                                                          Configure the policy value forr Computer Configuration
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DisableNotifications does not exist. -> Administrative
                                               Low
                                               Low        Contact the vendor forr specific patch inforrmation.
Synopsis : The remote service allows renegotiation of TLS / SSL connections. Description : The remote service encrypts traffic u
192.168.0.3   xpvm1       V0015676   Windows XP   Pro107.xml
192.168.0.3   xpvm1       V0015680   Windows XP   Pro107.xml
192.168.0.3   xpvm1       V0015686   Windows XP   Pro107.xml
192.168.0.3   xpvm1       V0015687   Windows XP   Pro107.xml
192.168.0.3   xpvm1       V0017394   Windows XP   Pro107.xml
192.168.0.3   xpvm1       V0017398   Windows XP   Pro107.xml
192.168.0.3   xpvm1       V0017408   Windows XP   Pro107.xml
localhost     localhost    42880     Windows XP   scanme_nessus.nessus
 O                      PGD 2.0.8.8
 O                      PGD 2.0.8.8
 O                      PGD 2.0.8.8
 O                      PGD 2.0.8.8
 O                      PGD 2.0.8.8
 O                      PGD 2.0.8.8
 O                      PGD 2.0.8.8
Open   nessus (1241/tcp) Nessus
               Finding                               Consequences
Account Lockout Reset Time           Account lockout reset determines the number of minutes that must elapse after a failed logon
Account Lockout Threshold            The account lockout threshold determines the number of failed logon attempts that will cause
                                      ATL Vulnerabilities (973965) Outlook 2007
2009-A-0097 Microsoft Office ActiveXMultiple vulnerabilities exist in -the Active Template Library (ATL) included with various Microso
                                      ATL Vulnerabilities (973965) Outlook 2007
2009-A-0097 Microsoft Office ActiveXMultiple vulnerabilities exist in -the Active Template Library (ATL) included with various Microso
                                      ATL Vulnerabilities (973965) Visio Viewer 2007
2009-A-0097 Microsoft Office ActiveXMultiple vulnerabilities exist in -the Active Template Library (ATL) included with various Microso
                                     Microsoft Vulnerabilities contains multiple vulnerabilities when processing malforrmed image
2009-A-0099 Microsoft Windows GDI+ Multiple Windows GDI+(957488) - 2007 Office/Subsystem
                                     Microsoft Vulnerabilities contains multiple vulnerabilities when processing malforrmed image
2009-A-0099 Microsoft Windows GDI+ Multiple Windows GDI+(957488) - 2007 Office/Subsystem
Minimum Password Length              The minimum password length does not contain the recommended amount of characters requ
Clear Page File                      The page file is used forr virtual memory. It can contain sensitive inforrmation such as usernam
MSCHAPv2 VPN                         It is recommended to enforrce MSCHAP V2; this forrces the server to drop any VPN (Virtual P
                                     The system
Microsoft Windows Secure Print Driver Installationis not configured to prevent users from installing printer drivers. By default, any lo
Dialup Save Password                 Windows Remote Access Services (RAS) are configured to save dial-up passwords between
Windows AutoReboot Enabled           Retina has detected that this system has the AutoReboot option enabled.
MS RAS Encrypt                       The current MS RAS (Remote Access Server) is not encrypting data transfers. It is recommen
MS RAS Logging                       The current MS RAS (Remote Access Server) is not logging connections. It is recommended
Windows Event Auditing Disabled      Retina has detected that the scanned host has Windows event auditing disabled. Even specif
PPP Client Security                  By default, users are permitted to make RAS connections without any sort of authentication. It
                                     Retina has found
Microsoft Windows Malicious Software Removal Tool that the Microsoft Malicious Software Removal Tool is either not installed an
Null Session Registry Settings       Anonymous access to the Registry is not restricted.
Microsoft Update Not Installed       Microsoft Update is not found on this system.
Auto Sharing Drive Problem - Server By Default, all drives on a machine are shared using hard coded Administrative ACL's. Even
Auto Sharing Drive Problem - Wks By Default, all drives on a machine are shared using hard coded Administrative ACL's. Even
                                     This
Service Control - Error Reporting Service check verifies that the startup type forr the Error Reporting Service service is properly con
Service Control - Indexing Service This check verifies that the startup type forr the Indexing Service service is properly configured
                                      Desktop Sharing
Service Control - NetMeeting RemoteThis check verifies that the startup type forr the NetMeeting Remote Desktop Sharing service
                                     This check verifies
Service Control - Remote Access Connection Manager that the startup type forr the Remote Access Connection Manager service
                                     This check Host
Service Control - Universal Plug and Play Deviceverifies that the startup type forr the Universal Plug and Play Device Host service i
Service Control - WebClient          This check verifies that the startup type forr the WebClient service is properly configured to be
                                     This check
Service Control - Wireless Zero Configuration verifies that the startup type forr the Wireless Configuration service is properly con
                                     A remote code execution vulnerability has
2007-A-0030 Microsoft Office Remote Code Execution (934873) - Office 2007 been identified in the way Microsoft Office handles
DCOM Enabled                         DCOM (Distributed Component Object Model) has been detected on the target system. Altho
                                     A remote code execution vulnerability exists within Microsoft Publisher. The vulnerability com
Microsoft Publisher Remote Code Execution (936548)
                                     A remote code execution vulnerability exists in Microsoft
2007-A-0042 Microsoft XML Core Services Remote Code Execution (936227) - XML5 Core XML Core Services that could allow a
                                     Microsoft Outlook contains a vulnerability when processing malforrmed mailto URI's that could
2008-A-0012 Microsoft Outlook Malforrmed mailto URI Handling (949031) - Outlook 2007
Virtual Environment Detected         A virtual environment has been detected on the target system.
Account Lockout Threshold - FDCC The account lockout threshold determines the number of failed logon attempts that will cause
Minimum Password Length - FDCC The minimum password length does not contain the recommended amount of characters requ
                                     System-auditing configuration does not meet minimum FDCC requirements.
Microsoft Windows Policy Change Success Auditing - FDCC
                                     System-auditing configuration does not meet minimum FDCC requirements.
Microsoft Windows System Event Success Auditing - FDCC
Microsoft Windows sc.exe ACL         The ACL forr sc.exe is improperly configured.
Windows Legal Notice Text Not EnabledRetina has detected that the legal notice text is not enabled on this machine.
                                     The user rights assignment forr: "Deny FDCC
Microsoft Windows User Rights Assignment - Deny Logon Terminal Service -logon through Terminal Services" is incorrect.
                                     Multiple vulnerabilities
Adobe Flash Player Multiple Vulnerabilities - April 2008 - IE have been identified in Adobe Flash Player that could allow DNS rebind
                                      Enumerate access to the Registry is Shares
Microsoft Windows Null Sessions canAnonymous Local SAM Accounts andnot restricted. Null Sessions can Enumerate Local SAM
                                     Microsoft Word contains two memory corruption
2008-A-0028 Microsoft Word CSS and RTF Memory Corruption (951207) - Word 2007vulnerabilities when processing Word files wi
                                     Microsoft Word contains two memory corruption vulnerabilities
2008-A-0028 Microsoft Word CSS and RTF Memory Corruption (951207) - 2007 Compatibility Pack when processing Word files wi
                                     Microsoft Publisher Code Execution (951208) - 2007
2008-A-0029 Microsoft Publisher Object Handler Remote contains a memory corruption vulnerability when processing Publisher file
                                     The user rights Traverse Setting - FDCC XP
Microsoft Windows User Rights Assignment - Bypassassignment forr: "Bypass Traverse Setting" does not meet Federal Core Desk
                                     Federal Desktop Core Configuration (FDCC) does not define this setting. Manually check to e
Verify Microsoft Windows Automatic MTU Size Detection - FDCC
                                     Anonymous SID/Name
Verify Microsoft Windows Anonymous SID/Name Translation Translation could allow anonymous users to request the security ident
                                     This is an
Verify Microsoft Windows Password Complexity inforrmational check. Manually check to ensure that password complexity requirem
                                     This is an inforrmational check. Manually check to ensure that the "Hide computer from the br
Verify Microsoft Windows Hidden Computer Name - FDCC
                                     This Method - FDCC - Application
Verify Microsoft Windows Event Retention is an inforrmational check. Manually check to ensure that an event retention method is d
                                     This Method - FDCC - Security
Verify Microsoft Windows Event Retention is an inforrmational check. Manually check to ensure that an event retention method is d
                                     This Method - FDCC - System
Verify Microsoft Windows Event Retention is an inforrmational check. Manually check to ensure that an event retention method is d
                   Details                     Risk Rating                 Recommendation
                                                 Medium      It is recommended that account lockout reset time be set to 60 minutes.
Account Lockout Reset Time [value tested: 60][value found: 30]
                                                 Medium      It
Account Lockout Threshold [value tested: 3][value found: 0] is recommended that account lockout threshold be set to 3 attempts, o
                                                  High       Install the [value tested: 12.0.6514.5000][value found: 12.0.4518.1014]
Microsoft Office ActiveX ATL Vulnerabilities (973965) - Outlook 2007 appropriate patch from Microsoft or through Windows Update.
                                                  High       Install the [value tested: 12.0.6514.5000][value found: 12.0.6423.1000]
Microsoft Office ActiveX ATL Vulnerabilities (973965) - Outlook 2007 appropriate patch from Microsoft or through Windows Update.
                                                  High       Install the appropriate patch 12.0.6513.5000][value found: 12.0.4518.10
Microsoft Office ActiveX ATL Vulnerabilities (973965) - Visio Viewer 2007 [value tested:from Microsoft or through Windows Update.
                                                  (957488) - 2007 the appropriate patch from Microsoft or through Windows Update.
Microsoft Windows GDI+ Multiple Vulnerabilities High         Install Office/Subsystem [value tested: 12.0.6509.5000][value found: 12.
                                                  (957488) - 2007 the appropriate patch from Microsoft or through Windows Update.
Microsoft Windows GDI+ Multiple Vulnerabilities High         Install Office/Subsystem [value tested: 12.0.6509.5000][value found: 12.
                                                 Medium      It
Minimum Password Length [value tested: 14][value found: 7]is recommended that account passwords are a minimum of 14 charact
                                                 Medium      To
Clear Page File [value tested: OPEN,T,ECL,1][value found: 0 ]have the page file automatically cleared on a reboot or shutdown set
                                                 Medium      To enforrce MSCHAP V2 set the following key:<BR><b>Hive: </b>HKEY
MSCHAPv2 VPN [value tested: ENUMR,T,ECL,SecureVPN][value found: ]
                                                 Medium      To restrict the installation of found: 0 ]
Microsoft Windows Secure Print Driver Installation [value tested: OPEN,T,ECL,1][valueprinter drivers to only allow Administrators a
                                                 Medium      To disable the caching of the dial-up password set the following key: <B
Dialup Save Password [value tested: ENUMR,T,ECL,DisableSavePassword][value found: ]
Windows AutoReboot Enabled [value tested:Informational To configure this1system from perforrming an automatic reboot upon lock
                                               OPEN,F,ECL,1][value found: ]
                                                 Medium      To forrce encrypted transfers set the following Registry key settings:<br>
MS RAS Encrypt [value tested: ENUMR,T,ECL,ForceEncryptedData][value found: ]
                                                 Medium      To enable ]
MS RAS Logging [value tested: ENUMR,T,ECL,Logging][value found:logging, set the following Registry key settings:<BR><b>Hive:
                                                 Medium      It is Disabled][value found: Event Auditing Disabled]
Windows Event Auditing Disabled [value tested: Event Auditingrecommended that event auditing be enabled in the system's Local S
                                                 Medium      To require authentication set the
PPP Client Security [value tested: ENUMR,T,ECL,ForceEncryptedPassword][value found: ] following key:<br><b>Hive: </b>HKEY_
                                             Informational It is recommended to install the removal tool, and/or update to found: A9
Microsoft Windows Malicious Software Removal Tool [value tested: 4C64200A-6786-490B-9A0C-DEF64AA03934][value the latest
                                                  High       Important: Make ]
Null Session Registry Settings [value tested: OPEN,F,ECL,0][value found: 0 sure to test the following configuration changes careful
                                               CMP,T,ECL,SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6E32070
Microsoft Update Not Installed [value tested:Informational Install Microsoft Update via the referenced site.
                                                 Medium      To remove this functionality, set found: ]
Auto Sharing Drive Problem - Server [value tested: ENUMR,T,ECL,AutoShareServer][valuethe following Registry key settings:<BR>
                                                 Medium      To remove this functionality, found: following Registry key settings:<BR>
Auto Sharing Drive Problem - Wks [value tested: ENUMR,T,ECL,AutoShareWks][value set the ]
                                             Informational To configure the Error Reporting Service to be Disabled: <BR>1 - Click S
Service Control - Error Reporting Service [value tested: F,4][value found: AUTOMATIC]
                                             Informational found: MANUAL]
Service Control - Indexing Service [value tested: F,4][valueTo configure the Indexing Service to be Disabled: <BR>1 - Click Start, po
                                             Informational To tested: OPEN,T,ECL,4][value found: 3 ]
Service Control - NetMeeting Remote Desktop Sharing [value configure the NetMeeting Remote Desktop Sharing to be Disabled: <
                                             Informational To tested: OPEN,T,ECL,4][value found: 3 ]
Service Control - Remote Access Connection Manager [value configure the Remote Access Connection Manager to be Disabled: <
                                             Informational To configure the Universal Plug found: 3 ]
Service Control - Universal Plug and Play Device Host [value tested: OPEN,T,ECL,4][valueand Play Device Host to be Disabled: <B
                                             Informational To configure the
Service Control - WebClient [value tested: F,4][value found: AUTOMATIC] WebClient to be Disabled: <BR>1 - Click Start, point to
                                             Informational To configure the Wireless Configuration to be Disabled: <BR>1 - Click S
Service Control - Wireless Zero Configuration [value tested: OPEN,T,ECL,4][value found: 2 ]
                                                  High        2007 [value tested: 12.00.6017.5000][value found: 12.0.4518.1014]
Microsoft Office Remote Code Execution (934873) - Office Download the update from Microsoft or through automatic updates.
                                             Informational <B>To
DCOM Enabled [value tested: OPEN,F,ECL,Y][value found: Y ] disable DCOM:</B> 1. Click Start 2. Click Run 3. Type in dcom
                                                  High       Install the update from Microsoft found: 12.0.4518.1014]
Microsoft Publisher Remote Code Execution (936548) [value tested: 12.0.6023.5000][value or through Automatic Updates.
                                                  High       Download the patch from tested: 5.20.1081.0][value found: 5.20.1072.0]
Microsoft XML Core Services Remote Code Execution (936227) - XML5 Core [value Microsoft or through automatic update.<BR><B
                                                  High       Apply appropriate patch from Microsoft or through Windows 12.0.4518.1
Microsoft Outlook Malformed mailto URI Handling (949031) - Outlook 2007 [value tested: 12.0.6300.5000][value found: Update.
                                             Informational This audit checks the target MAC address to determine if the machine is
Virtual Environment Detected [value tested: ^((00:16:3E|00:03:FF|00:1C:42|00:18:51|00:05:69|00:0C:29|00:1C:14|00:50:56)(:[[]A-F0
                                                 Medium      found: 0]
Account Lockout Threshold - FDCC [value tested: 5][value It is recommended that account lockout threshold be set to 3 attempts, o
                                                 Medium      It is recommended that account passwords are a minimum of 14 charact
Minimum Password Length - FDCC [value tested: 12][value found: 7]
                                             Informational Edit Audit Policy Change via Local Computer Policy -> Computer Config
Microsoft Windows Policy Change Success Auditing - FDCC [value tested: ][value found: ]
                                             Informational Edit Audit System Events via ]
Microsoft Windows System Event Success Auditing - FDCC [value tested: ][value found:the Local Computer Policy -> Computer Co
                                             Informational This may be a potential false positive on Windows XP and 2003. It has b
Microsoft Windows sc.exe ACL [value tested: .*: 0x00000000][value found: S-1-5-32-545: 0x001200A9]
                                             Informational Please refer to the link below ? add legal notice text.
Windows Legal Notice Text Not Enabled [value tested: READ,T,ECL,^.+$][value found: to ]
                                              - Deny Logon Terminal the user rights [value tested: ^(S-1-5-32-546)$][value found:
Microsoft Windows User Rights Assignment Informational ConfigureService - FDCC assignment forr "Deny logon through Terminal0
                                                  High         [value tested: ^((9\.0\.(((1((2[[]0-3])|([[]01][[]0-9])))|([[]0-9]?[[]0-9]))\..*))|(8
Adobe Flash Player Multiple Vulnerabilities - April 2008 - IEUpgrade Adobe Flash Player to 9.0.124.0 or newest release.
                                                 Medium      Set DWORD value RestrictAnonymous in HKLM\System\CurrentControl
Microsoft Windows Null Sessions can Enumerate Local SAM Accounts and Shares [value tested: READ,T,ECL,[[]12]][value found:
                                                  High       Install the appropriate patch 12.0.6308.5000][value found: 12.0.4518.101
Microsoft Word CSS and RTF Memory Corruption (951207) - Word 2007 [value tested: from Microsoft or through Windows Update.
                                                  High       Install the appropriate patch from tested: 12.0.6312.5000][value found:
Microsoft Word CSS and RTF Memory Corruption (951207) - 2007 Compatibility Pack [valueMicrosoft or through Windows Update.1
                                                  High       Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Publisher Object Handler Remote Code Execution (951208) - 2007 [value tested: 12.0.6308.5000][value found: 12.0.4518
                                              - Bypass Traverse Setting - user rights assignment ^(S-1-5-32-544|S-1-5-32-545)$][va
Microsoft Windows User Rights Assignment Informational Configure the FDCC XP [value tested:forr: "Bypass Traverse Setting" in t
                                             Informational FDCC [value tested: ENUMR,C,ECL,EnablePMTUDiscovery][value foun
Verify Microsoft Windows Automatic MTU Size Detection - Federal Desktop Core Configuration (FDCC) does not define this setting
                                             Informational This is an inforrmational check. Manually check to ensure found: WIND
Verify Microsoft Windows Anonymous SID/Name Translation [value tested: WINDOWS.*((VISTA)|(XP)|(2003))][value that Anonymo
                                             Informational This is an inforrmational check. Manually check to ensure that password
Verify Microsoft Windows Password Complexity [value tested: WINDOWS.*((2003)|(XP)|(VISTA))][value found: WINDOWS XP, SE
                                             Name - FDCC [value Desktop Core Configuration (FDCC) found: ]
Verify Microsoft Windows Hidden Computer Informational Federaltested: ENUMR,C,ECL,Hidden][value does not define this setting
                                             Informational - Application [value tested: CMP,C,ECL,SYSTEM\CurrentControlSet\Se
Verify Microsoft Windows Event Retention Method - FDCC Federal Desktop Core Configuration (FDCC) does not define this setting
                                             Informational - Security [value tested: CMP,C,ECL,SYSTEM\CurrentControlSet\Servic
Verify Microsoft Windows Event Retention Method - FDCC Federal Desktop Core Configuration (FDCC) does not define this setting
                                             Informational - System [value Core Configuration (FDCC) does not define this setting
Verify Microsoft Windows Event Retention Method - FDCC Federal Desktop tested: CMP,C,ECL,SYSTEM\CurrentControlSet\Servic
   IP Address     Hostname   Tool ID    Platform          File
192.168.2.15    SCANME        1052     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        1053     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME       10545     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME       10545     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME       10546     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME       10562     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME       10562     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME         12      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        173      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        185      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        190      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        202      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        2052     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        208      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        209      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        2110     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        219      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        2729     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        2913     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        3009     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        418      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        419      Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5354     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5367     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5387     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5400     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5437     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5443     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5454     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5802     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5853     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5867     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        5915     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6368     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6390     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6410     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6411     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6412     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6413     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6415     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6421     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6441     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6504     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6607     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6621     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6622     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6628     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6646     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6790     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6798     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6799     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6823     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6824     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6825     Windows XP   Test_Scan.rtd
192.168.2.15    SCANME        6826     Windows XP   Test_Scan.rtd
Status   Service   Port    Tool    Subtool
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
  O                       Retina
                                        This is an inforrmational
Verify Microsoft Windows Default IPSec Exemptions - FDCC check. Manually check to ensure that default IPSec exemptions are
                                        This is an Restrictions - check.
Verify Microsoft Windows SDDL DCOM Access inforrmational FDCC Manually check to ensure that Security Descriptor Definition L
                                        This is an Restrictions - FDCC
Verify Microsoft Windows SDDL DCOM Launch inforrmational check. Manually check to ensure that Security Descriptor Definition L
                                        This is an inforrmational FDCC
Verify Microsoft Windows Server Operating Task Scheduling -check. Manually check to ensure that server operator task schedulin
                                        This is an Requirements - FDCC
Verify Microsoft Windows LDAP Server Signing inforrmational check. Manually check to ensure that LDAP server signing requirem
                                        This Password Changes - FDCC
Verify Microsoft Windows Refuse Account is an inforrmational check. Manually check to ensure that the security option forr changin
                                         Logon - FDCC
Verify Microsoft Windows Smart CardThis is an inforrmational check. Manually check to ensure that smart card logons are defined
                                        This Service - FDCC
Verify Microsoft Windows Task Scheduler is an inforrmational check. Manually check to ensure the status of Windows Task Sched
                                        This is an inforrmational check. Manually check to ensure that application, security, and syste
Verify Microsoft Windows Event Preservation - FDCC
                                        This Logon - FDCC
Verify Microsoft Windows Undock Without is an inforrmational check. Manually check to ensure that "Devices: Allow undock withou
                                        This Connection Manager Service - FDCC
Verify Microsoft Windows Remote Access is an inforrmational check. Manually check to ensure the status of Remote Access Conn
                                        Microsoft PowerPoint contains multiple vulnerabilities
2008-A-0061 Microsoft PowerPoint Remote Code Execution (949785) - PowerPoint 2007 when handling malforrmed PowerPoint f
                                        Microsoft Office OneNote contains a vulnerability when
2008-B-0058 Microsoft Office OneNote URI Remote Code Execution (955047) - Office 2007 handling malforrmed OneNote URI's (
                                        Microsoft Office OneNote contains a vulnerability when handling malforrmed OneNote URI's (
2008-B-0058 Microsoft Office OneNote URI Remote Code Execution (955047) - OneNote 2007
                                        Microsoft Windows GDI+ contains multiple overflow vulnerabilities when processing malforrme
Microsoft Windows GDI+ Multiple Vulnerabilities (954593) - 2007 Office/Subsystem
                                         Code Execution (956416) - Excel 2007
2008-A-0077 Microsoft Excel RemoteMicrosoft Excel contains multiple vulnerabilities when parsing malforrmed Excel files that coul
                                         Code Execution (956416) - 2007 Compatibility when
2008-A-0077 Microsoft Excel RemoteMicrosoft Excel contains multiple vulnerabilities Pack parsing malforrmed Excel files that coul
                                        This is an inforrmational
Verify Microsoft Windows Users with Administrative Privileges check. Manually verify that users with Administrative privilege have s
                                        This is Operator Privileges
Verify Microsoft Windows Users with Backupan inforrmational check. Manually verify that users with Backup Operator privilege hav
                                         Password On Resume
Verify Microsoft Windows Prompt For This is an inforrmational check. Manually check to ensure that Power Management is configu
                                         Manager inforrmational check. Manually check to ensure that Attachment Manager preserve
Verify Microsoft Windows AttachmentThis is an Settings
                                        Multiple vulnerabilities
Adobe Flash Player Multiple Vulnerabilities (20081015) - IE have been identified in Adobe Flash Player that could allow an unauthe
                                        This
Verify Micosoft Windows Service Status is an inforrmational check. Manually check to ensure the status of the listed services are
                                         Files
Verify Software Certificate InstallationThis is an inforrmational check. Manually check to ensure that certificate installation files have
                                        Microsoft XML Core Execution (955218) - XML5 Core
2008-A-0084 Microsoft XML Core Services Remote Code Services contains multiple vulnerabilities when processing malforrmed XM
                                        Microsoft Office Word contains multiple 2007/Outlook 2007
2008-A-0089 Microsoft Office Word Remote Code Execution (957173) - Wordvulnerabilities when handling files containing malforrm
                                        Microsoft Office Word contains multiple Compatibility when
2008-A-0089 Microsoft Office Word Remote Code Execution (957173) - 2007 vulnerabilities Pack handling files containing malforrm
                                        Microsoft Office Excel contains multiple 2007
2008-A-0085 Microsoft Office Excel Remote Code Execution (959070) - Excelvulnerabilities when loading Excel records containing
                                        Microsoft Office Excel contains multiple Compatibility when
2008-A-0085 Microsoft Office Excel Remote Code Execution (959070) - 2007 vulnerabilities Pack loading Excel records containing
                                        Microsoft Visual Basic 6.0 Execution (932349) - Mschrt20
2008-A-0088 Microsoft Visual Basic 6.0 ActiveX Runtimes CodeRuntime Extended Files (ActiveX Controls) contain vulnerabilities w
                                        Microsoft Visual Basic 6.0 Execution (932349) - Mswinsck
2008-A-0088 Microsoft Visual Basic 6.0 ActiveX Runtimes CodeRuntime Extended Files (ActiveX Controls) contain vulnerabilities w
                                        Multiple vulnerabilities have been identified in Adobe Flash Player that could allow an unauthe
2009-A-0017 Adobe Flash Player Multiple Vulnerabilities (20090224) - IE
                                        The Microsoft Windows Kernel contains multiple vulnerabilities when handling malforrmed EM
2009-A-0020 Microsoft Windows Kernel Remote Code Execution (958690) - 2000/XP/2003
                                        Microsoft (968557) - Excel 2007
Microsoft Office Excel Remote Code Execution Excel contains two vulnerabilities when handling Excel files containing malforrmed o
                                        Microsoft (968557) - 2007 Compatibility Pack
Microsoft Office Excel Remote Code Execution Excel contains two vulnerabilities when handling Excel files containing malforrmed o
                                         Not Installed
Microsoft Office 2007 Service Pack 2 Microsoft Office 2007 SP2 has not been detected. Although all of the patches included in the
                                        Microsoft PowerPoint contains multiple vulnerabilities
2009-A-0039 Microsoft PowerPoint Remote Code Execution (967340) - PowerPoint 2007 when handling malforrmed PowerPoint f
                                        Microsoft PowerPoint contains multiple vulnerabilities
2009-A-0039 Microsoft PowerPoint Remote Code Execution (967340) - PowerPoint 2007 when handling malforrmed PowerPoint f
                                        Microsoft Office Word contains multiple 2007
2009-A-0046 Microsoft Office Word Remote Code Execution (969514) - Wordvulnerabilities when handling files containing malforrm
                                        Microsoft Office Word contains multiple 2007
2009-A-0046 Microsoft Office Word Remote Code Execution (969514) - Wordvulnerabilities when handling files containing malforrm
                                        Microsoft Office Word contains multiple Compatibility when
2009-A-0046 Microsoft Office Word Remote Code Execution (969514) - 2007 vulnerabilities Pack handling files containing malforrm
                                        Microsoft Office Word contains multiple Compatibility when
2009-A-0046 Microsoft Office Word Remote Code Execution (969514) - 2007 vulnerabilities Pack handling files containing malforrm
                                        Microsoft Excel contains multiple - Excel 2007
2009-A-0044 Microsoft Office Excel Remote Code Execution (969462) vulnerabilities when handling Excel files containing malforrm
                                        Microsoft Excel contains multiple - Excel 2007
2009-A-0044 Microsoft Office Excel Remote Code Execution (969462) vulnerabilities when handling Excel files containing malforrm
                                        Microsoft Excel contains multiple - 2007 Compatibility Pack
2009-A-0044 Microsoft Office Excel Remote Code Execution (969462) vulnerabilities when handling Excel files containing malforrm
                                        Microsoft Excel contains multiple - 2007 Compatibility Pack
2009-A-0044 Microsoft Office Excel Remote Code Execution (969462) vulnerabilities when handling Excel files containing malforrm
                                        The Microsoft Works Converter, as used by various
2009-B-0025 Microsoft Works Converter Remote Code Execution (957632) - Word 2007 Microsoft Office products, contains a buff
                                        Microsoft (971888)
Microsoft DNS Client Devolution Security Issue DNS client contains a security issue in the the devolution feature that could cause cl
                                        Microsoft Office Execution (969516)
2009-B-0032 Microsoft Office Publisher Remote CodePublisher contains a pointer dereference vulnerability when handling Publishe
                                        Multiple vulnerabilities have been identified in Adobe Flash Player that could allow an unauthe
2009-A-0061 Adobe Flash Player Multiple Vulnerabilities (20090730) - IE
Approved DOD Virus Scan Program This is a Category 1 finding because Virus scan programs are a primary line of defense again
Incorrect ACLs forr event logs          Event logs are susceptible to unauthorized, and possibly anonymous, tampering if proper ACL
File Auditing Configuration             Improper modification of the core system files can render a system inoperable. Further, modif
Restrict Anonymous Network Shares This is a Category 1 finding because it allows anonymous logon users (null session connectio
Bad Logon Attempts                      The account lockout feature, when enabled, prevents brute-forrce password attacks on the sy
Bad Logon Counter Reset                 This parameter specifies the amount of time that must pass between two successive login atte
                                                Informational Federal tested: Core Configuration (FDCC) does not define this
Verify Microsoft Windows Default IPSec Exemptions - FDCC [valueDesktopENUMR,C,ECL,NoDefaultExempt][value found: ]setting
                                                Informational Federal Desktop Core Configuration (FDCC) does not define this setting
Verify Microsoft Windows SDDL DCOM Access Restrictions - FDCC [value tested: CMP,T,ECL,HKEY_LOCAL_MACHINE\SOFTW
                                                Informational Federal Desktop Core Configuration (FDCC) does not define this setting
Verify Microsoft Windows SDDL DCOM Launch Restrictions - FDCC [value tested: CMP,T,ECL,HKEY_LOCAL_MACHINE\SOFTW
                                                Informational Federal Desktop tested: ENUMR,C,ECL,SubmitControl][value found: ]
Verify Microsoft Windows Server Operating Task Scheduling - FDCC [value Core Configuration (FDCC) does not define this setting
                                                Informational Federal Desktop Core Configuration (FDCC) does not define this setting
Verify Microsoft Windows LDAP Server Signing Requirements - FDCC [value tested: CMP,T,ECL,SYSTEM\CurrentControlSet\Serv
                                                Informational Federal Desktop Core Configuration (FDCC) does not define this setting
Verify Microsoft Windows Refuse Account Password Changes - FDCC [value tested: ENUMR,C,ECL,RefusePasswordChange][valu
                                                 - FDCC [value tested: ENUMR,C,ECL,SCForceOption][value found: ]
Verify Microsoft Windows Smart Card LogonInformational Federal Desktop Core Configuration (FDCC) does not define this setting
                                                Informational [value tested: ENUMR,C,ECL,Start][value found: ]
Verify Microsoft Windows Task Scheduler Service - FDCC Federal Desktop Core Configuration (FDCC) does not define this setting
                                                Informational Federal Desktop Core Configuration (FDCC) does not define these PAC
Verify Microsoft Windows Event Preservation - FDCC [value tested: WINDOWS (XP)][value found: WINDOWS XP, SERVICE settin
                                                Informational Federal Desktop Core Configuration (FDCC) does not define this ]
Verify Microsoft Windows Undock Without Logon - FDCC [value tested: ENUMR,C,ECL,UndockWithoutLogon][value found: setting
                                                Informational Federal Desktop Core Configuration (FDCC) does not define this setting
Verify Microsoft Windows Remote Access Connection Manager Service - FDCC [value tested: CMP,C,ECL,HKEY_LOCAL_MACHI
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft PowerPoint Remote Code Execution (949785) - PowerPoint 2007 [value tested: 12.0.6307.5000][value found: 12.0.4518.1
                                                     High     Install - Office 2007 [value tested: 12.0.6320.5000][value found: 12.0.451
Microsoft Office OneNote URI Remote Code Execution (955047) the appropriate patch from Microsoft or through Windows Update.
                                                     High     Install - OneNote 2007 [value tested: 12.0.6316.5000][value found: 12.0.
Microsoft Office OneNote URI Remote Code Execution (955047) the appropriate patch from Microsoft or through Windows Update.
Microsoft Windows GDI+ Multiple Vulnerabilities High          Install Office/Subsystem [value tested: 12.0.6325.5000][value found: 12.
                                                     (954593) - 2007 the appropriate patch from Microsoft or through Windows Update.
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Excel Remote Code Execution (956416) - Excel 2007 [value tested: 12.0.6324.5001][value found: 12.0.4518.1014]
                                                     High     Install the appropriate patch from Microsoft or through found: 12.0.4518
Microsoft Excel Remote Code Execution (956416) - 2007 Compatibility Pack [value tested: 12.0.6324.5001][valueWindows Update.
                                                Informational Manually tested: WINDOWS.*((2000)|(XP)|(2003))][value found: WINDO
Verify Microsoft Windows Users with Administrative Privileges [valueverify that users with Administrative privilege have separate ac
                                                 Operator Privileges [value tested: WINDOWS.*((2000)|(XP)|(2003))][value found: WIN
Verify Microsoft Windows Users with BackupInformational Manually verify that users with Backup Operator privilege have separate
                                                Informational To enable prompt forr password on resume, edit the following registry ke
Verify Microsoft Windows Prompt For Password On Resume [value tested: WINDOWS.*(XP)][value found: WINDOWS XP, SERVIC
                                                Informational Configure the following Attachment Manager settings by editing the regis
Verify Microsoft Windows Attachment Manager Settings [value tested: WINDOWS.*(XP)][value found: WINDOWS XP, SERVICE P
                                                   Medium       [value tested: 9.0.151.0][value 9.0.151.0, 10.0.12.36, or newer release.
Adobe Flash Player Multiple Vulnerabilities (20081015) - IEUpgrade Adobe Flash Player to found: 6.0.88.0]
                                                Informational Manually check to ensure the status of the listed services are defined pe
Verify Micosoft Windows Service Status [value tested: CMP,C,ECL,HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services]
                                                Informational P12 and PFX files contain sensitive inforrmation such XP, SERVICE PA
Verify Software Certificate Installation Files [value tested: WINDOWS.*(2000|XP|2003)][value found: WINDOWS as certificates, pub
                                                     High     Install XML5 Core [value tested: Microsoft or through Windows Update.
Microsoft XML Core Services Remote Code Execution (955218) -the appropriate patch from 5.20.1087.0][value found: 5.20.1072.0]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Word Remote Code Execution (957173) - Word 2007/Outlook 2007 [value tested: 12.0.6331.5000][value found: 12
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Word Remote Code Execution (957173) - 2007 Compatibility Pack [value tested: 12.0.6331.5000][value found: 12.0
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (959070) - Excel 2007 [value tested: 12.0.6331.5000][value found: 12.0.4518.1014]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (959070) - 2007 Compatibility Pack [value tested: 12.0.6331.5000][value found: 12.
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Visual Basic 6.0 ActiveX Runtimes Code Execution (932349) - Mschrt20 [value tested: ^((6\.((1\.((98\.(1[[]01]|[[]0-9]))|((9[[]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Visual Basic 6.0 ActiveX Runtimes Code Execution (932349) - Mswinsck [value tested: ^((6\.((1\.((98\.(1[[]01]|[[]0-9]))|((9[[
                                                     High       [value tested: ^((10\.0\.((22\.((8[[]0-6])|([[]1-7]?[[]0-9])))|((2[[]01]|1?[[]0-9]
Adobe Flash Player Multiple Vulnerabilities (20090224) - IEUpgrade affected application to the appropriate version:<BR><b>Adobe
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Windows Kernel Remote Code Execution (958690) - 2000/XP/2003 [value tested: CMP,C,ECL,KB958690_KB968537][va
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (968557) - Excel 2007 [value tested: 12.0.6341.5001][value found: 12.0.4518.1014]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (968557) - 2007 Compatibility Pack [value tested: 12.0.6341.5001][value found: 12.
                                                     High     Install Microsoft Office 2007 Service Pack 2.
Microsoft Office 2007 Service Pack 2 Not Installed [value tested: READ,F,2000,^12\.0\.((6425\.([[]1-9]?[[]0-9]?[[]0-9]))|(([[]1-5]?[[]0-9
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft PowerPoint Remote Code Execution (967340) - PowerPoint 2007 [value tested: 12.0.6500.5000][value found: 12.0.4518.1
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft PowerPoint Remote Code Execution (967340) - PowerPoint 2007 [value tested: 12.0.6500.5000][value found: 12.0.6425.1
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Word Remote Code Execution (969514) - Word 2007 [value tested: 12.0.6504.5000][value found: 12.0.4518.1014]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Word Remote Code Execution (969514) - Word 2007 [value tested: 12.0.6504.5000][value found: 12.0.6425.1000]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Word Remote Code Execution (969514) - 2007 Compatibility Pack [value tested: 12.0.6504.5000][value found: 12.0
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Word Remote Code Execution (969514) - 2007 Compatibility Pack [value tested: 12.0.6504.5000][value found: 12.0
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (969462) - Excel 2007 [value tested: 12.0.6504.5001][value found: 12.0.4518.1014]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (969462) - Excel 2007 [value tested: 12.0.6504.5001][value found: 12.0.6425.1000]
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (969462) - 2007 Compatibility Pack [value tested: 12.0.6504.5001][value found: 12.
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Excel Remote Code Execution (969462) - 2007 Compatibility Pack [value tested: 12.0.6504.5001][value found: 12.
                                                     High     Install the 2007 [value tested: ^9\.0*((7\.0*(([[]1-5]?[[]0-9]?[[]0-9]|6(0[[]0-9
Microsoft Works Converter Remote Code Execution (957632) - Wordappropriate patch from Microsoft or through Windows Update.
                                                    (971888) Apply the appropriate update from the Microsoft Download Center.
Microsoft DNS Client Devolution Security IssueMedium [value tested: ^((6\.0\.((6002\.((22(0[[]0-9][[]0-9]|1([[]01][[]0-9]|2[[]0-7])))|(18
                                                     High     Install the appropriate patch from Microsoft or through Windows Update.
Microsoft Office Publisher Remote Code Execution (969516) [value tested: CMP,C,ECL,MS09-030_KB969693][value found: ]
                                                     High       [value tested: ^((10\.0\.((32\.((1[[]1-7])|([[]0-9])))|((3[[]01]|[[]12]?[[]0-9])\..*
Adobe Flash Player Multiple Vulnerabilities (20090730) - IEUpgrade affected application to the appropriate fixed version:<BR><b>A
Virus definitions are > 21 day(s) old.               High     Configure the system with supported, DOD approved virus scanning soft
                                                              Set the ACL permissions on the following Event Logs as defined files m
The following files have incorrect permissions: CHK(90000)C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.EvtThe following in theha
                                                   Medium
                                                   Medium     Configure auditing on each partition/drive to audit all "Failures" forr and S
The following files have incorrect audit settings: CHK(90077)C:\C:\AUTOEXEC.BATC:\boot.iniC:\CONFIG.SYSC:\Documents the "E
                                                              Configure the system to prevent
The value of System\CurrentControlSet\Control\Lsa\RestrictAnonymous does not equal 1. anonymous users from listing account n
                                                     High
Account lockout is not enabled.                    Medium     Configure the system to lock out an account after 3 invalid logon attempt
The local lockout counter resets after 30 minutes. Medium     Configure the system to have the lockout counter reset itself after a minim
192.168.2.15   SCANME        6827     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6833     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6834     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6835     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6836     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6837     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6838     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6840     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        6883     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7019     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7020     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7033     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7099     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7100     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7108     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7209     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7212     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7249     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7250     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7254     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7255     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7258     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7281     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7282     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7321     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7430     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7431     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7440     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7442     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7465     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7475     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7685     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7728     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7844     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7847     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7938     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7966     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        7966     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8052     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8052     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8053     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8053     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8061     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8061     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8063     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8063     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8071     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        8097     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        9065     Windows XP     Test_Scan.rtd
192.168.2.15   SCANME        9729     Windows XP     Test_Scan.rtd
192.168.0.8    computer1   V0001074   Windows 2003   Pro103.xml
192.168.0.8    computer1   V0001077   Windows 2003   Pro103.xml
192.168.0.8    computer1   V0001080   Windows 2003   Pro103.xml
192.168.0.8    computer1   V0001093   Windows 2003   Pro103.xml
192.168.0.8    computer1   V0001097   Windows 2003   Pro103.xml
192.168.0.8    computer1   V0001098   Windows 2003   Pro103.xml
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O     Retina
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Lockout Duration                         This parameter specifies the amount of time that must pass beforre a locked-out account is au
User Rights Assignments                  Inappropriate granting of user and advanced user rights can provide system, administrative, a
Minimum Password Age                     Permitting passwords to be changed in immediate succession within the same day, allows use
Password Uniqueness                      A system is more vulnerable to unauthorized access when system users recycle the same pas
Rename Built-in Guest Account            A system faces an increased vulnerability threat if the built-in guest account is not renamed or
                                         The
Rename Built-in Administrator Account built-in administrator account is a known account that can be initialized with a blank passw
Preserving security events               DOD policy requires that a security audit log be maintained and that events in the log not be a
Event Log Sizes                          Inadequate log size will cause the log to fill up quickly and require frequent clearing by adminis
Prohibited FTP Logins                    The FTP (File Transfer Protocol) service allows remote users to access shared files and direc
Password Protected Screen Saver The system should be locked when unattended. Unattended systems are susceptible to unau
System File ACLs                         Failure to properly configure ACL file and directory permissions, allows the possibility of unaut
Dial Up Password Saved                   The default Windows configuration enables the option to save the password used to gain acce
LanMan Authentication Level              The Kerberos v5 authentication protocol is the default forr authentication of users who are logg
Deny Access from the Network             This is a Category 1 finding because allowing network logins by the built-in guest accounts, wh
Smart Card Removal Option                Determines what should happen when the smart card forr a logged-on user is removed from th
                                         If this policy is enabled, it causes the Windows Server Message Block (SMB) server to perforr
SMB Server Packet Signing (if client agrees)
ACLs forr disabled services              When configuring either the startup mode or access control list forr a service, you must config
Disable Media Autoplay                   Autoplay begins reading from a drive as soon as you insert media in the drive. As a result, the
                                         This setting is used to control the rules forr remote control of Terminal Services user sessions
Terminal Service - Remote Control Settings
Logon - Always Wait forr the NetworkThe setting determines if Windows waits forr complete network initialization beforre allowing th
                                         This setting
Remote Assistance - Solicit Remote Assistance controls whether or not solicited remote assistance is allowed from this computer.
Windows Messenger - Do Not Allow To Run  This setting prevents the Windows Messenger client from being run. Instant Messaging client
                                         This setting
Windows Messenger - Do Not Start Automatically prevents the automatic launch of Windows Messenger at user logon. Instant Mes
Strong Session Key                       This setting controls the required strength of a session key.
                                         unlock
Domain Controller authentication forr This setting controls the behavior of the system when you attempt to unlock the workstation. I
                                         This
Storage of Credentials or .NET Passports setting controls the storage of authentication credentials or .NET passports on the local s
LAN Manager Hash Value Stored            This setting controls whether or not a LAN Manager hash of the password is stored in the SAM
                                         This
Force Logoff When Logon Hours Expire setting controls whether or not users are forrced to log off when their allowed logon hours
                                         Starting with
Session Security forr NTLM SSP Based Clients Windows 2000 Microsoft has implemented a variety of security support providers
FIPS Compliant Algorithms                This setting ensures that the system uses algorithms that are FIPS compliant forr encryption, h
                                         Either
Owner of Objects Created by Administratorsthe object creator or the Administrators group owns objects created by members of the
                                          Sharing
NetMeeting Disable Remote Desktop Remote desktop sharing enables several users to interact and control one desktop. This coul
IE - Zones: Use Only Machine Settings    This setting enforrces consistent security zone settings to all users of the computer. Security
                                         This Policies
IE - Zones: Do Not Allow Users to Change setting prevents users from changing the Internet Explorer policies on the machine. Polic
                                         This setting prevents users from adding sites to various security zones. Users should not be a
IE - Zones: Do Not Allow Users to Add/Delete Sites
                                         This setting
IE - Disable Automatic Install of IE Compenents controls the ability of Internet Explorer to automatically install components if it goe
                                         This setting determines whether or not Internet Explorer will periodically check the Microsoft w
IE - Disable Periodic Check forr IE Updates
Terminal Services - Session Limit This setting limits users to one remote session. It is possible, if this setting is disabled, forr us
                                         This setting
Terminal Services - Limit Number of Connections limits the number of simultaneous connections allowed to the terminal server. By
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                         This
Terminal Services - Password Prompting setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This
Terminal Services - Set Encryption Level setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This setting,
Terminal Services - Do Not Use Temp Folders which is located under the Temporary Folders section of the Terminal Services co
                                         This
Terminal Services - Delete Temp Folders setting, which is located under the Temporary Folders section of the Terminal Services co
                                         This setting,
Terminal Services - Time Limit forr Disc. Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Time Limit forr Idle Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Original Client Reconnection which is located under the Sessions section of the Terminal Services configuratio
                                          Time Limit
Terminal Services - Enforrce Session This setting, which is located under the Sessions section of the Terminal Services configuratio
                                         This setting
Remote Assistance - Offer Remote Assistance controls whether unsolicited offers of help to this computer are allowed. The list o
Error Reporting - Report Errors          This setting controls the reporting of errors to Microsoft and, if defined, a corporate error repor
                                         Kernel-mode drivers are drivers that operate in kernel mode. Kernel mode allows virtually unl
Printers - Disallow Installation of Drivers
Safe DLL Search Mode                     The default search behavior, when an application calls a function in a Dynamic Link Library (D
                                         The
Media Player - Disabe Automatic Updates automatic check forr updates perforrm by the Windows Media Player must be disabled to
                                         The
Media Player - Prevent Codec Download Windows Media Player uses software components, referred to as CODECs, to play back
Unnecessary Services                     Unnecessary Services increase the attack surface of a system. Some Services may be run u
                                         Starting with
Session Security forr NTLM SSP based Servers Windows 2000 Microsoft has implemented a variety of security support providers
The local lockout duration is set to: 30 minutes.Medium      Configure the system so that the bad logon lockout duration conforrms to
***DETAILS TOO LONG TO INCLUDE HERE. Medium                  RESULT the system to prevent accounts from having unauthorized Use
                                                  SEE RAW Configure FILE FOR DETAILS.***
The minimum local password age is set to: 0 days.Medium      Configure the Minimum Password Age so that it is a minimum of "1". (An
The local password history length is set to: 0 Medium        Configure the system to remember a minimum of "24" used passwords. (
The account Guest has the incorrect name.        Medium      Configure the system to rename the built-in Guest account (Analyze the
The account Administrator has the incorrect name.Medium      Configure the system to rename the Administrator account. (Analyze the
                                                             Configure the system is not >= preserve Event value of System\Curre
The value of System\CurrentControlSet\Services\EventLog\Application\Retentionto properly4294967295.TheLog inforrmation. (Analy
                                                 Medium
                                                             Configure the system to >= 83886080.
The value of System\CurrentControlSet\Services\EventLog\Security\MaxSize is not have the required minimum Event log sizes. (An
                                                 Medium
Anonymous FTP is allowed.                        Medium      Configure the system to prevent an installed FTP service from allowing p
                                                             Configure The policy values forr User Configuration -> value: Software\P
The value: Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure does not exist.The Administrative Te
                                                 Medium
***DETAILS TOO LONG TO INCLUDE HERE. Medium                  RESULT the Security Option:

                                                  SEE RAW Configure FILE FOR DETAILS.***     Windows 2003 - ―Network access: Let ev
                                                                                             

                                                             Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePasswordthe dial-up networking password from b
                                                 Medium
                                                             Configure the system to 4.
The value of System\CurrentControlSet\Control\Lsa\LMCompatibilityLevel is not >= the required level of LanMan authentication. (An
                                                   High
                                                   High      Configure the system to give the right "Deny access to this computer from
Required account does not have the Logon Right: Deny access this computer over the network. Account: GuestsRequired account
                                                             Configure the system to, at a minimum, lock
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SCRemoveOption is not >= 1. the system if a smart card is
                                                 Medium
                                                 Medium      Configure the system to have the SMB Server sign SMB packets when p
The value of System\CurrentControlSet\Services\LanmanServer\Parameters\EnableSecuritySignature does not equal 1.
                                                             Create a Audio.Incorrect ACL for service Indexing Service.Incorrect ACL
                                                 for service Windows Custom Security Template using the Security Template MMC S
Incorrect ACL for service Alerter.Incorrect ACL Medium
                                                             Configure the system as specified in the does not exist.
The value: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRunmanual check to prevent remov
                                                   High
The value: Software\Policies\Microsoft\Windows High          Configure the system to prevent remote control of the computer by settin
                                                   NT\Terminal Services\Shadow does not exist.
                                                             Configure the system to wait forr complete does not exist.
The value: Software\Policies\Microsoft\Windows NT\CurrentVersion\Winlogon\SyncForegroundPolicy network initialization beforre a
                                                 Medium
The value: Software\Policies\Microsoft\Windows High          Configure the system to disable Remote Assistance by setting the policy
                                                   NT\Terminal Services\fAllowToGetHelp does not exist.
                                                             Configure does not value
The value: Software\Policies\Microsoft\Messenger\Client\PreventRunthe policy exist. forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy not exist.
The value: Software\Policies\Microsoft\Messenger\Client\PreventAutoRun doesvalue forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the system to require the use equal 1.
The value of System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey does notof a strong session key. (Analyz
                                                 Medium
                                                             Configure the system to require does not equal passed to a domain co
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogoncredentials to be1.
                                                 Medium
                                                             Configure the system to equal 1.
The value of System\CurrentControlSet\Control\Lsa\DisableDomainCreds does not prevent the storage of credentials and .NET pas
                                                 Medium
                                                             Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\NoLMHash doesthe system1. prevent the LAN Manager hash from being store
                                                   High
                                                             Configure the system logon time expires.
The local user is forced to logoff TIMEQ_FOREVER (infinite) seconds after theirto log off users when their allowed logon hours exp
                                                 Medium
                                                             Configure the system does not equal 537395248.
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSecto meet requirements forr NTLM SSP based client
                                                 Medium
                                                             Configure the does not require
The value of System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicysystem to equal 1.the use of FIPS compliant algorithms. (A
                                                 Medium
                                                             Set the value forr ―System objects:
The value of System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner does not equal 1. Default owner forr object created by m
                                                 Medium
                                                             Configure the policy
The value: Software\Policies\Microsoft\Conferencing\NoRDS does not exist. value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the Settings\Security_HKLM_only does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the Settings\Security_Options_Edit does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                 Medium
                                                             Configure the Settings\Security_Zones_Map_Edit does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                 Medium
The value: Software\Policies\Microsoft\Internet Medium       Configure the policy value forr Computer Configuration -> Administrative
                                                 Explorer\InfoDelivery\Restrictions\NoJITSetup does not exist.
                                                             Configure the policy value forr Computer Configuration
                                                 Explorer\InfoDelivery\Restrictions\NoUpdateCheck does not exist. -> Administrative
The value: Software\Policies\Microsoft\Internet Medium
                                                             2003/XP - Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fSingleSessionPerUser doesComputer Configuration -> Adm
                                                 Medium
                                                             Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxInstanceCount does not Configuration -> Administrative
                                                 Medium
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword does not exist.
                                                             Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel does notConfiguration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\PerSessionTempDir does not exist.
                                                             Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DeleteTempDirsOnExit doesConfiguration -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxDisconnectionTime doesConfiguration -> Administrative
                                                 Medium
                                                             Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxIdleTime doesComputer Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fReconnectSame does not exist.
                                                             Configure the policy value does not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fResetBroken forr Computer Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the system to prevent unsolicited remote assistance offers by
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited does not exist.
                                                             Configure the system to prevent
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DoReport does not exist. error forrwarding by setting the policy va
                                                 Medium
                                                             Configure the system to prevent it exist.
The value: Software\Policies\Microsoft\Windows NT\Printers\KMPrintersAreBlocked does not from allowing the installation of kernel
                                                 Medium
                                                 Medium      Configure the system to use Safe Dll Search Mode. (Analyze the system
The value: System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode does not exist.
                                                             Configure the policy value forr exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\DisableAutoupdate does notComputer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value does not exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\PreventCodecDownloadforr User Configuration -> Administrative Tem
                                                 Medium
                                                             Configure the system to disable any services that are not required. RasM
The startup type for the ALG service is incorrect.The startup type for the AppMgmt service is incorrect.The startup type for the (Wind
                                                 Medium
                                                 Medium      Configure the system to meet the minimum requirement forr session sec
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec does not equal 537395248.
192.168.0.8   computer1   V0001099   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001103   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001105   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001107   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001114   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001115   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001117   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001118   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001120   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001122   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001130   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001139   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001153   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001155   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001157   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0001162   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0002371   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0002374   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003341   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003342   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003343   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003348   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003349   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003374   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003375   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003376   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003379   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003380   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003382   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003383   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003384   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003426   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003427   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003428   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003429   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003431   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003432   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003449   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003450   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003452   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003453   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003454   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003455   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003456   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003457   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003458   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003459   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003460   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003470   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003471   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003478   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003479   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003480   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003481   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003487   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003666   Windows 2003   Pro103.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Strong Key Protection                Configuring this setting so that users must provide a password (distinct from their domain pass
Software Restriction Policies        Software restriction policies help to protect users and computers from executing unauthorized
                                     Allowing
Terminal Services - Secure RPC Connection. unsecure RPC communication exposes the server to man in the middle attacks and
                                     Enabling this setting and then selecting the Process even if the Group Policy objects have not
Group Policy - Registry Policy Processing
SMB Client Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) client to perforrm
SMB Server Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) server to always
Minimum Password Length              Inforrmation systems not protected with strong password schemes including passwords of min
Password Expiration                  Passwords that do not expire or are reused increase the exposure of a password with greater
Auditing Configuration               Maintaining an audit trail of system activity logs can help identify configuration errors, troubles
Password Requirement                 The lack of password protection enables anyone to gain access to the inforrmation system, wh
2006-A-0056                          Two vulnerabilities have been identified affecting Microsoft Windows Media Player. Microsoft
2007-B-0004
2007-A-0020                          Microsoft has reported several new vulnerabilities affecting the Microsoft Windows Operating
2007-A-0021                          Microsoft has reported a vulnerability affecting Microsoft Agent. Microsoft Agent is a set of so
2007-B-0009                          Microsoft has released a security bulletin addressing three vulnerabilities in Client/Server Run
schannel.dll is the wrong version.
2007-B-0011                          Microsoft has released Security Bulletin MS07-034 addressing two privately reported and two
2007-A-0035                          Microsoft has released Security Bulletin MS07-035 addressing one new vulnerability in a Win3
2007-A-0037                          Executive Summary: Microsoft has released a Security Bulletin addressing several vulnerabili
ntdsa.dll is the wrong version.
2007-A-0042                          One new vulnerability has been disclosed that affects Extensible Markup Language (XML) Co
2007-A-0045                          A remote code execution vulnerability has been discovered affecting Vector Markup Language
2007-B-0026                          Microsoft has reported two new vulnerabilities within multiple versions of Windows Media Play
2007-T-0040                          A new vulnerability affecting Windows Remote Procedure Call (RPC) Authentication has been
2007-A-0053                          Microsoft has reported a new vulnerability affecting Uniforrm Resource Identifier (URI) Handlin
HBSS CMA Agent                       None Specified.
2007-A-0056                          Microsoft has reported a new vulnerability affecting Windows Media Format Runtime within W
2008-B-0003                          Microsoft has reported two vulnerabilities in processing ICMP (Internet Control Management P
2008-B-0016                          Microsoft has addressed a remote code vulnerability affecting the way Internet Inforrmation Se
2008-A-0005                          Microsoft has reported a new vulnerability affecting WebDAV Mini-Redirector within Windows
2008-A-0006                          Microsoft has reported a new vulnerability affecting the Object Linking and Embedding (OLE)
2008-B-0034                          Microsoft has addressed a vulnerability affecting Microsoft Java Script (JScript) and Visual Ba
2008-B-0033                          Microsoft has addressed a remote code execution vulnerability associated with the ActiveX co
2008-B-0035                          A new vulnerability has been reported by Microsoft that affects Windows Domain Name Syste
2008-A-0040                          Microsoft has reported two vulnerabilities in Microsoft DirectX affecting MJPEG File and SAMI
2008-T-0025                          Microsoft has addressed two vulnerabilities affecting the Pragmatic General Multicast (PGM) p
2008-T-0024                          Microsoft has reported a vulnerability in Microsoft Speech API. SAPI is the Microsoft Speech A
2008-A-0044                          Microsoft has reported two vulnerabilities that affect Microsoft Windows 2000, Windows XP, W
2008-A-0060                          Microsoft has reported a vulnerability in the Microsoft Image Color Management (ICM) system
2008-T-0039                          Microsoft has reported multiple vulnerabilities in Microsoft Windows Event System that could a
2008-B-0056                          Microsoft has reported a vulnerability in Outlook Express and Windows Mail. To exploit this vu
2008-B-0075                          Microsoft has addressed remote code execution vulnerability that exists on various Windows s
Srv.sys is the wrong version.
2008-A-0081                          Microsoft has addressed a remote code execution vulnerability in the Server service in this ou
2008-B-0079                          Microsoft has announced a vulnerability in the Server Message Block (SMB) of several Windo
                                     This registry key will prevent the autorun.inf from executing commands.
Disallow AutoPlay/Autorun from Autorun.inf
2008-A-0087                          Microsoft has addressed multiple vulnerabilities affecting Microsoft Internet Explorer. To explo
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
WA000-WI080                          Cited by SANS as one of the five most widely exploited holes in unpatched versions of IIS in 2
                                                                Configure the does not require
The value: Software\Policies\Microsoft\Cryptography\ForceKeyProtectionsystem to exist. a user password forr accessing private k
                                                    Medium
                                                                Configure the system to enforrce software not equal 1.
The value of SOFTWARE\Policies\Microsoft\windows\safer\codeidentifiers\authenticodeenabled doesrestriction policies. (Analyze th
                                                    Medium
                                                                Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic does notConfiguration -> Administrative
                                                    Medium
                                                    Medium      Configure the system to reprocess Group Policy objects that have chang
The value: Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoGPOListChange
                                                                Configure the system to always sign SMB client traffic. not equal 1.
The value of System\CurrentControlSet\Services\LanManWorkstation\Parameters\RequireSecuritySignature does(Analyze the syst
                                                    Medium
                                                                Configure the system so that the SMB Server does is set to always sign
The value of SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignaturepolicy not equal 1.
                                                    Medium
The minimum local password length is set to: 0Medium            Configure all inforrmation systems to require passwords of the minimun l
                                                                Configure all password does not expire.Guest password does the DUM
The following accounts have passwords that do not expire:Administrator inforrmation systems to expire passwords. (Usingnot expire
                                                    Medium
                                                                Configure the system to audit type: Policy Change.Success not audited
Success not audited for event type: Account Management.Success not audited for event categories as outlined in check procedure.f
                                                    Medium
                                                                Configure all DOD inforrmation systems to require passwords
The following accounts do not have the 'Password Required' flag set:GuestIUSR_COMPUTER1IWAM_COMPUTER1 to gain acc
                                                       High
Dxmasf.dll is the wrong version.                    Medium      No Manual Fix Procedures (Windows - 
    Check that the following files are
                                                                                                         

Mfc40u.dll is the wrong version.                    Medium      No Manual Fix Procedures (Windows - Windows XP (x86) fixed by SP3 (
                                                       High     No Manual Fix the wrong version.win32k.sys is the wrong version.
gdi32.dll is the wrong version.mf3216.dll is the wrong version.user32.dll is Procedures (Windows XP fixed by SP3Windows Vista fix
agentdpv.dll is the wrong version.w03a2409.dll Medium           No Manual
                                                     is the wrong version. Fix Procedures (Windows XP fixed by SP3Verify that the patc
winsrv.dll is the wrong version.                       High     No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vis
schannel.dll is the wrong version.
                                                    Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vis
inetcomm.dll is the wrong version.wab32.dll is the wrong version.
The Service Pack Major Version of 2 is not >= 3.    Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Verify that th
                                                    Medium       wrong version.Corperfmonext.dll that wrong version.Mscoree.dll is the
Aspnet_isapi.dll is the wrong version.Aspnet_wp.exe is the No Manual Fix Procedures (Verifyis thethe patch has been installed by ch
ntdsa.dll is the wrong version.
Msxml3.dll is the wrong version.                    Medium      No Manual Fix Procedures (XML Core Services 3.0 and 6.0 in Windows
vgx.dll is the wrong version.                       Medium      No Manual Fix Procedures (IE 6 on Windows XP (x86) fixed by SP3Wind
wmp.dll is the wrong version.                       Medium      No Manual Fix Procedures (Windows Vista fixed by SP1
    
Download and
rpcrt4.dll is the wrong version.                       High     No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vis
shell32.dll is the wrong version.                   Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
                                                                Deploy the CMA Plugins\EPOAGENT3000 does not accordance with th
The key: SOFTWARE\Network Associates\ePolicy Orchestrator\Application agent as detailed in the CTO and in exist.
                                                    Medium
wmasf.dll is the wrong version.                     Medium      No Manual Fix Procedures (Windows Vista fixed by SP1Download and a
tcpip.sys is the wrong version.                        High     No Manual Fix Procedures (Windows Vista fixed by SP1
    
Download and
asp.dll is the wrong version.                       Medium      No Manual Fix Procedures (Download and apply the appropriate patches
mrxdav.sys is the wrong version.                       High     No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
oleaut32.dll is the wrong version.                  Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3 (not Visual B
                                                    Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
Jscript.dll is the wrong version.vbscript.dll is the wrong version.
                                                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
The value: SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22FD7C0A-850C-4A53-9821-0B0915C96139}\Compatib
                                                       wrong
Dnsapi.dll is the wrong version.Dnsrslvr.dll is theHigh version.No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
quartz.dll is the wrong version.                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
Rmcast.sys is the wrong version.                       High     No Manual Fix Procedures (Download and apply the appropriate patches
                                                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
The value: SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22FD7C0A-850C-4A53-9821-0B0915C96139}\Compatib
                                                       High     No Manual Fix Procedures (Download and apply the appropriate patches
Afd.sys is the wrong version.Dnsapi.dll is the wrong version.Mswsock.dll is the wrong version.Tcpip.sys is the wrong version.Tcpip6
mscms.dll is the wrong version.                        High     No Manual Fix Procedures (Download and apply the appropriate patches
Es.dll is the wrong version.                           High     No Manual Fix Procedures (Download and apply the appropriate patches
Inetcomm.dll is the wrong version.                  Medium      No Manual Fix Procedures (Download and apply the appropriate patches
                                                       High     No Manual Fix Procedures (Download and apply the appropriate patches
Msw3prt.dll is the wrong version.Win32spl.dll is the wrong version.
Srv.sys is the wrong version.
Netapi32.dll is the wrong version.                     High     No Manual Fix Procedures (Download and apply the appropriate patches
mrxsmb.sys is the wrong version.                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
                                                       High     Add the registry value as specified in does not exist.
The value: SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\(null) the manual check. (In the Registry
                                                    the wrong No Manual Fix Procedures (Download and apply is the wrong version.Ms
Browseui.dll is the wrong version.Dxtmsft.dll is Medium version.Dxtrans.dll is the wrong version.Mshtml.dll the appropriate patches
                                                    is the wrong version.
Ntkrnlpa.exe is the wrong version.Ntoskrnl.exe Medium           Client Deployment Inforrmation1. Download the client version of this sec
The Service Pack Major Version of 2 is not >= 3.    Medium      Client Deployment Inforrmation1. Download the client version of this sec
lsasrv.dll is the wrong version.                    Medium      Client Deployment Inforrmation1. Download the client version of this sec
infocomm.dll is the wrong version.                  Medium      Client Deployment Inforrmation1. Download the client version of this sec
win32k.sys is the wrong version.                    Medium      Client Deployment Inforrmation1. Download the client version of this sec
Wins.exe is the wrong version.                      Medium      Client Deployment Inforrmation1. Download the client version of this sec
                                                    is the wrong version.
Ntkrnlpa.exe is the wrong version.Ntoskrnl.exe Medium           Client Deployment Inforrmation1. Download the client version of this sec
Afd.sys is the wrong version.                       Medium      Client Deployment Inforrmation1. Download the client version of this sec
                                                    Medium      Procedure: Start>>Run>>Regedt32>>navigate to \\Hkey_Local_Machine
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableWebPrinting does not exist.
192.168.0.8   computer1   V0004444   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0004446   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0004447   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0004448   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006832   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006833   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006836   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006840   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006850   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0007002   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013461   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013603   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013883   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013934   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013937   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014353   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014354   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014358   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014473   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014474   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014819   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014825   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014832   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015305   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015397   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015505   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015588   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015663   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015739   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015742   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015744   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015940   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015943   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0015944   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016036   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016038   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016041   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016147   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016737   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016744   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016745   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0017793   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0017799   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0017870   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0017878   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0017900   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0017909   Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1              Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006754   Windows 2003   Pro103.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
WA000-WI035                           The IISADMPWD directory is included by default with IIS. It allows users to reset Windows pa
WA000-WI100                           Some COM components are not required forr most applications and should be removed if pos
WA000-WI6082                          UTF8 lets you represent characters of many languages in an encoded forrm. A period and a s
WA000-WI6084                          If non-zero, Http.sys always tries to decode a URL as UTF-8 first; if that conversion fails and E
WA000-WI6092                          If PercentUAllowed is non-zero, Http.sys accepts the %uNNNN notation in request URLs. Allo
WG110                                 This check verifies that the web site is not configured to permit an unlimited number of HTTP r
WG205                                 Web content is accessible to the anonymous web user. For such an account to have access t
                                       messages
DTAM005-McAfee VirusScan removeThis parameter controls if users can remove virus alerts from the display.
                                      This parameter controls if infected files are deleted.
DTAM007-McAfee VirusScan delete infected file
                                        size parameter
DTAM010-McAfee VirusScan limit logThis parameter controls the log size.
                                      This parameter
DTAM011-McAfee VirusScan log session parameter controls if session settings are being logged.
                                        actions email
DTAM029-McAfee VirusScan allowedThis parameter controls what actions should happen when a virus is detected.
                                      This parameter
DTAM030-McAfee VirusScan action prompt email ensures appropriate actions are prompted forr when a virus is found.
                                        size email
DTAM036-McAfee VirusScan limit logThis parameter deteremines the size of the log file to ensure data is available forr review.
                                      This setting
DTAM037-McAfee VirusScan log content email controls the entries that are stored in the virus scanning log.
                                       MIME encoded
DTAM053-McAfee VirusScan decodeThis file ensures that MIME encoded files are scanned forr viruses.
                                      This parameter controls the secondary action that is perforrmed when a virus is found.
DTAM057-McAfee VirusScan secondary action
                                      This parameter
DTAM060-McAfee VirusScan log file limit parameter determines the minimum size forr the log to ensure enough data is available fo
                                      This parameter
DTAM061-McAfee VirusScan log session settings ensures that session settings are logged.
                                      This
DTAM070-McAfee VirusScan schedule parameter ensures that the virus scan is scheduled to be executed.
                                      This setting is
DTAM090-McAfee VirusScan onaccess scan scriptsrequired forr the virus software.
                                      This setting is required forr the virus software.
DTAM092-McAfee VirusScan onaccess scan blocking
                                      This setting is required forr the virus software.
DTAM093-McAfee VirusScan onaccess scan blocking
                                      This setting
DTAM106-McAfee VirusScan scan inside archive is required forr the virus software.
                                      This setting is required forr the virus software.
DTAM107-McAfee VirusScan scan MIME files parameter
                                      This setting action
DTAM039-McAfee VirusScan unwanted programsis required forr the virus software.
                                        limitation
DTAM134-McAfee VirusScan log sizeThis setting is required forr the virus software.
                                      This Spyware
DTAM135-McAfee VirusScan detection of setting is required forr the virus software.
                                      This Adware
DTAM136-McAfee VirusScan detection of setting is required forr the virus software.
                                      By setting
DTBI001 - The IE home page is not set correctlythis parameter appropriately, a malicious web site will be automatically loaded into a
                                      This parameter ensures that third party cookies are blocked. Third party cookies come from a
DTBI007-IE third party cookies not set correctly
                                      This correctly
DTBI014-IE SSL/TLS parameter is not set parameter ensures SSL and TLS are able to be used from the browser.
                                      This parameter warns users if the certifcate being presented by the web site is invalid. Since
DTBI015-IE warning of invalid certificates not set
                                        correctly
DTBI016-IE changing zones is not setThis parameter warns the user when changing between zones. This conveys important inforrm
                                      This parameter warns the user that input from the forrm is being redirected to another web site
DTBI017-IE forrm redirect is not set correctly
                                      Since most IE
DTBI021-Users can change advanced settings in of the IE settings can be changed through the GUI, it is important to ensure that us
                                      Active X controls
DTBI022-Download signed Active X controls-Internet can contain potentially malicious code and must only be allowed to be downl
                                       controls-Interne
DTBI023-Download unsigned ActiveXActive X controls can contain potentially malicious code and must only be allowed to be downl
                                      ActiveX
DTBI024-Initialize and script ActiveX controls controls that are not marked safe scripting should not be executed. Although this is n
                                      forr scripting
DTBI026-Script ActiveX marked safe ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                      Download
DTBI030-Font download control - Internet Zone of fonts can sometimes contain malicious code.
                                      Java must have
DTBI031-Java Permissions not set forr Internet Zone level of protections based upon the site being browsed.
                                        domains-Interne
DTBI032-Access data sources acrossAccess to data sources across multiple domains must be controlled based upon the site being
                                      Display mixed content must have level of protection based upon the site being browsed.
DTBI034-Display mixed content - Internet Zone
                                      Drag and Drop
DTBI036-Drag and drop or copy and paste-Internet or copy and paste files must have level of protection based upon the site being
                                       - Internet
DTBI037-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                      Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI038-Launching programs and files in IFRAME-Int
                                        domains-Interne
DTBI039-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                      Software Channel permissions must have level of protection based upon the site being access
DTBI040-Software channel permissions - Internet
                                      data - Internet
DTBI041-Submit non-encryped forrm The user needs to be prompted beforre sending inforrmation from a browser that is not encryp
                                      Userdata
DTBI042-Userdata persistence - Internet Zone persistence must have level of protection based upon the site being accessed.
                                      Allow paste operations via script must have level of protection based upon the site being acce
DTBI044-Allow paste operations via script-Internet
                                      Java Applets
DTBI045-Scripting of Java applets - Internet Zone must have level of protection based upon the site being accessed.
                                        Internet Zone
DTBI046-User Authentication-Logon -Care must be taken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI056-Script ActiveX controls marked safe-Local that are not marked safe forr scripting should not be executed. Although this
                                      Java must
DTBI061-Java Permissions not set - Local Zone have level of protection based upon the site being browsed.
                                                 High      If possible, ensure the
A IISADMPWD directory was found in the root: C:\WINDOWS\system32\inetsrv\ IISADMPWD directory has been removed from th
                                                Medium     Unregister the File System Object using the CLSID\{0D43FE01-F093-11
The key: Scripting.FileSystemObject\CLSID exists.The key: Scripting.FileSystemObject exists.The key:following command:regsvr32
                                                Medium     Use the registry editor and navigate to the
The value: System\CurrentControlSet\Services\HTTP\Parameters\EnableNonUTF8 does not exist. following location in the regist
                                                Medium     Use the registry editor and navigate
The value: System\CurrentControlSet\Services\HTTP\Parameters\FavorUTF8 does not exist. to the following location in the regist
                                                Medium     Use the registry editor and navigate to the
The value: System\CurrentControlSet\Services\HTTP\Parameters\PercentUAllowed does not exist. following location in the regist
                                                Medium     From the Internet Services less than or equal to "4294967294", at locatio
The metabase ID MD_MAX_CONNECTIONS has a value of "4294967295" and is not Manager Select the web site to be examined;
                                                           Using the the substring "C:", at location:Key Prefix: /LM/W3SVC/1/Key S
The metabase ID MD_VR_PATH contains "c:\inetpub\wwwroot" ANDInternet Inforrmation Services Console, locate the web site bei
                                                Medium
                                                Medium     Change the registry key HKLM\Software\Network does not equal 0.
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\Alert_UsersCanRemoveAssociates\TVD\Share
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\Share
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\Alert_UsersCanDelete does not equal 1.
                                                Medium     Change the registry key HKLM\Software\Network >= 100.
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\dwMaxLogSizeMB is notAssociates\TVD\Share
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\Share
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\bLogSettings does not equal 1.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email scanner
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ActionOptions\uAction does not equal 2.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email scanner
The value of Software\McAfee\VSCore\Email scanner\Outlook\OnDelivery\ActionOptions\dwPromptButton does not equal 31.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email Scanner
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions\dwMaxLogSizeMB is not >= 100.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions\dwLogEvent does not equal 304.Scanner
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\ScanMime does not equal
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\uSecAction does not equa
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\uKilobytes is not >= 20480
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\bLogSettings does not equ
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\bSchedEnabled does not
                                                Medium     Procedure: Use the not equal 1.
The value of Software\McAfee\VSCore\Script Scanner\ScriptScanEnabled doesWindows Registry Editor to navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor >= 30.
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\VSIDBlockTimeout is notto navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to navigate to the
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\VSIDBlockOnNonVirus does not equal 1. following
                                                Medium     Procedure: Use the Windows Registry Editor does not equal 1.
The value of Software\McAfee\VSCore\On access scanner\McShield\Configuration\default\ScanArchivesto navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to not equal 1.
The value of Software\McAfee\VSCore\On access scanner\McShield\Configuration\default\ScanMime doesnavigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to equal 2.
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ActionOptions\uAction does not navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor not >= 64.
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\dwMaxLogSizeMB_Ent isto navigate to the following
                                                Medium     Procedure: Use 1.
The value of software\McAfee\VSCore\NVP\DetectSpyware does not equal the Windows Registry Editor to navigate to the following
                                                Medium      does not equal the
The value of software\McAfee\VSCore\NVP\DetectAdware Procedure: Use1. Windows Registry Editor to navigate to the following
                                                Page does Change StartPage value to about:blank, a trusted site, or a local file. (Pro
Software\Microsoft\Internet Explorer\Main\StartMedium      not contain the substring about:blank.
                                                Medium     Under Settings\PrivacyAdvanced does Privacy Tab and click the Advan
The value of Software\Microsoft\Windows\CurrentVersion\InternetTools/Internet Options, select the not equal 1.The value of Softwar
                                                Medium     Change registry key HKCU\Software\Microsoft\Windows\CurrentVersion
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonZoneCrossing does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect does not exist.
                                                Explorer\Control Panel\AdvancedTab does not exist.
The value: Software\Policies\Microsoft\Internet Medium     Change the registry key HKCU\Software\Policies\Microsoft\Internet Explo
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1405 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609 does not exist.
                                                Medium     If a value forr Settings\Zones\3\1802 not not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet this zone is present anddoesset to 3 change the registry ke
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1607 does not exist.
                                                Medium     Procedure: Use the Windows Registry Editor to navigate to the following
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1606 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1407 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1402 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1405 does not equal 1.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1C00 does not exist.
192.168.0.8   computer1   V0013698   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013700   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013715   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013716   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0013720   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0002240   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0003333   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006470   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006472   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006475   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006476   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006592   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006593   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006597   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006598   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006612   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006617   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006620   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006621   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006627   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014618   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014620   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014621   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014628   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014629   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014652   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014661   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014662   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0014663   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006228   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006234   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006238   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006239   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006240   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006241   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006242   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006243   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006244   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006245   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006246   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006248   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006249   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006250   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006251   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006253   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006254   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006255   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006256   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006257   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006258   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006259   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006260   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006261   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006262   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006266   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006267   Windows 2003   Pro103.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                      Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI065-Dont prompt client certificate - Local zon
                                      Software Zone
DTBI070-Software channel permissions - Localchannel permissions must have level of protection based upon the site being access
                                      The - Local
DTBI074-Allow paste operations via scriptAllow paste operations via script must have level of protection based upon the site being
                                        - Local Zone
DTBI076-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI086-Activex controls marked safe - Trusted Sit that are not marked safe forr scripting should not be executed. Although this
                                      Java must have level of protection based upon the site being browsed.
DTBI091-Java Permissions not set - Trusted Sites
                                      The Software channel permissions must have level of protection based upon the site being ac
DTBI100-Software channel permissions - Trusted Sit
                                      Allow paste operations via script must have level of protection based upon the site being acce
DTBI104-Allow paste operations via script-Trusted
                                        - Trusted be
DTBI106-User Authentication - LogonCare must Sitetaken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI112-Download signed ActiveX - Restricted Sites can contain potentially malicious code and must only be allowed to be downlo
                                        - Restricted Sit
DTBI113-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                      ActiveX controls that are not marked safe forr scripting should not be executed. Although this
DTBI114-Initialize and script ActiveX - Restricted
                                      ActiveX controls
DTBI115-Run ActiveX controls and plugins-Restricte that are not marked safe forr scripting should not be executed. Although this
                                      ActiveX controls
DTBI116-Script ActiveX controls marked safe-Restri that are not marked safe forr scripting should not be executed. Although this
                                      Files Sites
DTBI119-File download control - Restrictedshould not be able to be downloaded from sites that are considered restricted.
                                      Download of
DTBI120-Font download control - Restricted Sites fonts can sometimes contain malicious code. Files should not be downloaded f
                                      The restricted zones is used forr MS Outlook. This zone must be set properly to ensure Outlo
DTBI122-Access data sources - Restricted Sites
                                      Allow META
DTBI123-Allow META REFRESH - Restricted SitesREFRESH must have level of protection based upon the site being browsed.
                                      Mixed Sites
DTBI124-Display mixed content - Restricted content poses a risk when coming from a restricted site.
                                      Drag - Restrict
DTBI126-Drag and drop or copy and paste and Drop of files must have level of protection based upon the site being accessed.
                                        - Restricted
DTBI127-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                      Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI128-Launching programs and files in IFRAME-Res
                                        domain - Restri
DTBI129-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                      Software channel permissions must have level of protection based upon the site being access
DTBI130-Software channel permissions - Restricted
                                        data-Restricted
DTBI131-Submit non-encrypted forrmSubmit non-encrypted forrm data must have level of protection based upon the site being acce
                                      No perseistant data should exist and be used in the Restricted sites zone.
DTBI132-Userdata persistence - Restricted Sites
                                       Sites
DTBI133-Active scripting - Restricted Active Scripting must have level of protection based upon the site being accessed.
                                      The Allow paste
DTBI134-Allow paste operations via scripts-Restric operations via script must have level of protection based upon the site being
                                        - Restricted
DTBI136-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                       set ensures
DTBI160-Hash setting forr SHA is notThis properly that the Hash value forr SHA is enabled.
                                        installed
DTBG010-DoD Root Certificate is notThe DOD root certificate will ensure that the trust chain is established forr server certificated is
                                      This parameter ensures automatic searches are not perforrmed from the address bar. When
DTBI011-IE search parameter is not set correctly.
                                      Java must have level of protection based upon the site being browsed.
DTBI121-Java Permissions not set forr Restricted
                                      This policy setting
DTBI025 - The Download signed ActiveX controls pro allows you to manage whether users may download signed ActiveX controls
Approved DOD Virus Scan Program This is a Category 1 finding because Virus scan programs are a primary line of defense again
Incorrect ACLs forr event logs        Event logs are susceptible to unauthorized, and possibly anonymous, tampering if proper ACL
File Auditing Configuration           Improper modification of the core system files can render a system inoperable. Further, modif
Restrict Anonymous Network Shares This is a Category 1 finding because it allows anonymous logon users (null session connectio
Bad Logon Attempts                    The account lockout feature, when enabled, prevents brute-forrce password attacks on the sy
Bad Logon Counter Reset               This parameter specifies the amount of time that must pass between two successive login atte
Lockout Duration                      This parameter specifies the amount of time that must pass beforre a locked-out account is au
User Rights Assignments               Inappropriate granting of user and advanced user rights can provide system, administrative, a
Minimum Password Age                  Permitting passwords to be changed in immediate succession within the same day, allows use
Password Uniqueness                   A system is more vulnerable to unauthorized access when system users recycle the same pas
Rename Built-in Guest Account         A system faces an increased vulnerability threat if the built-in guest account is not renamed or
                                      The
Rename Built-in Administrator Account built-in administrator account is a known account that can be initialized with a blank passw
Preserving security events            DOD policy requires that a security audit log be maintained and that events in the log not be a
Event Log Sizes                       Inadequate log size will cause the log to fill up quickly and require frequent clearing by adminis
Password Protected Screen Saver The system should be locked when unattended. Unattended systems are susceptible to unau
System File ACLs                      Failure to properly configure ACL file and directory permissions, allows the possibility of unaut
Dial Up Password Saved                The default Windows configuration enables the option to save the password used to gain acce
LanMan Authentication Level           The Kerberos v5 authentication protocol is the default forr authentication of users who are logg
Deny Access from the Network          This is a Category 1 finding because allowing network logins by the built-in guest accounts, wh
Smart Card Removal Option             Determines what should happen when the smart card forr a logged-on user is removed from th
                                      If this policy is enabled, it causes the Windows Server Message Block (SMB) server to perforr
SMB Server Packet Signing (if client agrees)
ACLs forr disabled services           When configuring either the startup mode or access control list forr a service, you must config
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A04 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1E05 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1407 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A00 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1405 does not equal 1.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1C00 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1E05 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1407 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A00 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1604 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1608 does not exist.
                                                 Medium       Procedure: Use the Windows Registry Editor exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609 does notto navigate to the following
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1802 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1607 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1E05 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1601 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1606 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1400 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1407 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1A00 does not exist.
                                                 Medium       Navigate to the registry key HKLM\SYSTEM\CurrentControlSet\Control\S
The value: SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA\Enabled does not exist.
                                                 Medium       Install the DOD root certificate. (Netscape Procedure: On the Edit menu
The key: SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\10F193F340AC91D6DE5F1EDC006247C4F25D9671 does n
                                                 Medium       Use the Windows Registry Editor to navigate to the following key: HKCU
The value: Software\Microsoft\Internet Explorer\Main\AutoSearch does not exist.
                                                 Medium       Use the Windows Registry Editor to navigate to the following key: HKLM
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1C00 does not exist.
                                                              The policy value forr Computer Configuration -> does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1001 Administrative Template
                                                 Medium
                                                    system. Configure the system with supported, DOD approved virus scanning soft
Antivirus (Element ID: 604) is not present on the High
                                                              Set the ACL permissions on the following Event Logs as defined files m
The following files have incorrect permissions: CHK(90000)C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.EvtThe following in theha
                                                 Medium
                                                 Medium       Configure auditing on each partition/drive to audit all "Failures" forr and S
The following files have incorrect audit settings: CHK(90077)C:\C:\AUTOEXEC.BATC:\boot.iniC:\CONFIG.SYSC:\Documents the "E
                                                              Configure the system to prevent
The value of System\CurrentControlSet\Control\Lsa\RestrictAnonymous does not equal 1. anonymous users from listing account n
                                                    High
Account lockout is not enabled.                  Medium       Configure the system to lock out an account after 3 invalid logon attempt
The local lockout counter resets after 30 minutes.
                                                 Medium       Configure the system to have the lockout counter reset itself after a minim
The local lockout duration is set to: 30 minutes.Medium       Configure the system so that the bad logon lockout duration conforrms to
                                                              Configure the the network. Accounts: Backup having unauthorized Use
Unauthorized accounts have the Logon Right: Access this computer oversystem to prevent accounts fromOperatorsPower UsersEv
                                                 Medium
The minimum local password age is set to: 0 days.Medium       Configure the Minimum Password Age so that it is a minimum of "1". (An
The local password history length is set to: 0 Medium         Configure the system to remember a minimum of "24" used passwords. (
The account Guest has the incorrect name.        Medium       Configure the system to rename the built-in Guest account (Analyze the
The account Administrator has the incorrect name.Medium       Configure the system to rename the Administrator account. (Analyze the
                                                              Configure the system is not >= preserve Event value of System\Curre
The value of System\CurrentControlSet\Services\EventLog\Application\Retentionto properly4294967295.TheLog inforrmation. (Analy
                                                 Medium
                                                              Configure the system to >= 83886080.
The value of System\CurrentControlSet\Services\EventLog\Security\MaxSize is not have the required minimum Event log sizes. (An
                                                 Medium
                                                              Configure The policy values forr User Configuration -> value: Software\P
The value: Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure does not exist.The Administrative Te
                                                 Medium
***DETAILS TOO LONG TO INCLUDE HERE. Medium                    RESULT the Security Option:

                                                   SEE RAW Configure FILE FOR DETAILS.***      
Windows 2003 - ―Network access: Let ev
                                                              Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePasswordthe dial-up networking password from b
                                                 Medium
                                                              Configure the system to 4.
The value of System\CurrentControlSet\Control\Lsa\LMCompatibilityLevel is not >= the required level of LanMan authentication. (An
                                                    High
                                                    High      Configure the system to give the right "Deny access to this computer from
Required account does not have the Logon Right: Deny access this computer over the network. Account: GuestsRequired account
                                                              Configure the system to, at a minimum, lock
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SCRemoveOption is not >= 1. the system if a smart card is
                                                 Medium
                                                 Medium       Configure the system to have the SMB Server sign SMB packets when p
The value of System\CurrentControlSet\Services\LanmanServer\Parameters\EnableSecuritySignature does not equal 1.
                                                              Create a Audio.Incorrect ACL for service Indexing Service.Incorrect ACL
                                                  for service Windows Custom Security Template using the Security Template MMC S
Incorrect ACL for service Alerter.Incorrect ACL Medium
192.168.0.8   computer1   V0006271   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006274   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006275   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006276   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006280   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006281   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006286   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006287   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006288   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006289   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006290   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006291   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006292   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006293   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006294   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006295   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006297   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006298   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006299   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006301   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006302   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006303   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006304   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006305   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006306   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006307   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006308   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006309   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006311   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006316   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0006318   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0007006   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0007007   Windows 2003   Pro103.xml
192.168.0.8   computer1   V0016879   Windows 2003   Pro103.xml
192.168.0.9   computer2   V0001074   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001077   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001080   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001093   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001097   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001098   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001099   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001103   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001105   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001107   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001114   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001115   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001117   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001118   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001122   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001130   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001139   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001153   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001155   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001157   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0001162   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0002371   Windows 2003   Pro104.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Disable Media Autoplay                   Autoplay begins reading from a drive as soon as you insert media in the drive. As a result, the
                                         This setting is used to control the rules forr remote control of Terminal Services user sessions
Terminal Service - Remote Control Settings
Logon - Always Wait forr the NetworkThe setting determines if Windows waits forr complete network initialization beforre allowing th
                                         This setting
Remote Assistance - Solicit Remote Assistance controls whether or not solicited remote assistance is allowed from this computer.
Windows Messenger - Do Not Allow To Run  This setting prevents the Windows Messenger client from being run. Instant Messaging client
                                         This setting
Windows Messenger - Do Not Start Automatically prevents the automatic launch of Windows Messenger at user logon. Instant Mes
Strong Session Key                       This setting controls the required strength of a session key.
                                         unlock
Domain Controller authentication forr This setting controls the behavior of the system when you attempt to unlock the workstation. I
                                         This
Storage of Credentials or .NET Passports setting controls the storage of authentication credentials or .NET passports on the local s
LAN Manager Hash Value Stored            This setting controls whether or not a LAN Manager hash of the password is stored in the SAM
                                         This
Force Logoff When Logon Hours Expire setting controls whether or not users are forrced to log off when their allowed logon hours
                                         Starting with
Session Security forr NTLM SSP Based Clients Windows 2000 Microsoft has implemented a variety of security support providers
FIPS Compliant Algorithms                This setting ensures that the system uses algorithms that are FIPS compliant forr encryption, h
                                         Either
Owner of Objects Created by Administratorsthe object creator or the Administrators group owns objects created by members of the
                                          Sharing
NetMeeting Disable Remote Desktop Remote desktop sharing enables several users to interact and control one desktop. This coul
IE - Zones: Use Only Machine Settings    This setting enforrces consistent security zone settings to all users of the computer. Security
                                         This Policies
IE - Zones: Do Not Allow Users to Change setting prevents users from changing the Internet Explorer policies on the machine. Polic
                                         This setting prevents users from adding sites to various security zones. Users should not be a
IE - Zones: Do Not Allow Users to Add/Delete Sites
                                         This setting
IE - Disable Automatic Install of IE Compenents controls the ability of Internet Explorer to automatically install components if it goe
                                         This setting determines whether or not Internet Explorer will periodically check the Microsoft w
IE - Disable Periodic Check forr IE Updates
Terminal Services - Session Limit This setting limits users to one remote session. It is possible, if this setting is disabled, forr us
                                         This setting
Terminal Services - Limit Number of Connections limits the number of simultaneous connections allowed to the terminal server. By
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                         This
Terminal Services - Password Prompting setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This
Terminal Services - Set Encryption Level setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This setting,
Terminal Services - Do Not Use Temp Folders which is located under the Temporary Folders section of the Terminal Services co
                                         This
Terminal Services - Delete Temp Folders setting, which is located under the Temporary Folders section of the Terminal Services co
                                         This setting,
Terminal Services - Time Limit forr Disc. Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Time Limit forr Idle Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Original Client Reconnection which is located under the Sessions section of the Terminal Services configuratio
                                          Time Limit
Terminal Services - Enforrce Session This setting, which is located under the Sessions section of the Terminal Services configuratio
                                         This setting
Remote Assistance - Offer Remote Assistance controls whether unsolicited offers of help to this computer are allowed. The list o
Error Reporting - Report Errors          This setting controls the reporting of errors to Microsoft and, if defined, a corporate error repor
                                         Kernel-mode drivers are drivers that operate in kernel mode. Kernel mode allows virtually unl
Printers - Disallow Installation of Drivers
Safe DLL Search Mode                     The default search behavior, when an application calls a function in a Dynamic Link Library (D
                                         The
Media Player - Disabe Automatic Updates automatic check forr updates perforrm by the Windows Media Player must be disabled to
                                         The
Media Player - Prevent Codec Download Windows Media Player uses software components, referred to as CODECs, to play back
Unnecessary Services                     Unnecessary Services increase the attack surface of a system. Some Services may be run u
                                         Starting with
Session Security forr NTLM SSP based Servers Windows 2000 Microsoft has implemented a variety of security support providers
Strong Key Protection                    Configuring this setting so that users must provide a password (distinct from their domain pass
Software Restriction Policies            Software restriction policies help to protect users and computers from executing unauthorized
                                         Allowing
Terminal Services - Secure RPC Connection. unsecure RPC communication exposes the server to man in the middle attacks and
Group Policy - Registry Policy ProcessingEnabling this setting and then selecting the Process even if the Group Policy objects have not
SMB Client Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) client to perforrm
SMB Server Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) server to always
Minimum Password Length                  Inforrmation systems not protected with strong password schemes including passwords of min
Password Expiration                      Passwords that do not expire or are reused increase the exposure of a password with greater
Auditing Configuration                   Maintaining an audit trail of system activity logs can help identify configuration errors, troubles
Password Requirement                     The lack of password protection enables anyone to gain access to the inforrmation system, wh
2006-A-0056                              Two vulnerabilities have been identified affecting Microsoft Windows Media Player. Microsoft
2007-B-0004
2007-A-0020                              Microsoft has reported several new vulnerabilities affecting the Microsoft Windows Operating
2007-A-0021                              Microsoft has reported a vulnerability affecting Microsoft Agent. Microsoft Agent is a set of so
2007-B-0009                              Microsoft has released a security bulletin addressing three vulnerabilities in Client/Server Run
schannel.dll is the wrong version.
2007-B-0011                              Microsoft has released Security Bulletin MS07-034 addressing two privately reported and two
                                                             Configure the system as specified in the does not exist.
The value: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRunmanual check to prevent remov
                                                   High
The value: Software\Policies\Microsoft\Windows High          Configure the system to prevent remote control of the computer by settin
                                                   NT\Terminal Services\Shadow does not exist.
                                                             Configure the system to wait forr complete does not exist.
The value: Software\Policies\Microsoft\Windows NT\CurrentVersion\Winlogon\SyncForegroundPolicy network initialization beforre a
                                                 Medium
The value: Software\Policies\Microsoft\Windows High          Configure the system to disable Remote Assistance by setting the policy
                                                   NT\Terminal Services\fAllowToGetHelp does not exist.
                                                             Configure does not value
The value: Software\Policies\Microsoft\Messenger\Client\PreventRunthe policy exist. forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy not exist.
The value: Software\Policies\Microsoft\Messenger\Client\PreventAutoRun doesvalue forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the system to require the use equal 1.
The value of System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey does notof a strong session key. (Analyz
                                                 Medium
                                                             Configure the system to require does not equal passed to a domain co
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogoncredentials to be1.
                                                 Medium
                                                             Configure the system to equal 1.
The value of System\CurrentControlSet\Control\Lsa\DisableDomainCreds does not prevent the storage of credentials and .NET pas
                                                 Medium
                                                             Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\NoLMHash doesthe system1. prevent the LAN Manager hash from being store
                                                   High
                                                             Configure the system logon time expires.
The local user is forced to logoff TIMEQ_FOREVER (infinite) seconds after theirto log off users when their allowed logon hours exp
                                                 Medium
                                                             Configure the system does not equal 537395248.
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSecto meet requirements forr NTLM SSP based client
                                                 Medium
                                                             Configure the does not require
The value of System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicysystem to equal 1.the use of FIPS compliant algorithms. (A
                                                 Medium
                                                             Set the value forr ―System objects:
The value of System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner does not equal 1. Default owner forr object created by m
                                                 Medium
                                                             Configure the policy
The value: Software\Policies\Microsoft\Conferencing\NoRDS does not exist. value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the Settings\Security_HKLM_only does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the Settings\Security_Options_Edit does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                 Medium
                                                             Configure the Settings\Security_Zones_Map_Edit does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                 Medium
The value: Software\Policies\Microsoft\Internet Medium       Configure the policy value forr Computer Configuration -> Administrative
                                                 Explorer\InfoDelivery\Restrictions\NoJITSetup does not exist.
                                                             Configure the policy value forr Computer Configuration
                                                 Explorer\InfoDelivery\Restrictions\NoUpdateCheck does not exist. -> Administrative
The value: Software\Policies\Microsoft\Internet Medium
                                                             2003/XP - Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fSingleSessionPerUser doesComputer Configuration -> Adm
                                                 Medium
                                                             Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxInstanceCount does not Configuration -> Administrative
                                                 Medium
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword does not exist.
                                                             Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel does notConfiguration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\PerSessionTempDir does not exist.
                                                             Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DeleteTempDirsOnExit doesConfiguration -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxDisconnectionTime doesConfiguration -> Administrative
                                                 Medium
                                                             Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxIdleTime doesComputer Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fReconnectSame does not exist.
                                                             Configure the policy value does not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fResetBroken forr Computer Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the system to prevent unsolicited remote assistance offers by
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited does not exist.
                                                             Configure the system to prevent
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DoReport does not exist. error forrwarding by setting the policy va
                                                 Medium
                                                             Configure the system to prevent it exist.
The value: Software\Policies\Microsoft\Windows NT\Printers\KMPrintersAreBlocked does not from allowing the installation of kernel
                                                 Medium
                                                 Medium      Configure the system to use Safe Dll Search Mode. (Analyze the system
The value: System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode does not exist.
                                                             Configure the policy value forr exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\DisableAutoupdate does notComputer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value does not exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\PreventCodecDownloadforr User Configuration -> Administrative Tem
                                                 Medium
                                                             Configure the system to disable any services that are not required. RasM
The startup type for the ALG service is incorrect.The startup type for the AppMgmt service is incorrect.The startup type for the (Wind
                                                 Medium
                                                 Medium      Configure the system to meet the minimum requirement forr session sec
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec does not equal 537395248.
                                                             Configure the does not require
The value: Software\Policies\Microsoft\Cryptography\ForceKeyProtectionsystem to exist. a user password forr accessing private k
                                                 Medium
                                                             Configure the system to enforrce software not equal 1.
The value of SOFTWARE\Policies\Microsoft\windows\safer\codeidentifiers\authenticodeenabled doesrestriction policies. (Analyze th
                                                 Medium
                                                             Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic does notConfiguration -> Administrative
                                                 Medium
                                                 Medium      Configure the system to reprocess Group Policy objects that have chang
The value: Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoGPOListChange
                                                             Configure the system to always sign SMB client traffic. not equal 1.
The value of System\CurrentControlSet\Services\LanManWorkstation\Parameters\RequireSecuritySignature does(Analyze the syst
                                                 Medium
                                                             Configure the system so that the SMB Server does is set to always sign
The value of SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignaturepolicy not equal 1.
                                                 Medium
The minimum local password length is set to: 0Medium         Configure all inforrmation systems to require passwords of the minimun l
                                                             Configure all password does not expire.Guest password does the DUM
The following accounts have passwords that do not expire:Administrator inforrmation systems to expire passwords. (Usingnot expire
                                                 Medium
                                                             Configure the system to audit type: Policy Change.Success not audited
Success not audited for event type: Account Management.Success not audited for event categories as outlined in check procedure.f
                                                 Medium
                                                             Configure all DOD
The following accounts do not have the 'Password Required' flag set:Guest inforrmation systems to require passwords to gain acc
                                                   High
Dxmasf.dll is the wrong version.                 Medium      No Manual Fix Procedures (Windows - 
    
Check that the following files are
Mfc40u.dll is the wrong version.                 Medium      No Manual Fix Procedures (Windows - Windows XP (x86) fixed by SP3 (
                                                   High      No Manual Fix the wrong version.win32k.sys is the wrong version.
gdi32.dll is the wrong version.mf3216.dll is the wrong version.user32.dll is Procedures (Windows XP fixed by SP3Windows Vista fix
                                                 is the wrong version. Fix Procedures (Windows XP fixed by SP3Verify that the patc
agentdpv.dll is the wrong version.w03a2409.dll Medium        No Manual
winsrv.dll is the wrong version.                   High      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vis
schannel.dll is the wrong version.
                                                 Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vis
inetcomm.dll is the wrong version.wab32.dll is the wrong version.
192.168.0.9   computer2   V0002374   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003341   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003342   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003343   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003348   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003349   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003374   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003375   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003376   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003379   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003380   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003382   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003383   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003384   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003426   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003427   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003428   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003429   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003431   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003432   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003449   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003450   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003452   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003453   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003454   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003455   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003456   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003457   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003458   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003459   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003460   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003470   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003471   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003478   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003479   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003480   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003481   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003487   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0003666   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0004444   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0004446   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0004447   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0004448   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006832   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006833   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006836   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006840   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006850   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0007002   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0013461   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0013603   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0013883   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0013934   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0013937   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014353   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014354   Windows 2003   Pro104.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
2007-A-0035                           Microsoft has released Security Bulletin MS07-035 addressing one new vulnerability in a Win3
2007-A-0037                           Executive Summary: Microsoft has released a Security Bulletin addressing several vulnerabili
ntdsa.dll is the wrong version.
2007-A-0042                           One new vulnerability has been disclosed that affects Extensible Markup Language (XML) Co
2007-A-0045                           A remote code execution vulnerability has been discovered affecting Vector Markup Language
2007-B-0026                           Microsoft has reported two new vulnerabilities within multiple versions of Windows Media Play
2007-T-0040                           A new vulnerability affecting Windows Remote Procedure Call (RPC) Authentication has been
2007-A-0053                           Microsoft has reported a new vulnerability affecting Uniforrm Resource Identifier (URI) Handlin
HBSS CMA Agent                        None Specified.
2007-A-0056                           Microsoft has reported a new vulnerability affecting Windows Media Format Runtime within W
2008-B-0003                           Microsoft has reported two vulnerabilities in processing ICMP (Internet Control Management P
2008-A-0005                           Microsoft has reported a new vulnerability affecting WebDAV Mini-Redirector within Windows
2008-A-0006                           Microsoft has reported a new vulnerability affecting the Object Linking and Embedding (OLE)
2008-B-0034                           Microsoft has addressed a vulnerability affecting Microsoft Java Script (JScript) and Visual Ba
2008-B-0033                           Microsoft has addressed a remote code execution vulnerability associated with the ActiveX co
2008-B-0035                           A new vulnerability has been reported by Microsoft that affects Windows Domain Name Syste
2008-A-0040                           Microsoft has reported two vulnerabilities in Microsoft DirectX affecting MJPEG File and SAMI
2008-T-0025                           Microsoft has addressed two vulnerabilities affecting the Pragmatic General Multicast (PGM) p
2008-T-0024                           Microsoft has reported a vulnerability in Microsoft Speech API. SAPI is the Microsoft Speech A
2008-A-0044                           Microsoft has reported two vulnerabilities that affect Microsoft Windows 2000, Windows XP, W
2008-A-0060                           Microsoft has reported a vulnerability in the Microsoft Image Color Management (ICM) system
2008-T-0039                           Microsoft has reported multiple vulnerabilities in Microsoft Windows Event System that could a
2008-B-0056                           Microsoft has reported a vulnerability in Outlook Express and Windows Mail. To exploit this vu
2008-B-0075                           Microsoft has addressed remote code execution vulnerability that exists on various Windows s
Srv.sys is the wrong version.
2008-A-0081                           Microsoft has addressed a remote code execution vulnerability in the Server service in this ou
2008-B-0079                           Microsoft has announced a vulnerability in the Server Message Block (SMB) of several Windo
                                      This registry key will prevent the autorun.inf from executing commands.
Disallow AutoPlay/Autorun from Autorun.inf
2008-A-0087                           Microsoft has addressed multiple vulnerabilities affecting Microsoft Internet Explorer. To explo
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
                                      By setting
DTBI001 - The IE home page is not set correctlythis parameter appropriately, a malicious web site will be automatically loaded into a
                                      The incorrec
DTBI004-IE Internet zone parameter is setInternet zone must be set to custom level so the other required settings forr the zone can
                                      This parameter ensures that third party cookies are blocked. Third party cookies come from a
DTBI007-IE third party cookies not set correctly
                                      This correctly
DTBI014-IE SSL/TLS parameter is not set parameter ensures SSL and TLS are able to be used from the browser.
                                      This parameter warns users if the certifcate being presented by the web site is invalid. Since
DTBI015-IE warning of invalid certificates not set
                                       correctly
DTBI016-IE changing zones is not setThis parameter warns the user when changing between zones. This conveys important inforrm
                                      This parameter warns the user that input from the forrm is being redirected to another web site
DTBI017-IE forrm redirect is not set correctly
                                      Since most IE
DTBI021-Users can change advanced settings in of the IE settings can be changed through the GUI, it is important to ensure that us
                                      Active X controls
DTBI022-Download signed Active X controls-Internet can contain potentially malicious code and must only be allowed to be downl
                                       controls-Interne
DTBI023-Download unsigned ActiveXActive X controls can contain potentially malicious code and must only be allowed to be downl
                                      ActiveX
DTBI024-Initialize and script ActiveX controls controls that are not marked safe scripting should not be executed. Although this is n
                                      forr scripting
DTBI026-Script ActiveX marked safe ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                      Download
DTBI030-Font download control - Internet Zone of fonts can sometimes contain malicious code.
                                      Java must have
DTBI031-Java Permissions not set forr Internet Zone level of protections based upon the site being browsed.
                                       domains-Interne
DTBI032-Access data sources acrossAccess to data sources across multiple domains must be controlled based upon the site being
                                      Display mixed content must have level of protection based upon the site being browsed.
DTBI034-Display mixed content - Internet Zone
                                      Drag and Drop
DTBI036-Drag and drop or copy and paste-Internet or copy and paste files must have level of protection based upon the site being
                                       - Internet
DTBI037-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                      Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI038-Launching programs and files in IFRAME-Int
                                       domains-Interne
DTBI039-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
The Service Pack Major Version of 2 is not >= 3.    Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Verify that th
                                                    Medium       wrong version.Corperfmonext.dll that wrong version.Mscoree.dll is the
Aspnet_isapi.dll is the wrong version.Aspnet_wp.exe is the No Manual Fix Procedures (Verifyis thethe patch has been installed by ch
ntdsa.dll is the wrong version.
Msxml3.dll is the wrong version.                    Medium      No Manual Fix Procedures (XML Core Services 3.0 and 6.0 in Windows
vgx.dll is the wrong version.                       Medium      No Manual Fix Procedures (IE 6 on Windows XP (x86) fixed by SP3Wind
wmp.dll is the wrong version.                       Medium      No Manual Fix Procedures (Windows Vista fixed by SP1
   
Download and
rpcrt4.dll is the wrong version.                      High      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Windows Vis
shell32.dll is the wrong version.                   Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
                                                                Deploy the CMA Plugins\EPOAGENT3000 does not accordance with th
The key: SOFTWARE\Network Associates\ePolicy Orchestrator\Application agent as detailed in the CTO and in exist.
                                                    Medium
wmasf.dll is the wrong version.                     Medium      No Manual Fix Procedures (Windows Vista fixed by SP1Download and a
tcpip.sys is the wrong version.                       High      No Manual Fix Procedures (Windows Vista fixed by SP1
   
Download and
mrxdav.sys is the wrong version.                      High      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
oleaut32.dll is the wrong version.                  Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3 (not Visual B
                                                    Medium      No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
Jscript.dll is the wrong version.vbscript.dll is the wrong version.
                                                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
The value: SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22FD7C0A-850C-4A53-9821-0B0915C96139}\Compatib
                                                      wrong
Dnsapi.dll is the wrong version.Dnsrslvr.dll is theHigh version.No Manual Fix Procedures (Windows XP (x86) fixed by SP3Download an
quartz.dll is the wrong version.                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
Rmcast.sys is the wrong version.                      High      No Manual Fix Procedures (Download and apply the appropriate patches
                                                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
The value: SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22FD7C0A-850C-4A53-9821-0B0915C96139}\Compatib
                                                      High      No Manual Fix Procedures (Download and apply the appropriate patches
Afd.sys is the wrong version.Dnsapi.dll is the wrong version.Mswsock.dll is the wrong version.Tcpip.sys is the wrong version.Tcpip6
mscms.dll is the wrong version.                       High      No Manual Fix Procedures (Download and apply the appropriate patches
Es.dll is the wrong version.                          High      No Manual Fix Procedures (Download and apply the appropriate patches
Inetcomm.dll is the wrong version.                  Medium      No Manual Fix Procedures (Download and apply the appropriate patches
                                                      High      No Manual Fix Procedures (Download and apply the appropriate patches
Msw3prt.dll is the wrong version.Win32spl.dll is the wrong version.
Srv.sys is the wrong version.
Netapi32.dll is the wrong version.                    High      No Manual Fix Procedures (Download and apply the appropriate patches
mrxsmb.sys is the wrong version.                    Medium      No Manual Fix Procedures (Download and apply the appropriate patches
                                                      High      Add the registry value as specified in does not exist.
The value: SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\(null) the manual check. (In the Registry
                                                    the wrong No Manual Fix Procedures (Download and apply is the wrong version.Ms
Browseui.dll is the wrong version.Dxtmsft.dll is Medium version.Dxtrans.dll is the wrong version.Mshtml.dll the appropriate patches
                                                    is the wrong version.
Ntkrnlpa.exe is the wrong version.Ntoskrnl.exe Medium           Client Deployment Inforrmation1. Download the client version of this sec
The Service Pack Major Version of 2 is not >= 3.    Medium      Client Deployment Inforrmation1. Download the client version of this sec
lsasrv.dll is the wrong version.                    Medium      Client Deployment Inforrmation1. Download the client version of this sec
win32k.sys is the wrong version.                    Medium      Client Deployment Inforrmation1. Download the client version of this sec
Wins.exe is the wrong version.                      Medium      Client Deployment Inforrmation1. Download the client version of this sec
                                                    is the wrong version.
Ntkrnlpa.exe is the wrong version.Ntoskrnl.exe Medium           Client Deployment Inforrmation1. Download the client version of this sec
Afd.sys is the wrong version.                       Medium      Client Deployment Inforrmation1. Download the client version of this sec
Software\Microsoft\Internet Explorer\Main\StartMedium           not contain the substring about:blank.
                                                     Page does Change StartPage value to about:blank, a trusted site, or a local file. (Pro
                                                    Medium      Change the value of registry HKCU\Software\Microsoft\Windows\Curren
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Currentlevel does not equal 0.
                                                    Medium      Under Settings\PrivacyAdvanced does Privacy Tab and click the Advan
The value of Software\Microsoft\Windows\CurrentVersion\InternetTools/Internet Options, select the not equal 1.The value of Softwar
                                                    Medium      Change registry key HKCU\Software\Microsoft\Windows\CurrentVersion
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols does not exist.
                                                    Medium      Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving does not exist.
                                                    Medium      Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonZoneCrossing does not exist.
                                                    Medium      Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect does not exist.
                                                     Explorer\Control Panel\AdvancedTab does not exist.
The value: Software\Policies\Microsoft\Internet Medium          Change the registry key HKCU\Software\Policies\Microsoft\Internet Explo
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1405 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609 does not exist.
                                                    Medium      If a value forr Settings\Zones\3\1802 not not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet this zone is present anddoesset to 3 change the registry ke
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804 does not exist.
                                                    Medium      Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1607 does not exist.
192.168.0.9   computer2   V0014358   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014473   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014474   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014819   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014825   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0014832   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015305   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015397   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015505   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015588   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015663   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015742   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015744   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015940   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015943   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0015944   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016036   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016038   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016041   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016147   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016737   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016744   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0016745   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0017793   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0017799   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0017870   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0017878   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0017900   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0017909   Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2              Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006228   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006231   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006234   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006238   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006239   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006240   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006241   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006242   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006243   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006244   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006245   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006246   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006248   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006249   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006250   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006251   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006253   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006254   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006255   Windows 2003   Pro104.xml
192.168.0.9   computer2   V0006256   Windows 2003   Pro104.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                      Software Channel permissions must have level of protection based upon the site being access
DTBI040-Software channel permissions - Internet
                                       data - Internet
DTBI041-Submit non-encryped forrm The user needs to be prompted beforre sending inforrmation from a browser that is not encryp
                                      Userdata
DTBI042-Userdata persistence - Internet Zone persistence must have level of protection based upon the site being accessed.
                                      Allow paste operations via script must have level of protection based upon the site being acce
DTBI044-Allow paste operations via script-Internet
                                      Java Applets
DTBI045-Scripting of Java applets - Internet Zone must have level of protection based upon the site being accessed.
                                        Internet Zone
DTBI046-User Authentication-Logon -Care must be taken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI056-Script ActiveX controls marked safe-Local that are not marked safe forr scripting should not be executed. Although this
                                      Java must
DTBI061-Java Permissions not set - Local Zone have level of protection based upon the site being browsed.
                                      Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI065-Dont prompt client certificate - Local zon
                                      Software Zone
DTBI070-Software channel permissions - Localchannel permissions must have level of protection based upon the site being access
                                      The - Local
DTBI074-Allow paste operations via scriptAllow paste operations via script must have level of protection based upon the site being
                                        - Local Zone
DTBI076-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI086-Activex controls marked safe - Trusted Sit that are not marked safe forr scripting should not be executed. Although this
                                      Java must have level of protection based upon the site being browsed.
DTBI091-Java Permissions not set - Trusted Sites
                                      The Software channel permissions must have level of protection based upon the site being ac
DTBI100-Software channel permissions - Trusted Sit
                                      Allow paste operations via script must have level of protection based upon the site being acce
DTBI104-Allow paste operations via script-Trusted
                                        - Trusted be
DTBI106-User Authentication - LogonCare must Sitetaken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI112-Download signed ActiveX - Restricted Sites can contain potentially malicious code and must only be allowed to be downlo
                                        - Restricted Sit
DTBI113-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                      ActiveX controls that are not marked safe forr scripting should not be executed. Although this
DTBI114-Initialize and script ActiveX - Restricted
                                      ActiveX controls
DTBI115-Run ActiveX controls and plugins-Restricte that are not marked safe forr scripting should not be executed. Although this
                                      ActiveX controls
DTBI116-Script ActiveX controls marked safe-Restri that are not marked safe forr scripting should not be executed. Although this
                                      Files Sites
DTBI119-File download control - Restrictedshould not be able to be downloaded from sites that are considered restricted.
                                      Download of
DTBI120-Font download control - Restricted Sites fonts can sometimes contain malicious code. Files should not be downloaded f
                                      The restricted zones is used forr MS Outlook. This zone must be set properly to ensure Outlo
DTBI122-Access data sources - Restricted Sites
                                      Allow META
DTBI123-Allow META REFRESH - Restricted SitesREFRESH must have level of protection based upon the site being browsed.
                                      Mixed Sites
DTBI124-Display mixed content - Restricted content poses a risk when coming from a restricted site.
                                      Drag - Restrict
DTBI126-Drag and drop or copy and paste and Drop of files must have level of protection based upon the site being accessed.
                                        - Restricted
DTBI127-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                      Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI128-Launching programs and files in IFRAME-Res
                                        domain - Restri
DTBI129-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                      Software channel permissions must have level of protection based upon the site being access
DTBI130-Software channel permissions - Restricted
                                        data-Restricted
DTBI131-Submit non-encrypted forrmSubmit non-encrypted forrm data must have level of protection based upon the site being acce
                                      No perseistant data should exist and be used in the Restricted sites zone.
DTBI132-Userdata persistence - Restricted Sites
                                       Sites
DTBI133-Active scripting - Restricted Active Scripting must have level of protection based upon the site being accessed.
                                      The Allow paste
DTBI134-Allow paste operations via scripts-Restric operations via script must have level of protection based upon the site being
                                        - Restricted
DTBI136-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                       set ensures
DTBI160-Hash setting forr SHA is notThis properly that the Hash value forr SHA is enabled.
                                        installed
DTBG010-DoD Root Certificate is notThe DOD root certificate will ensure that the trust chain is established forr server certificated is
                                      This parameter ensures automatic searches are not perforrmed from the address bar. When
DTBI011-IE search parameter is not set correctly.
                                      Java must have level of protection based upon the site being browsed.
DTBI121-Java Permissions not set forr Restricted
                                      This policy setting
DTBI025 - The Download signed ActiveX controls pro allows you to manage whether users may download signed ActiveX controls
Incorrect ACLs forr event logs        Event logs are susceptible to unauthorized, and possibly anonymous, tampering if proper ACL
File Auditing Configuration           Improper modification of the core system files can render a system inoperable. Further, modif
NTFS Requirement                      This is a category 1 finding because the ability to set access permissions and audit critical dire
POSIX subsystem registry              For the system to comply with Security requirements, the POSIX subsystem must be disabled
Restrict Anonymous Network Shares This is a Category 1 finding because it allows anonymous logon users (null session connectio
Bad Logon Attempts                    The account lockout feature, when enabled, prevents brute-forrce password attacks on the sy
Bad Logon Counter Reset               This parameter specifies the amount of time that must pass between two successive login atte
Lockout Duration                      This parameter specifies the amount of time that must pass beforre a locked-out account is au
User Rights Assignments               Inappropriate granting of user and advanced user rights can provide system, administrative, a
Maximum Password Age                  The longer a password is in use, the greater the opportunity forr someone to gain unauthorize
Minimum Password Age                  Permitting passwords to be changed in immediate succession within the same day, allows use
Password Uniqueness                   A system is more vulnerable to unauthorized access when system users recycle the same pas
Disable Guest Account                 A system faces an increased vulnerability threat if the built-in guest account is not disabled. T
Rename Built-in Guest Account         A system faces an increased vulnerability threat if the built-in guest account is not renamed or
                                                 Medium    Procedure: Use the Windows Registry Editor to navigate to the following
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1606 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1407 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1402 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1405 does not equal 1.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1C00 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A04 does not equal 3.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1E05 does not equal 65536.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1407 does not equal 3.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A00 does not equal 65536.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1405 does not equal 1.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1C00 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1E05 does not equal 65536.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1407 does not equal 3.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A00 does not equal 65536.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1604 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1608 does not exist.
                                                 Medium    Procedure: Use the Windows Registry Editor exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609 does notto navigate to the following
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1802 does not equal 3.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1607 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1E05 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1601 does not equal 3.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1606 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1400 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1407 does not exist.
                                                 Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1A00 does not exist.
                                                 Medium    Navigate to the registry key HKLM\SYSTEM\CurrentControlSet\Control\S
The value: SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA\Enabled does not exist.
                                                 Medium    Install the DOD root certificate. (Netscape Procedure: On the Edit menu
The key: SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\10F193F340AC91D6DE5F1EDC006247C4F25D9671 does n
                                                 Medium    Use the Windows Registry Editor to navigate to the following key: HKCU
The value: Software\Microsoft\Internet Explorer\Main\AutoSearch does not exist.
                                                 Medium    Use the Windows Registry Editor to navigate to the following key: HKLM
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1C00 does not exist.
                                                           The policy value forr Computer Configuration -> does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1001 Administrative Template
                                                 Medium
                                                           Set the ACL permissions on the following Event Logs as defined files m
The following files have incorrect permissions: CHK(90000)C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.EvtThe following in theha
                                                 Medium
                                                 Medium    Configure auditing on each partition/drive to audit all "Failures" forr the "E
The following files have incorrect audit settings: CHK(90077)C:\C:\.rndC:\550053309a620cfcecb8530ae726C:\approach.htmlC:\AUT
F:\ filesystem is FAT32 instead of NTFS.           High    Format all partitions/drives to use the NTFS file system. (Open Windows
                                                 Medium    Remove the following Registry value from the Windows Registry:HKLM\S
The value SYSTEM\CurrentControlSet\Control\Session Manager\Subsystems\Posix exists.
                                                           Configure the system to prevent
The value of System\CurrentControlSet\Control\Lsa\RestrictAnonymous does not equal 1. anonymous users from listing account n
                                                   High
Account lockout is not enabled.                  Medium    Configure the system to lock out an account after 3 invalid logon attempt
The local lockout counter resets after 30 minutes.
                                                 Medium    Configure the system to have the lockout counter reset itself after a minim
The local lockout duration is set to: 30 minutes.Medium    Configure the system so that the bad logon lockout duration conforrms to
***DETAILS TOO LONG TO INCLUDE HERE. Medium                 RESULT the system to prevent accounts from having unauthorized Use
                                                   SEE RAW Configure FILE FOR DETAILS.***
                                                           Configure the
The maximum local password age is set to: TIMEQ_FOREVER (infinite). Maximum Password Age so that it is not "0" and doesn't ex
                                                 Medium
The minimum local password age is set to: 0 days.Medium    Configure the Minimum Password Age so that it is a minimum of "1". (An
The local password history length is set to: 0 Medium      Configure the system to remember a minimum of "24" used passwords. (
Guest account is not disabled.                   Medium    Configure the system to disable the built-in Guest Account. (Analyze the
The account Guest has the incorrect name.        Medium    Configure the system to rename the built-in Guest account (Analyze the
192.168.0.9   computer2    V0006257   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006258   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006259   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006260   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006261   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006262   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006266   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006267   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006271   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006274   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006275   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006276   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006280   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006281   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006286   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006287   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006288   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006289   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006290   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006291   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006292   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006293   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006294   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006295   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006297   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006298   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006299   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006301   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006302   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006303   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006304   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006305   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006306   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006307   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006308   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006309   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006311   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006316   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0006318   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0007006   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0007007   Windows 2003   Pro104.xml
192.168.0.9   computer2    V0016879   Windows 2003   Pro104.xml
192.168.0.2   popdesktop   V0001077   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001080   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001081   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001083   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001093   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001097   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001098   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001099   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001103   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001104   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001105   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001107   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001113   Windows XP     Pro105.xml
192.168.0.2   popdesktop   V0001114   Windows XP     Pro105.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                         The
Rename Built-in Administrator Account built-in administrator account is a known account that can be initialized with a blank passw
Event Log Sizes                          Inadequate log size will cause the log to fill up quickly and require frequent clearing by adminis
Password Protected Screen Saver The system should be locked when unattended. Unattended systems are susceptible to unau
Restricted Administrator Group MembershipAn account who does not have administrator duties should not have Administrator rights. Such
System File ACLs                         Failure to properly configure ACL file and directory permissions, allows the possibility of unaut
Dial Up Password Saved                   The default Windows configuration enables the option to save the password used to gain acce
LanMan Authentication Level              The Kerberos v5 authentication protocol is the default forr authentication of users who are logg
Ctrl+Alt+Del Security Attention Sequence Disabling the Ctrl+Alt+Del security attention sequence can compromise system security. Beca
Deny Access from the Network             This is a Category 1 finding because allowing network logins by the built-in guest accounts, wh
Smart Card Removal Option                Determines what should happen when the smart card forr a logged-on user is removed from th
                                         If this policy is enabled, it causes the Windows Server Message Block (SMB) server to perforr
SMB Server Packet Signing (if client agrees)
ACLs forr disabled services              When configuring either the startup mode or access control list forr a service, you must config
File share ACLs                          By default, the Everyone group is given full control to new file shares. When a share is created
                                         This setting is used to control the rules forr remote control of Terminal Services user sessions
Terminal Service - Remote Control Settings
                                         This setting
Remote Assistance - Solicit Remote Assistance controls whether or not solicited remote assistance is allowed from this computer.
Windows Messenger - Do Not Allow To Run  This setting prevents the Windows Messenger client from being run. Instant Messaging client
                                         This setting
Windows Messenger - Do Not Start Automatically prevents the automatic launch of Windows Messenger at user logon. Instant Mes
Strong Session Key                       This setting controls the required strength of a session key.
                                         This
Storage of Credentials or .NET Passports setting controls the storage of authentication credentials or .NET passports on the local s
Sharing and Security Model forr LocalWindows includes two network-sharing security models—Classic and Guest only. With the cla
                                          Accounts
LAN Manager Hash Value Stored            This setting controls whether or not a LAN Manager hash of the password is stored in the SAM
                                         This
Force Logoff When Logon Hours Expire setting controls whether or not users are forrced to log off when their allowed logon hours
                                         Starting with
Session Security forr NTLM SSP Based Clients Windows 2000 Microsoft has implemented a variety of security support providers
FIPS Compliant Algorithms                This setting ensures that the system uses algorithms that are FIPS compliant forr encryption, h
                                          Sharing
NetMeeting Disable Remote Desktop Remote desktop sharing enables several users to interact and control one desktop. This coul
IE - Zones: Use Only Machine Settings    This setting enforrces consistent security zone settings to all users of the computer. Security
                                         This Policies
IE - Zones: Do Not Allow Users to Change setting prevents users from changing the Internet Explorer policies on the machine. Polic
                                         This setting prevents users from adding sites to various security zones. Users should not be a
IE - Zones: Do Not Allow Users to Add/Delete Sites
                                         This setting
IE - Disable Automatic Install of IE Compenents controls the ability of Internet Explorer to automatically install components if it goe
                                         This setting determines whether or not Internet Explorer will periodically check the Microsoft w
IE - Disable Periodic Check forr IE Updates
Terminal Services - Session Limit This setting limits users to one remote session. It is possible, if this setting is disabled, forr us
                                         This setting
Terminal Services - Limit Number of Connections limits the number of simultaneous connections allowed to the terminal server. By
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                         This
Terminal Services - Password Prompting setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This
Terminal Services - Set Encryption Level setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This setting,
Terminal Services - Do Not Use Temp Folders which is located under the Temporary Folders section of the Terminal Services co
                                         This
Terminal Services - Delete Temp Folders setting, which is located under the Temporary Folders section of the Terminal Services co
                                         This setting,
Terminal Services - Time Limit forr Disc. Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Time Limit forr Idle Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Original Client Reconnection which is located under the Sessions section of the Terminal Services configuratio
                                          Time Limit
Terminal Services - Enforrce Session This setting, which is located under the Sessions section of the Terminal Services configuratio
                                         This setting
Remote Assistance - Offer Remote Assistance controls whether unsolicited offers of help to this computer are allowed. The list o
Error Reporting - Report Errors          This setting controls the reporting of errors to Microsoft and, if defined, a corporate error repor
                                         Kernel-mode drivers are drivers that operate in kernel mode. Kernel mode allows virtually unl
Printers - Disallow Installation of Drivers
Safe DLL Search Mode                     The default search behavior, when an application calls a function in a Dynamic Link Library (D
                                         The
Media Player - Disabe Automatic Updates automatic check forr updates perforrm by the Windows Media Player must be disabled to
                                         The
Media Player - Prevent Codec Download Windows Media Player uses software components, referred to as CODECs, to play back
Unnecessary Services                     Unnecessary Services increase the attack surface of a system. Some Services may be run u
                                         Starting with
Session Security forr NTLM SSP based Servers Windows 2000 Microsoft has implemented a variety of security support providers
                                         Allowing
Terminal Services - Secure RPC Connection. unsecure RPC communication exposes the server to man in the middle attacks and
Group Policy - Registry Policy ProcessingEnabling this setting and then selecting the Process even if the Group Policy objects have not
SMB Client Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) client to perforrm
SMB Server Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) server to always
Minimum Password Length                  Inforrmation systems not protected with strong password schemes including passwords of min
Password Expiration                      Passwords that do not expire or are reused increase the exposure of a password with greater
Auditing Configuration                   Maintaining an audit trail of system activity logs can help identify configuration errors, troubles
The account Administrator has the incorrect name. Medium      Configure the system to rename the Administrator account. (Analyze the
                                                              Configure the system to have the required value of Event log sizes. (An
The value of System\CurrentControlSet\Services\EventLog\System\MaxSize is not >= 16777216.The minimumSystem\CurrentContr
                                                  Medium
                                                              Configure The policy values forr User Configuration -> value: Software\P
The value: Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure does not exist.The Administrative Te
                                                  Medium
                                                  Medium      Configure the system to prevent non-administrators from having Adminis
The following users are members of the Administrators group:POPDESKTOP\PopPOPDESKTOP\remote
***DETAILS TOO LONG TO INCLUDE HERE. Medium                   RESULT the Security Option:

                                                   SEE RAW Configure FILE FOR DETAILS.***     Windows 2003 - ―Network access: Let ev
                                                                                              

                                                              Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePasswordthe dial-up networking password from b
                                                  Medium
                                                              Configure the system to 4.
The value of System\CurrentControlSet\Control\Lsa\LMCompatibilityLevel is not >= the required level of LanMan authentication. (An
                                                   High
                                                              Configure this policy.The Remote GPO is not effecting the SAS sequenc
The local registry does not set this policy.The local GPO does not set the system to require the Ctrl+Alt+Del key sequence to log on.
                                                  Medium
                                                              Configure the system to give the right "Deny access to
Required account does not have the Logon Right: Deny access this computer over the network. Account: Guests this computer from
                                                   High
                                                              Configure the system to, at a minimum, lock
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SCRemoveOption is not >= 1. the system if a smart card is
                                                  Medium
                                                  Medium      Configure the system to have the SMB Server sign SMB packets when p
The value of System\CurrentControlSet\Services\LanmanServer\Parameters\EnableSecuritySignature does not equal 1.
                                                              Create a Custom Security Template using the Security Template MMC s
Incorrect ACL for service ClipBook.Incorrect ACL for service Messenger.Incorrect ACL for service Network DDE.Incorrect ACL for S
                                                  Medium
The following shares have incorrect permissions:print$;My Remove permissions from the Everyone group from locally created file s
                                                  Medium      Book;Stacey;My Book (F);
The value: Software\Policies\Microsoft\Windows High           Configure the system to prevent remote control of the computer by settin
                                                    NT\Terminal Services\Shadow does not exist.
The value: Software\Policies\Microsoft\Windows High           Configure the system to disable Remote Assistance by setting the policy
                                                    NT\Terminal Services\fAllowToGetHelp does not exist.
                                                              Configure does not value
The value: Software\Policies\Microsoft\Messenger\Client\PreventRunthe policy exist. forr Computer Configuration -> Administrative
                                                  Medium
                                                              Configure the policy not exist.
The value: Software\Policies\Microsoft\Messenger\Client\PreventAutoRun doesvalue forr Computer Configuration -> Administrative
                                                  Medium
                                                              Configure the system to require the use equal 1.
The value of System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey does notof a strong session key. (Analyz
                                                  Medium
                                                              Configure the system to equal 1.
The value of System\CurrentControlSet\Control\Lsa\DisableDomainCreds does not prevent the storage of credentials and .NET pas
                                                  Medium
                                                              Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\ForceGuest doesthe system 0. use the Classic logon, which requires users to lo
                                                  Medium
                                                              Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\NoLMHash doesthe system1. prevent the LAN Manager hash from being store
                                                   High
                                                              Configure the system logon time expires.
The local user is forced to logoff TIMEQ_FOREVER (infinite) seconds after theirto log off users when their allowed logon hours exp
                                                  Medium
                                                              Configure the system does not equal 537395248.
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSecto meet requirements forr NTLM SSP based client
                                                  Medium
                                                              Configure the does not require
The value of System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicysystem to equal 1.the use of FIPS compliant algorithms. (A
                                                  Medium
                                                              Configure the policy
The value: Software\Policies\Microsoft\Conferencing\NoRDS does not exist. value forr Computer Configuration -> Administrative
                                                  Medium
                                                              Configure the Settings\Security_HKLM_only does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                  Medium
                                                              Configure the Settings\Security_Options_Edit does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                  Medium
                                                              Configure the Settings\Security_Zones_Map_Edit does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                  Medium
The value: Software\Policies\Microsoft\Internet Medium        Configure the policy value forr Computer Configuration -> Administrative
                                                  Explorer\InfoDelivery\Restrictions\NoJITSetup does not exist.
                                                              Configure the policy value forr Computer Configuration
                                                  Explorer\InfoDelivery\Restrictions\NoUpdateCheck does not exist. -> Administrative
The value: Software\Policies\Microsoft\Internet Medium
                                                              2003/XP - Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fSingleSessionPerUser doesComputer Configuration -> Adm
                                                  Medium
                                                              Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxInstanceCount does not Configuration -> Administrative
                                                  Medium
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                                  Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword does not exist.
                                                              Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel does notConfiguration -> Administrative
                                                  Medium
                                                  Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\PerSessionTempDir does not exist.
                                                              Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DeleteTempDirsOnExit doesConfiguration -> Administrative
                                                  Medium
                                                              Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxDisconnectionTime doesConfiguration -> Administrative
                                                  Medium
                                                              Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxIdleTime doesComputer Configuration -> Administrative
                                                  Medium
                                                  Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fReconnectSame does not exist.
                                                              Configure the policy value does not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fResetBroken forr Computer Configuration -> Administrative
                                                  Medium
                                                  Medium      Configure the system to prevent unsolicited remote assistance offers by
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited does not exist.
                                                              Configure the system to prevent
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DoReport does not exist. error forrwarding by setting the policy va
                                                  Medium
                                                              Configure the system to prevent it exist.
The value: Software\Policies\Microsoft\Windows NT\Printers\KMPrintersAreBlocked does not from allowing the installation of kernel
                                                  Medium
                                                  Medium      Configure the system to use Safe Dll Search Mode. (Analyze the system
The value: System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode does not exist.
                                                              Configure the policy value forr exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\DisableAutoupdate does notComputer Configuration -> Administrative
                                                  Medium
                                                              Configure the policy value does not exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\PreventCodecDownloadforr User Configuration -> Administrative Tem
                                                  Medium
                                                              Configure the system to service is incorrect.The startup type for the CiSv
The startup type for the Alerter service is incorrect.The startup type for the Browser disable any services that are not required. (Wind
                                                  Medium
                                                  Medium      Configure the system to meet the minimum requirement forr session sec
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec does not equal 537395248.
                                                              Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic does notConfiguration -> Administrative
                                                  Medium
                                                  Medium      Configure the system to reprocess Group Policy objects that have chang
The value: Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoGPOListChange
                                                              Configure the system to always sign SMB client traffic. not equal 1.
The value of System\CurrentControlSet\Services\LanManWorkstation\Parameters\RequireSecuritySignature does(Analyze the syst
                                                  Medium
                                                              Configure the system so that the SMB Server does is set to always sign
The value of SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignaturepolicy not equal 1.
                                                  Medium
The minimum local password length is set to: 0Medium          Configure all inforrmation systems to require passwords of the minimun l
                                                              Configure all password does not expire.ASPNET password does not exp
The following accounts have passwords that do not expire:Administrator inforrmation systems to expire passwords. (Using the DUM
                                                  Medium
                                                  Medium      Configure the system to audit categories as outlined in check procedure.
Success not audited for event type: Account Logon.Success not audited for event type: Account Management.Success not audited
192.168.0.2   popdesktop   V0001115   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001118   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001122   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001127   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001130   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001139   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001153   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001154   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001155   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001157   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0001162   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0002371   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003245   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003341   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003343   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003348   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003349   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003374   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003376   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003378   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003379   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003380   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003382   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003383   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003426   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003427   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003428   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003429   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003431   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003432   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003449   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003450   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003452   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003453   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003454   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003455   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003456   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003457   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003458   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003459   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003460   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003470   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003471   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003478   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003479   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003480   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003481   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003487   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0003666   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0004447   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0004448   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006832   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006833   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006836   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006840   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006850   Windows XP   Pro105.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Password Requirement                  The lack of password protection enables anyone to gain access to the inforrmation system, wh
                                      This check
Terminal Services - Prevent Password Saving verifies that the system is configured to prevent Users from saving passwords in th
RPC - Unathenticated RPC Clients This check verifies that the system is configured to restrict unauthenticated RPC clients from c
                                      T
RPC - Endpoint Mapper Authenticationhis check verifies that the system is configured to forrce client computers to provide authenti
Publish to Web                        This check verifies that the system is configured to make the options to publish to the web una
Internet Download / Online Ordering This check verifies that the system is configured to prevent Windows from downloading a list o
                                      This check
Windows Messenger Experience Improvement verifies that the system is configured to prevent Windows Messenger from collectin
                                      This
Search Companion Content File Updates check verifies that the system is configured to prevent Search Companion from automatic
Printing Over HTTP                    This check verifies that the system is configured to prevent the client computer‘s ability to prin
HTTP Printer Drivers                  This check verifies that the system is configured to prevent the computer from downloading pr
                                      This
Windows Update Device Drive Searching check verifies that the system is configured to prevent Windows from searching Windows
                                      This Resume
Power Managment - Require Password oncheck verifies that the user is prompted forr a password on resume from hibernate/suspe
                                      This check verifies that file attachments are marked with their zone of origin allowing Windows
Attachment Managaer - Preserve Zone Info
                                      This check verifies that users cannot manually remove zone inforrmation from saved file attac
Attachment Mgr - Hide Mech to Remove Zone Info
Attachment Mgr - Scan with Antivirus This check verifies that antivirus programs are notified when a user opens a file attachment.
HBSS CMA Agent                        None Specified.
Windows Peer to Peer Networking This check verifies Microsoft Peer-to-Peer Networking Service is turned off.
Prohibit Network Bridge               This check verifies the Network Bridge can not be installed and configured.
Prohibit Internet Connection Sharing This check verifies Internet Connection Sharing can not be installed and configured.
Internet File Association Service     This check verifies that unhandled file associations will not use the Microsoft Web service to f
                                      This
Windows Movie Maker Codec Downloads check verifies that the codecs will not be automatically downloaded forr Windows Movie M
Windows Movie Maker Web Links This check verifies that the links to web sites in Windows Movie Maker will not be available.
Windows Movie Maker Online Hosting    This check verifies that movies can not be sent to a video hosting provider on the web.
                                      (IIS) Install
Prevent Internet Inforrmation Service This check verifies IIS is prevented from being installed on the system.
Windows Explorer – Shell Protocol Protected Mode
                                      This check verifies that the shell protocol is run in protected mode. (This allows applications t
Windows Installer – IE Security Prompt check verifies that users are notified if a web-based program attempts to install software.
                                      This
Windows Installer – User Control      This check verifies that users are prevented from changing installation options.
2008-A-0012                           Microsoft has reported a remote code execution vulnerability affecting Microsoft Outlook. To e
2008-A-0029                           Microsoft has addressed a vulnerability affecting Microsoft Office Publisher. To exploit this vu
2008-A-0028                           Microsoft has addressed two vulnerabilities affecting Microsoft Word. To exploit these vulnera
2008-A-0061                           Microsoft has reported three vulnerabilities in Microsoft Office PowerPoint and Microsoft Office
                                       Sharing
XP Firewall Domain – File and PrinterShared files and printers will not be available to other computers when connected to the doma
XP Firewall Domain – ICMP Exceptions Inbound ICMP echo requests will be allowed when connected to the domain.
                                      Only
XP Firewall Domain – Local Port Exceptions
                                      Local port exceptions can not be defined when connected to the domain.
                                       Excepti
XP Firewall Domain – Local ProgramLocal program exceptions can not be defined when connected to the domain.
XP Firewall Domain – Plug and Play Unsolicited Plug and Play messages will be blocked when connected to the domain.
XP Firewall Domain – Unicast Response receipt of unicast responses to outgoing multicast or broadcast messages will be blocked
                                      The
XP Firewall Standard – File and Printer Sharing and printers will not be available to other computers when not connected to the do
                                      Shared files
XP Firewall Standard – ICMP Requests  ICMP requests will be blocked when not connected to the domain.
XP Firewall Standard – Local Port Exceptions exceptions can not be defined when not connected to the domain.
                                      Local port
XP Firewall Standard – Local Program Exceptions exceptions can not be defined when not connected to the domain.
                                      Local program
XP Firewall Standard – Remote Administration
                                      Blocks incoming unsolicited messages related to remote administration when not connected to
XP Firewall Standard – Remote Desktop Blocks Remote Desktop requests when not connected to the domain.
XP Firewall Standard – Plug and PlayBlocks unsolicited Plug and Play messages when not connected to the domain.
XP Firewall Standard – No Exceptions unsolicited incoming messages will be blocked when not connected to the domain.
                                      All
XP Firewall Standard – Unicast Responsereceipt of unicast responses to outgoing multicast or broadcast messages will be blocked
                                      The
XP Firewall Domain – Enable FirewallThis setting enables the Windows Firewall when connected to the domain.The domain profile
XP Firewall Standard – Enable Firewall setting enables the Windows Firewall when not connected to the domain.The standard pr
                                      This
2008-B-0075                           Microsoft has addressed remote code execution vulnerability that exists on various Windows s
                                      This registry key will prevent the autorun.inf from executing commands.
Disallow AutoPlay/Autorun from Autorun.inf
                                       messages
DTAM005-McAfee VirusScan removeThis parameter controls if users can remove virus alerts from the display.
                                      This parameter controls if infected files are deleted.
DTAM007-McAfee VirusScan delete infected file
                                       size parameter
DTAM010-McAfee VirusScan limit logThis parameter controls the log size.
                                      This parameter
DTAM011-McAfee VirusScan log session parameter controls if session settings are being logged.
                                       actions email
DTAM029-McAfee VirusScan allowedThis parameter controls what actions should happen when a virus is detected.
                                      This parameter
DTAM030-McAfee VirusScan action prompt email ensures appropriate actions are prompted forr when a virus is found.
                                                   High      Configure all DOD inforrmation systems to require passwords to gain acc
The following accounts do not have the 'Password Required' flag set:ASPNETGuest
                                                 Medium      Vista - Configure the policy value forr Computer Configuration -> Adminis
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DisablePasswordSaving does not exist.
                                                             Configure the policy does not exist.
The value: Software\Policies\Microsoft\Windows NT\Rpc\RestrictRemoteClientsvalue forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer
The value: Software\Policies\Microsoft\Windows NT\Rpc\EnableAuthEpResolution does not exist. Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPublishingWizard does Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebServices does not Configuration -> Administrative
                                                 Medium
                                                             Configure the policy
The value: Software\Policies\Microsoft\Messenger\Client\CEIP does not exist. value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure tThe policy value forr Computer
The value: Software\Policies\Microsoft\SearchCompanion\DisableContentFileUpdates does not exist. Configuration -> Administrativ
                                                 Medium
                                                             Configure the policy value forr Computer
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableHTTPPrinting does not exist. Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableWebPnPDownload does not exist.
                                                             Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows\DriverSearching\DontSearchWindowsUpdate does Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value forr User Configuration
The value: Software\Policies\Microsoft\Windows\System\Power\PromptPasswordOnResume does not exist. -> Administrative Tem
                                                 Medium
                                                             Configure the policy value forr User Configuration exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\SaveZoneInformation does not -> Administrative Tem
                                                 Medium
                                                 Medium      Configure the policy value forr User Configuration -> Administrative Tem
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\HideZoneInfoOnProperties does not exist.
                                                 Medium      Configure policy value forr User Configuration -> Administrative Templat
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus does not exist.
                                                             Deploy the CMA Plugins\EPOAGENT3000 does not accordance with th
The key: SOFTWARE\Network Associates\ePolicy Orchestrator\Application agent as detailed in the CTO and in exist.
                                                 Medium
                                                             Configure the
The value: Software\Policies\Microsoft\Peernet\Disabled does not exist. policy value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer Configuration
The value: Software\Policies\Microsoft\Windows\Network Connections\NC_AllowNetBridge_NLA does not exist. -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer Configuration
The value: Software\Policies\Microsoft\Windows\Network Connections\NC_ShowSharedAccessUI does not exist. -> Administrative
                                                 Medium
                                                             Configure the policy value forr Computer not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetOpenWith doesConfiguration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\WindowsMovieMaker\CodecDownload does not exist.
                                                             Configure the policy exist.
The value: Software\Policies\Microsoft\WindowsMovieMaker\Webhelp does notvalue forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy not exist.
The value: Software\Policies\Microsoft\WindowsMovieMaker\WebPublish does value forr Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the does value forr
The value: Software\Policies\Microsoft\Windows NT\IIS\PreventIISInstall policynot exist. Computer Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\PreXPSP2ShellProtocolBehavior does not exist.
                                                             Configure the policy value forr
The value: Software\Policies\Microsoft\Windows\Installer\SafeForScripting does not exist.Computer Configuration -> Administrative
                                                 Medium
                                                             Configure the policy value exist.
The value: Software\Policies\Microsoft\Windows\Installer\EnableUserControl does notforr Computer Configuration -> Administrative
                                                 Medium
                                                 the wrong No Manual Fix Procedures (Windows - Download and apply the appropri
Dlgsetp.dll is the wrong version.Envelope.dll is Medium version.Exsec32.dll is the wrong version.Outllib.dll is the wrong version.O
                                                 Medium      No Manual Fix Procedures (Download and apply the appropriate
Mspub.exe is the wrong version.Prtf9.dll is the wrong version.Ptxt9.dll is the wrong version.Pubconv.dll is the wrong version.patches
                                                 is the wrongNo Manual Fix Proceduresthe wrong version.
Winword.exe is the wrong version.Wordcnv.dll Medium           version.Wordconv.exe is (Download and apply the appropriate patches
                                                 the wrong No Manual Fix Procedures wrong version.
Powerpnt.exe is the wrong version.Ppcnv.dll is Medium version.Ppcnvcom.exe is the(Download and apply the appropriate patches
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint\Enabled does not exist.
                                                             Configure the policy value forr Computer Configuration -> does not exist
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings\AllowInboundEchoRequest Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\AllowUserPrefMerge does not exist.
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\AllowUserPrefMerge does not e
                                                             Configure the policy value forr Computer Configuration -> not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework\Enabled does Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\DisableUnicastResponsesToMulticastBroadcast does n
                                                             Configure the policy value forr Computer Configuration -> exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint\Enabled does notAdministrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings\AllowInboundEchoRequest does not exis
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\\AllowUserPrefMerge does not exis
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\\AllowUserPrefMerge does not
                                                             Configure the policy value forr Computer Configuration not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings\\Enabled does-> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop\\Enabled does not exist.
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework\\Enabled does not exist.
                                                             Configure the policy value forr Computer does not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DoNotAllowExceptionsConfiguration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DisableUnicastResponsesToMulticastBroadcast does
                                                             Configure the policy value forr Computer exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall does not Configuration -> Administrative
                                                 Medium
                                                 Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall does not exist.
                                                   High      No Manual Fix Procedures (Download and apply the appropriate patches
Msw3prt.dll is the wrong version.Win32spl.dll is the wrong version.
                                                   High      Add the registry value as specified in does not exist.
The value: SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\(null) the manual check. (In the Registry
                                                 Medium      Change the registry key HKLM\Software\Network does not equal 0.
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\Alert_UsersCanRemoveAssociates\TVD\Share
                                                 Medium      Change the registry key HKLM\Software\Network Associates\TVD\Share
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\Alert_UsersCanDelete does not equal 1.
                                                 Medium      Change the registry key HKLM\Software\Network >= 100.
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\dwMaxLogSizeMB is notAssociates\TVD\Share
                                                 Medium      Change the registry key HKLM\Software\Network Associates\TVD\Share
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\bLogSettings does not equal 1.
                                                 Medium      Change the registry key HKLM\Software\McAfee\VSCore\Email scanner
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ActionOptions\uAction does not equal 2.
                                                 Medium      Change the registry key HKLM\Software\McAfee\VSCore\Email scanner
The value of Software\McAfee\VSCore\Email scanner\Outlook\OnDelivery\ActionOptions\dwPromptButton does not equal 31.
192.168.0.2   popdesktop   V0007002   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014247   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014253   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014254   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014255   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014256   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014257   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014258   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014259   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014260   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014261   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014267   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014268   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014269   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014270   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015505   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015666   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015667   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015669   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015674   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015677   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015678   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015679   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015681   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015683   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015684   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015685   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0015764   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0016014   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0016015   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0016738   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017390   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017391   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017392   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017393   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017397   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017399   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017400   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017401   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017402   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017403   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017404   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017405   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017406   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017407   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017409   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017410   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017411   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017793   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0017900   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006470   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006472   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006475   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006476   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006592   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006593   Windows XP   Pro105.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                        size email
DTAM036-McAfee VirusScan limit logThis parameter deteremines the size of the log file to ensure data is available forr review.
                                       This setting
DTAM037-McAfee VirusScan log content email controls the entries that are stored in the virus scanning log.
                                        MIME encoded
DTAM053-McAfee VirusScan decodeThis file ensures that MIME encoded files are scanned forr viruses.
                                       This parameter controls the secondary action that is perforrmed when a virus is found.
DTAM057-McAfee VirusScan secondary action
                                       This parameter
DTAM060-McAfee VirusScan log file limit parameter determines the minimum size forr the log to ensure enough data is available fo
                                       This parameter
DTAM061-McAfee VirusScan log session settings ensures that session settings are logged.
                                       This setting is required forr the virus software.
DTAM092-McAfee VirusScan onaccess scan blocking
                                       This setting is required forr the virus software.
DTAM093-McAfee VirusScan onaccess scan blocking
                                       This setting
DTAM106-McAfee VirusScan scan inside archive is required forr the virus software.
                                       This setting is required forr the virus software.
DTAM107-McAfee VirusScan scan MIME files parameter
                                       This setting action
DTAM039-McAfee VirusScan unwanted programsis required forr the virus software.
                                        limitation
DTAM134-McAfee VirusScan log sizeThis setting is required forr the virus software.
                                       This Spyware
DTAM135-McAfee VirusScan detection of setting is required forr the virus software.
                                       This Adware
DTAM136-McAfee VirusScan detection of setting is required forr the virus software.
                                       By setting
DTBI001 - The IE home page is not set correctlythis parameter appropriately, a malicious web site will be automatically loaded into a
                                       The incorrec
DTBI004-IE Internet zone parameter is setInternet zone must be set to custom level so the other required settings forr the zone can
                                       This parameter
DTBI006-IE Local zone includes parameter not set controls which sites are by default in the local zone. Since this is the least res
                                       This parameter ensures that third party cookies are blocked. Third party cookies come from a
DTBI007-IE third party cookies not set correctly
                                       disk parameter
DTBI013-IE save encrypted pages to This is not set ensures pages using SSL or TLS are not cached to the local drive. This ensu
                                       This parameter warns users if the certifcate being presented by the web site is invalid. Since
DTBI015-IE warning of invalid certificates not set
                                        correctly
DTBI016-IE changing zones is not setThis parameter warns the user when changing between zones. This conveys important inforrm
                                       This parameter warns the user that input from the forrm is being redirected to another web site
DTBI017-IE forrm redirect is not set correctly
                                       Since most IE
DTBI021-Users can change advanced settings in of the IE settings can be changed through the GUI, it is important to ensure that us
                                       Active X controls
DTBI022-Download signed Active X controls-Internet can contain potentially malicious code and must only be allowed to be downl
                                        controls-Interne
DTBI023-Download unsigned ActiveXActive X controls can contain potentially malicious code and must only be allowed to be downl
                                       ActiveX
DTBI024-Initialize and script ActiveX controls controls that are not marked safe scripting should not be executed. Although this is n
                                       forr scripting
DTBI026-Script ActiveX marked safe ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                       Download
DTBI030-Font download control - Internet Zone of fonts can sometimes contain malicious code.
                                       Java must have
DTBI031-Java Permissions not set forr Internet Zone level of protections based upon the site being browsed.
                                        domains-Interne
DTBI032-Access data sources acrossAccess to data sources across multiple domains must be controlled based upon the site being
                                       Display mixed content must have level of protection based upon the site being browsed.
DTBI034-Display mixed content - Internet Zone
                                       Drag and Drop
DTBI036-Drag and drop or copy and paste-Internet or copy and paste files must have level of protection based upon the site being
                                        - Internet
DTBI037-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI038-Launching programs and files in IFRAME-Int
                                        domains-Interne
DTBI039-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                       Software Channel permissions must have level of protection based upon the site being access
DTBI040-Software channel permissions - Internet
                                       data - Internet
DTBI041-Submit non-encryped forrm The user needs to be prompted beforre sending inforrmation from a browser that is not encryp
                                       Userdata
DTBI042-Userdata persistence - Internet Zone persistence must have level of protection based upon the site being accessed.
                                       Allow paste operations via script must have level of protection based upon the site being acce
DTBI044-Allow paste operations via script-Internet
                                       Java Applets
DTBI045-Scripting of Java applets - Internet Zone must have level of protection based upon the site being accessed.
                                        Internet Zone
DTBI046-User Authentication-Logon -Care must be taken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls
DTBI056-Script ActiveX controls marked safe-Local that are not marked safe forr scripting should not be executed. Although this
                                       Java must
DTBI061-Java Permissions not set - Local Zone have level of protection based upon the site being browsed.
                                       Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI065-Dont prompt client certificate - Local zon
                                       Software Zone
DTBI070-Software channel permissions - Localchannel permissions must have level of protection based upon the site being access
                                       The - Local
DTBI074-Allow paste operations via scriptAllow paste operations via script must have level of protection based upon the site being
                                        - Local Zone
DTBI076-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls can contain potentially malicious code and must only be allowed to be downlo
DTBI082-Download signed ActiveX - Trusted Sites
                                        - Trusted Sites
DTBI083-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                        Trusted Si
DTBI084-Initialize and script Activex -ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                       ActiveX controls
DTBI086-Activex controls marked safe - Trusted Sit that are not marked safe forr scripting should not be executed. Although this
                                       Java must have level of protection based upon the site being browsed.
DTBI091-Java Permissions not set - Trusted Sites
                                        domains-Trusted
DTBI092-Access data sources acrossAccess data sources across domains must have level of protection based upon the site being
                                        - Trusted of
DTBI097-Installation of desktop itemsInstallationSi items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI098-Launching programs and files in IFRAME-Tru
                                       The Software channel permissions must have level of protection based upon the site being ac
DTBI100-Software channel permissions - Trusted Sit
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email Scanner
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions\dwMaxLogSizeMB is not >= 100.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions\dwLogEvent does not equal 304.Scanner
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\ScanMime does not equal
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\uSecAction does not equa
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\uKilobytes is not >= 20480
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\bLogSettings does not equ
                                                Medium     Procedure: Use the Windows Registry Editor >= 30.
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\VSIDBlockTimeout is notto navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to navigate to the
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\VSIDBlockOnNonVirus does not equal 1. following
                                                Medium     Procedure: Use the Windows Registry Editor does not equal 1.
The value of Software\McAfee\VSCore\On access scanner\McShield\Configuration\default\ScanArchivesto navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to not equal 1.
The value of Software\McAfee\VSCore\On access scanner\McShield\Configuration\default\ScanMime doesnavigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to equal 2.
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ActionOptions\uAction does not navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor not >= 64.
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\dwMaxLogSizeMB_Ent isto navigate to the following
                                                Medium     Procedure: Use 1.
The value of software\McAfee\VSCore\NVP\DetectSpyware does not equal the Windows Registry Editor to navigate to the following
                                                Medium      does not equal the
The value of software\McAfee\VSCore\NVP\DetectAdware Procedure: Use1. Windows Registry Editor to navigate to the following
                                                Page does Change StartPage value to about:blank, a trusted site, or a local file. (Pro
Software\Microsoft\Internet Explorer\Main\StartMedium      not contain the substring about:blank.
                                                Medium     Change the value of registry HKCU\Software\Microsoft\Windows\Curren
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Currentlevel does not equal 0.
                                                Medium     Change the value of registry key not <= 67.
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags isHKCU\Software\Microsoft\Windows\Cu
                                                Medium     Under Settings\PrivacyAdvanced does Privacy Tab and click the Advan
The value of Software\Microsoft\Windows\CurrentVersion\InternetTools/Internet Options, select the not equal 1.The value of Softwar
                                                Medium     Change the value of registry key HKCU\Software\Microsoft\Windows\Cu
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages does not equal 1.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonZoneCrossing does not equal 1.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect does not exist.
                                                Explorer\Control Panel\AdvancedTab does not exist.
The value: Software\Policies\Microsoft\Internet Medium     Change the registry key HKCU\Software\Policies\Microsoft\Internet Explo
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1405 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609 does not exist.
                                                Medium     If a value forr Settings\Zones\3\1802 not not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet this zone is present anddoesset to 3 change the registry ke
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1607 does not exist.
                                                Medium     Procedure: Use the Windows Registry Editor to navigate to the following
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1606 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1407 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1402 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1405 does not equal 1.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1C00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A04 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1E05 does not equal 65536.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1407 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A00 does not equal 65536.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1001 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVer
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1004 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1201 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1405 does not equal 1.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1C00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1406 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1800 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1804 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1E05 does not equal 65536.
192.168.0.2   popdesktop   V0006597   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006598   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006612   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006617   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006620   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006621   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014620   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014621   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014628   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014629   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014652   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014661   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014662   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0014663   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006228   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006231   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006233   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006234   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006237   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006239   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006240   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006241   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006242   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006243   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006244   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006245   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006246   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006248   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006249   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006250   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006251   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006253   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006254   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006255   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006256   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006257   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006258   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006259   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006260   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006261   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006262   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006266   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006267   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006271   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006274   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006275   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006276   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006277   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006278   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006279   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006280   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006281   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006282   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006284   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006285   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006286   Windows XP   Pro105.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                      Allow paste operations via script must have level of protection based upon the site being acce
DTBI104-Allow paste operations via script-Trusted
                                        - Trusted be
DTBI106-User Authentication - LogonCare must Sitetaken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI112-Download signed ActiveX - Restricted Sites can contain potentially malicious code and must only be allowed to be downlo
                                        - Restricted Sit
DTBI113-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                      ActiveX controls that are not marked safe forr scripting should not be executed. Although this
DTBI114-Initialize and script ActiveX - Restricted
                                      ActiveX controls
DTBI115-Run ActiveX controls and plugins-Restricte that are not marked safe forr scripting should not be executed. Although this
                                      ActiveX controls
DTBI116-Script ActiveX controls marked safe-Restri that are not marked safe forr scripting should not be executed. Although this
                                      Files Sites
DTBI119-File download control - Restrictedshould not be able to be downloaded from sites that are considered restricted.
                                      Download of
DTBI120-Font download control - Restricted Sites fonts can sometimes contain malicious code. Files should not be downloaded f
                                      The restricted zones is used forr MS Outlook. This zone must be set properly to ensure Outlo
DTBI122-Access data sources - Restricted Sites
                                      Allow META
DTBI123-Allow META REFRESH - Restricted SitesREFRESH must have level of protection based upon the site being browsed.
                                      Mixed Sites
DTBI124-Display mixed content - Restricted content poses a risk when coming from a restricted site.
                                      Drag - Restrict
DTBI126-Drag and drop or copy and paste and Drop of files must have level of protection based upon the site being accessed.
                                        - Restricted
DTBI127-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                      Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI128-Launching programs and files in IFRAME-Res
                                        domain - Restri
DTBI129-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                      Software channel permissions must have level of protection based upon the site being access
DTBI130-Software channel permissions - Restricted
                                        data-Restricted
DTBI131-Submit non-encrypted forrmSubmit non-encrypted forrm data must have level of protection based upon the site being acce
                                      No perseistant data should exist and be used in the Restricted sites zone.
DTBI132-Userdata persistence - Restricted Sites
                                       Sites
DTBI133-Active scripting - Restricted Active Scripting must have level of protection based upon the site being accessed.
                                      The Allow paste
DTBI134-Allow paste operations via scripts-Restric operations via script must have level of protection based upon the site being
                                        - Restricted
DTBI136-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                      This
DTBI150-Microsoft Java VM is installed software is no longer being support and should be removed.
                                       set ensures
DTBI160-Hash setting forr SHA is notThis properly that the Hash value forr SHA is enabled.
                                        installed
DTBG010-DoD Root Certificate is notThe DOD root certificate will ensure that the trust chain is established forr server certificated is
                                      Java must have level of protection based upon the site being browsed.
DTBI121-Java Permissions not set forr Restricted
                                      This policy setting
DTBI025 - The Download signed ActiveX controls pro allows you to manage whether users may download signed ActiveX controls
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
DTOO003                               This could potentially send senstive application data to the vendor and needs to be disabled.
Approved DOD Virus Scan Program This is a Category 1 finding because Virus scan programs are a primary line of defense again
Incorrect ACLs forr event logs        Event logs are susceptible to unauthorized, and possibly anonymous, tampering if proper ACL
File Auditing Configuration           Improper modification of the core system files can render a system inoperable. Further, modif
POSIX subsystem registry              For the system to comply with Security requirements, the POSIX subsystem must be disabled
Restrict Anonymous Network Shares This is a Category 1 finding because it allows anonymous logon users (null session connectio
Bad Logon Attempts                    The account lockout feature, when enabled, prevents brute-forrce password attacks on the sy
Bad Logon Counter Reset               This parameter specifies the amount of time that must pass between two successive login atte
Lockout Duration                      This parameter specifies the amount of time that must pass beforre a locked-out account is au
User Rights Assignments               Inappropriate granting of user and advanced user rights can provide system, administrative, a
Maximum Password Age                  The longer a password is in use, the greater the opportunity forr someone to gain unauthorize
Minimum Password Age                  Permitting passwords to be changed in immediate succession within the same day, allows use
Password Uniqueness                   A system is more vulnerable to unauthorized access when system users recycle the same pas
Rename Built-in Guest Account         A system faces an increased vulnerability threat if the built-in guest account is not renamed or
                                      The
Rename Built-in Administrator Account built-in administrator account is a known account that can be initialized with a blank passw
Event Log Sizes                       Inadequate log size will cause the log to fill up quickly and require frequent clearing by adminis
Password Protected Screen Saver The system should be locked when unattended. Unattended systems are susceptible to unau
                                      An account who does not have administrator duties should not have Administrator rights. Such
Restricted Administrator Group Membership
System File ACLs                      Failure to properly configure ACL file and directory permissions, allows the possibility of unaut
Dial Up Password Saved                The default Windows configuration enables the option to save the password used to gain acce
LanMan Authentication Level           The Kerberos v5 authentication protocol is the default forr authentication of users who are logg
                                      Disabling the Ctrl+Alt+Del security attention sequence can compromise system security. Beca
Ctrl+Alt+Del Security Attention Sequence
Deny Access from the Network          This is a Category 1 finding because allowing network logins by the built-in guest accounts, wh
                                                 Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1407 does not equal 3.
                                                 Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A00 does not equal 65536.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1604 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1608 does not exist.
                                                 Medium     Procedure: Use the Windows Registry Editor exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609 does notto navigate to the following
                                                 Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1802 does not equal 3.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1607 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1E05 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1601 does not equal 3.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1606 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1400 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1407 does not exist.
                                                 Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1A00 does not exist.
JVM MS-VM (Element ID: 187) is present on the system. Delete the file msjava.dll in the %System root%\System32 by going to th
                                                 Medium
                                                 Medium     Navigate to the registry key HKLM\SYSTEM\CurrentControlSet\Control\S
The value: SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA\Enabled does not exist.
                                                 Medium     Install the DOD root certificate. (Netscape Procedure: On the Edit menu
The key: SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\10F193F340AC91D6DE5F1EDC006247C4F25D9671 does n
                                                 Medium     Use the Windows Registry Editor to navigate to the following key: HKLM
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1C00 does not exist.
                                                            The policy value forr Computer Configuration -> does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1001 Administrative Template
                                                 Medium
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                 Medium     For Office XP, navigate does not key
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DW\DWReportee to registryexist.HKCU\Software\Policies\Microsof
                                                    system. Configure the system with supported, DOD approved virus scanning soft
Antivirus (Element ID: 604) is not present on the High
                                                            Set the ACL permissions on the following Event Logs as defined files m
The following files have incorrect permissions: CHK(90000)C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.EvtThe following in theha
                                                 Medium
                                                 Medium     Configure auditing on each partition/drive to audit all "Failures" forr and S
The following files have incorrect audit settings: CHK(90077)C:\C:\AUTOEXEC.BATC:\boot.iniC:\CONFIG.SYSC:\Documents the "E
                                                 Medium     Remove the following Registry value from the Windows Registry:HKLM\S
The value SYSTEM\CurrentControlSet\Control\Session Manager\Subsystems\Posix exists.
                                                            Configure the system to prevent
The value of System\CurrentControlSet\Control\Lsa\RestrictAnonymous does not equal 1. anonymous users from listing account n
                                                    High
Account lockout is not enabled.                  Medium     Configure the system to lock out an account after 3 invalid logon attempt
The local lockout counter resets after 30 minutes.
                                                 Medium     Configure the system to have the lockout counter reset itself after a minim
The local lockout duration is set to: 30 minutes.Medium     Configure the system so that the bad logon lockout duration conforrms to
                                                            Configure the system to prevent have this right. The unauthorized Use
2 accounts have the Logon Right: Allow log on Medium terminal server. No accounts shouldaccounts from havingaccounts that have
                                                  through
                                                            Configure the
The maximum local password age is set to: TIMEQ_FOREVER (infinite). Maximum Password Age so that it is not "0" and doesn't ex
                                                 Medium
The minimum local password age is set to: 0 days.Medium     Configure the Minimum Password Age so that it is a minimum of "1". (An
The local password history length is set to: 0 Medium       Configure the system to remember a minimum of "24" used passwords. (
The account Guest has the incorrect name.        Medium     Configure the system to rename the built-in Guest account (Analyze the
The account Administrator has the incorrect name.Medium     Configure the system to rename the Administrator account. (Analyze the
                                                            Configure the system to have the required value of Event log sizes. (An
The value of System\CurrentControlSet\Services\EventLog\System\MaxSize is not >= 16777216.The minimumSystem\CurrentContr
                                                 Medium
                                                            Configure The policy values forr User Configuration -> value: Software\P
The value: Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure does not exist.The Administrative Te
                                                 Medium
                                                            Configure the system
The following users are members of the Administrators group:PROLIFIC\wbailey to prevent non-administrators from having Adminis
                                                 Medium
***DETAILS TOO LONG TO INCLUDE HERE. Medium                  RESULT the Security Option:

                                                   SEE RAW Configure FILE FOR DETAILS.***    
Windows 2003 - ―Network access: Let ev
                                                            Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePasswordthe dial-up networking password from b
                                                 Medium
                                                            Configure the system to 4.
The value of System\CurrentControlSet\Control\Lsa\LMCompatibilityLevel is not >= the required level of LanMan authentication. (An
                                                    High
                                                            Configure this policy.The Remote GPO is not effecting the SAS sequenc
The local registry does not set this policy.The local GPO does not set the system to require the Ctrl+Alt+Del key sequence to log on.
                                                 Medium
                                                            Configure the system to give the right "Deny access to
Required account does not have the Logon Right: Deny access this computer over the network. Account: Guests this computer from
                                                    High
192.168.0.2   popdesktop   V0006287   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006288   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006289   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006290   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006291   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006292   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006293   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006294   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006295   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006297   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006298   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006299   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006301   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006302   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006303   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006304   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006305   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006306   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006307   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006308   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006309   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006311   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006312   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006316   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006318   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0007007   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0016879   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.2   popdesktop   V0006328   Windows XP   Pro105.xml
192.168.0.7   prolific     V0001074   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001077   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001080   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001083   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001093   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001097   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001098   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001099   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001103   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001104   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001105   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001107   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001114   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001115   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001118   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001122   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001127   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001130   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001139   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001153   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001154   Windows XP   Pro106.xml
192.168.0.7   prolific     V0001155   Windows XP   Pro106.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
Smart Card Removal Option                Determines what should happen when the smart card forr a logged-on user is removed from th
                                         If this policy is enabled, it causes the Windows Server Message Block (SMB) server to perforr
SMB Server Packet Signing (if client agrees)
ACLs forr disabled services              When configuring either the startup mode or access control list forr a service, you must config
Disable Media Autoplay                   Autoplay begins reading from a drive as soon as you insert media in the drive. As a result, the
                                         This setting is used to control the rules forr remote control of Terminal Services user sessions
Terminal Service - Remote Control Settings
                                         This setting
Remote Assistance - Solicit Remote Assistance controls whether or not solicited remote assistance is allowed from this computer.
Windows Messenger - Do Not Allow To Run  This setting prevents the Windows Messenger client from being run. Instant Messaging client
                                         This setting
Windows Messenger - Do Not Start Automatically prevents the automatic launch of Windows Messenger at user logon. Instant Mes
Strong Session Key                       This setting controls the required strength of a session key.
                                         This
Storage of Credentials or .NET Passports setting controls the storage of authentication credentials or .NET passports on the local s
Sharing and Security Model forr LocalWindows includes two network-sharing security models—Classic and Guest only. With the cla
                                          Accounts
LAN Manager Hash Value Stored            This setting controls whether or not a LAN Manager hash of the password is stored in the SAM
                                         This
Force Logoff When Logon Hours Expire setting controls whether or not users are forrced to log off when their allowed logon hours
                                         Starting with
Session Security forr NTLM SSP Based Clients Windows 2000 Microsoft has implemented a variety of security support providers
FIPS Compliant Algorithms                This setting ensures that the system uses algorithms that are FIPS compliant forr encryption, h
                                          Sharing
NetMeeting Disable Remote Desktop Remote desktop sharing enables several users to interact and control one desktop. This coul
IE - Zones: Use Only Machine Settings    This setting enforrces consistent security zone settings to all users of the computer. Security
                                         This Policies
IE - Zones: Do Not Allow Users to Change setting prevents users from changing the Internet Explorer policies on the machine. Polic
                                         This setting prevents users from adding sites to various security zones. Users should not be a
IE - Zones: Do Not Allow Users to Add/Delete Sites
                                         This setting
IE - Disable Automatic Install of IE Compenents controls the ability of Internet Explorer to automatically install components if it goe
                                         This setting determines whether or not Internet Explorer will periodically check the Microsoft w
IE - Disable Periodic Check forr IE Updates
Terminal Services - Session Limit This setting limits users to one remote session. It is possible, if this setting is disabled, forr us
                                         This setting
Terminal Services - Limit Number of Connections limits the number of simultaneous connections allowed to the terminal server. By
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                         This
Terminal Services - Password Prompting setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This
Terminal Services - Set Encryption Level setting, which is located under the Encryption and Security section of the Terminal Servic
                                         This setting,
Terminal Services - Do Not Use Temp Folders which is located under the Temporary Folders section of the Terminal Services co
                                         This
Terminal Services - Delete Temp Folders setting, which is located under the Temporary Folders section of the Terminal Services co
                                         This setting,
Terminal Services - Time Limit forr Disc. Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Time Limit forr Idle Session which is located under the Sessions section of the Terminal Services configuratio
                                         This setting,
Terminal Services - Original Client Reconnection which is located under the Sessions section of the Terminal Services configuratio
                                          Time Limit
Terminal Services - Enforrce Session This setting, which is located under the Sessions section of the Terminal Services configuratio
                                         This setting
Remote Assistance - Offer Remote Assistance controls whether unsolicited offers of help to this computer are allowed. The list o
Error Reporting - Report Errors          This setting controls the reporting of errors to Microsoft and, if defined, a corporate error repor
                                         Kernel-mode drivers are drivers that operate in kernel mode. Kernel mode allows virtually unl
Printers - Disallow Installation of Drivers
Safe DLL Search Mode                     The default search behavior, when an application calls a function in a Dynamic Link Library (D
                                         The
Media Player - Disabe Automatic Updates automatic check forr updates perforrm by the Windows Media Player must be disabled to
                                         The
Media Player - Prevent Codec Download Windows Media Player uses software components, referred to as CODECs, to play back
Unnecessary Services                     Unnecessary Services increase the attack surface of a system. Some Services may be run u
                                         Starting with
Session Security forr NTLM SSP based Servers Windows 2000 Microsoft has implemented a variety of security support providers
                                         Allowing
Terminal Services - Secure RPC Connection. unsecure RPC communication exposes the server to man in the middle attacks and
Group Policy - Registry Policy ProcessingEnabling this setting and then selecting the Process even if the Group Policy objects have not
SMB Client Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) client to perforrm
SMB Server Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) server to always
Minimum Password Length                  Inforrmation systems not protected with strong password schemes including passwords of min
Password Expiration                      Passwords that do not expire or are reused increase the exposure of a password with greater
Auditing Configuration                   Maintaining an audit trail of system activity logs can help identify configuration errors, troubles
Password Requirement                     The lack of password protection enables anyone to gain access to the inforrmation system, wh
                                         This check
Terminal Services - Prevent Password Saving verifies that the system is configured to prevent Users from saving passwords in th
RPC - Unathenticated RPC Clients This check verifies that the system is configured to restrict unauthenticated RPC clients from c
                                         T
RPC - Endpoint Mapper Authenticationhis check verifies that the system is configured to forrce client computers to provide authenti
Publish to Web                           This check verifies that the system is configured to make the options to publish to the web una
Internet Download / Online Ordering This check verifies that the system is configured to prevent Windows from downloading a list o
                                         This check
Windows Messenger Experience Improvement verifies that the system is configured to prevent Windows Messenger from collectin
                                         This
Search Companion Content File Updates check verifies that the system is configured to prevent Search Companion from automatic
Printing Over HTTP                       This check verifies that the system is configured to prevent the client computer‘s ability to prin
                                                            Configure the system to, at a minimum, lock
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SCRemoveOption is not >= 1. the system if a smart card is
                                                Medium
                                                Medium      Configure the system to have the SMB Server sign SMB packets when p
The value of System\CurrentControlSet\Services\LanmanServer\Parameters\EnableSecuritySignature does not equal 1.
                                                            Create a Custom Security service Human Interface Device Access.Inco
                                                for service ClipBook.Incorrect ACL forTemplate using the Security Template MMC S
Incorrect ACL for service Alerter.Incorrect ACL Medium
                                                            Configure the system as specified in the does not exist.
The value: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRunmanual check to prevent remov
                                                  High
The value: Software\Policies\Microsoft\Windows High         Configure the system to prevent remote control of the computer by settin
                                                  NT\Terminal Services\Shadow does not exist.
The value: Software\Policies\Microsoft\Windows High         Configure the system to disable Remote Assistance by setting the policy
                                                  NT\Terminal Services\fAllowToGetHelp does not exist.
                                                            Configure does not value
The value: Software\Policies\Microsoft\Messenger\Client\PreventRunthe policy exist. forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the policy not exist.
The value: Software\Policies\Microsoft\Messenger\Client\PreventAutoRun doesvalue forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the system to require the use equal 1.
The value of System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey does notof a strong session key. (Analyz
                                                Medium
                                                            Configure the system to equal 1.
The value of System\CurrentControlSet\Control\Lsa\DisableDomainCreds does not prevent the storage of credentials and .NET pas
                                                Medium
                                                            Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\ForceGuest doesthe system 0. use the Classic logon, which requires users to lo
                                                Medium
                                                            Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\NoLMHash doesthe system1. prevent the LAN Manager hash from being store
                                                  High
                                                            Configure the system logon time expires.
The local user is forced to logoff TIMEQ_FOREVER (infinite) seconds after theirto log off users when their allowed logon hours exp
                                                Medium
                                                            Configure the system does not equal 537395248.
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSecto meet requirements forr NTLM SSP based client
                                                Medium
                                                            Configure the does not require
The value of System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicysystem to equal 1.the use of FIPS compliant algorithms. (A
                                                Medium
                                                            Configure the policy
The value: Software\Policies\Microsoft\Conferencing\NoRDS does not exist. value forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the Settings\Security_HKLM_only does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the Settings\Security_Options_Edit does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                Medium
                                                            Configure the Settings\Security_Zones_Map_Edit does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                Medium
The value: Software\Policies\Microsoft\Internet Medium      Configure the policy value forr Computer Configuration -> Administrative
                                                Explorer\InfoDelivery\Restrictions\NoJITSetup does not exist.
                                                            Configure the policy value forr Computer Configuration
                                                Explorer\InfoDelivery\Restrictions\NoUpdateCheck does not exist. -> Administrative
The value: Software\Policies\Microsoft\Internet Medium
                                                            2003/XP - Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fSingleSessionPerUser doesComputer Configuration -> Adm
                                                Medium
                                                            Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxInstanceCount does not Configuration -> Administrative
                                                Medium
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword does not exist.
                                                            Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel does notConfiguration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\PerSessionTempDir does not exist.
                                                            Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DeleteTempDirsOnExit doesConfiguration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxDisconnectionTime doesConfiguration -> Administrative
                                                Medium
                                                            Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxIdleTime doesComputer Configuration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fReconnectSame does not exist.
                                                            Configure the policy value does not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fResetBroken forr Computer Configuration -> Administrative
                                                Medium
                                                Medium      Configure the system to prevent unsolicited remote assistance offers by
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited does not exist.
                                                            Configure the system to prevent
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DoReport does not exist. error forrwarding by setting the policy va
                                                Medium
                                                            Configure the system to prevent it exist.
The value: Software\Policies\Microsoft\Windows NT\Printers\KMPrintersAreBlocked does not from allowing the installation of kernel
                                                Medium
                                                Medium      Configure the system to use Safe Dll Search Mode. (Analyze the system
The value: System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode does not exist.
                                                            Configure the policy value forr exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\DisableAutoupdate does notComputer Configuration -> Administrative
                                                Medium
                                                            Configure the policy value does not exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\PreventCodecDownloadforr User Configuration -> Administrative Tem
                                                Medium
                                                            Configure the system to disable any services that are not required. mnm
The startup type for the Browser service is incorrect.The startup type for the CiSvc service is incorrect.The startup type for the (Wind
                                                Medium
                                                Medium      Configure the system to meet the minimum requirement forr session sec
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec does not equal 537395248.
                                                            Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic does notConfiguration -> Administrative
                                                Medium
                                                Medium      Configure the system to reprocess Group Policy objects that have chang
The value: Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoGPOListChange
                                                            Configure the system to always sign SMB client traffic. not equal 1.
The value of System\CurrentControlSet\Services\LanManWorkstation\Parameters\RequireSecuritySignature does(Analyze the syst
                                                Medium
                                                            Configure the system so that the SMB Server does is set to always sign
The value of SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignaturepolicy not equal 1.
                                                Medium
The minimum local password length is set to: 0Medium        Configure all inforrmation systems to require passwords of the minimun l
                                                            Configure all password does not expire.Guest password does the DUM
The following accounts have passwords that do not expire:Administrator inforrmation systems to expire passwords. (Usingnot expire
                                                Medium
                                                Medium      Configure the system to audit categories as outlined in check procedure.
Success not audited for event type: Account Logon.Success not audited for event type: Account Management.Success not audited
                                                            Configure all DOD
The following accounts do not have the 'Password Required' flag set:Guest inforrmation systems to require passwords to gain acc
                                                  High
                                                Medium      Vista - Configure the policy value forr Computer Configuration -> Adminis
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DisablePasswordSaving does not exist.
                                                            Configure the policy does not exist.
The value: Software\Policies\Microsoft\Windows NT\Rpc\RestrictRemoteClientsvalue forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer
The value: Software\Policies\Microsoft\Windows NT\Rpc\EnableAuthEpResolution does not exist. Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPublishingWizard does Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebServices does not Configuration -> Administrative
                                                Medium
                                                            Configure the policy
The value: Software\Policies\Microsoft\Messenger\Client\CEIP does not exist. value forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure tThe policy value forr Computer
The value: Software\Policies\Microsoft\SearchCompanion\DisableContentFileUpdates does not exist. Configuration -> Administrativ
                                                Medium
                                                            Configure the policy value forr Computer
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableHTTPPrinting does not exist. Configuration -> Administrative
                                                Medium
192.168.0.7   prolific   V0001157   Windows XP   Pro106.xml
192.168.0.7   prolific   V0001162   Windows XP   Pro106.xml
192.168.0.7   prolific   V0002371   Windows XP   Pro106.xml
192.168.0.7   prolific   V0002374   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003341   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003343   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003348   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003349   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003374   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003376   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003378   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003379   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003380   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003382   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003383   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003426   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003427   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003428   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003429   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003431   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003432   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003449   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003450   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003452   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003453   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003454   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003455   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003456   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003457   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003458   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003459   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003460   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003470   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003471   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003478   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003479   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003480   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003481   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003487   Windows XP   Pro106.xml
192.168.0.7   prolific   V0003666   Windows XP   Pro106.xml
192.168.0.7   prolific   V0004447   Windows XP   Pro106.xml
192.168.0.7   prolific   V0004448   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006832   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006833   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006836   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006840   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006850   Windows XP   Pro106.xml
192.168.0.7   prolific   V0007002   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014247   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014253   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014254   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014255   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014256   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014257   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014258   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014259   Windows XP   Pro106.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
HTTP Printer Drivers                  This check verifies that the system is configured to prevent the computer from downloading pr
                                      This
Windows Update Device Drive Searching check verifies that the system is configured to prevent Windows from searching Windows
                                      This Resume
Power Managment - Require Password oncheck verifies that the user is prompted forr a password on resume from hibernate/suspe
                                      This check verifies that file attachments are marked with their zone of origin allowing Windows
Attachment Managaer - Preserve Zone Info
                                      This check verifies that users cannot manually remove zone inforrmation from saved file attac
Attachment Mgr - Hide Mech to Remove Zone Info
Attachment Mgr - Scan with Antivirus This check verifies that antivirus programs are notified when a user opens a file attachment.
HBSS CMA Agent                        None Specified.
Windows Peer to Peer Networking This check verifies Microsoft Peer-to-Peer Networking Service is turned off.
Prohibit Network Bridge               This check verifies the Network Bridge can not be installed and configured.
Prohibit Internet Connection Sharing This check verifies Internet Connection Sharing can not be installed and configured.
Internet File Association Service     This check verifies that unhandled file associations will not use the Microsoft Web service to f
                                      This
Windows Movie Maker Codec Downloads check verifies that the codecs will not be automatically downloaded forr Windows Movie M
Windows Movie Maker Web Links This check verifies that the links to web sites in Windows Movie Maker will not be available.
Windows Movie Maker Online Hosting    This check verifies that movies can not be sent to a video hosting provider on the web.
                                      (IIS) Install
Prevent Internet Inforrmation Service This check verifies IIS is prevented from being installed on the system.
Windows Explorer – Shell Protocol Protected Mode
                                      This check verifies that the shell protocol is run in protected mode. (This allows applications t
Windows Installer – IE Security Prompt check verifies that users are notified if a web-based program attempts to install software.
                                      This
Windows Installer – User Control      This check verifies that users are prevented from changing installation options.
2008-A-0040                           Microsoft has reported two vulnerabilities in Microsoft DirectX affecting MJPEG File and SAMI
2008-A-0044                           Microsoft has reported two vulnerabilities that affect Microsoft Windows 2000, Windows XP, W
2008-A-0060                           Microsoft has reported a vulnerability in the Microsoft Image Color Management (ICM) system
2008-T-0039                           Microsoft has reported multiple vulnerabilities in Microsoft Windows Event System that could a
                                       Sharing
XP Firewall Domain – File and PrinterShared files and printers will not be available to other computers when connected to the doma
XP Firewall Domain – ICMP Exceptions Inbound ICMP echo requests will be allowed when connected to the domain.
                                      Only
XP Firewall Domain – Local Port Exceptions
                                      Local port exceptions can not be defined when connected to the domain.
                                       Excepti
XP Firewall Domain – Local ProgramLocal program exceptions can not be defined when connected to the domain.
XP Firewall Domain – Plug and Play Unsolicited Plug and Play messages will be blocked when connected to the domain.
XP Firewall Domain – Unicast Response receipt of unicast responses to outgoing multicast or broadcast messages will be blocked
                                      The
XP Firewall Standard – File and Printer Sharing and printers will not be available to other computers when not connected to the do
                                      Shared files
XP Firewall Standard – ICMP Requests  ICMP requests will be blocked when not connected to the domain.
XP Firewall Standard – Local Port Exceptions exceptions can not be defined when not connected to the domain.
                                      Local port
XP Firewall Standard – Local Program Exceptions exceptions can not be defined when not connected to the domain.
                                      Local program
XP Firewall Standard – Remote Administration
                                      Blocks incoming unsolicited messages related to remote administration when not connected to
XP Firewall Standard – Remote Desktop Blocks Remote Desktop requests when not connected to the domain.
XP Firewall Standard – Plug and PlayBlocks unsolicited Plug and Play messages when not connected to the domain.
XP Firewall Standard – No Exceptions unsolicited incoming messages will be blocked when not connected to the domain.
                                      All
XP Firewall Standard – Unicast Responsereceipt of unicast responses to outgoing multicast or broadcast messages will be blocked
                                      The
XP Firewall Domain – Enable FirewallThis setting enables the Windows Firewall when connected to the domain.The domain profile
XP Firewall Standard – Enable Firewall setting enables the Windows Firewall when not connected to the domain.The standard pr
                                      This
2008-B-0075                           Microsoft has addressed remote code execution vulnerability that exists on various Windows s
                                      This registry key will prevent the autorun.inf from executing commands.
Disallow AutoPlay/Autorun from Autorun.inf
2008-A-0087                           Microsoft has addressed multiple vulnerabilities affecting Microsoft Internet Explorer. To explo
Microsoft Security Bulletin MS06-010 This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is d
                                      By setting
DTBI001 - The IE home page is not set correctlythis parameter appropriately, a malicious web site will be automatically loaded into a
                                      This parameter
DTBI006-IE Local zone includes parameter not set controls which sites are by default in the local zone. Since this is the least res
                                      This parameter ensures that third party cookies are blocked. Third party cookies come from a
DTBI007-IE third party cookies not set correctly
                                      disk parameter
DTBI013-IE save encrypted pages to This is not set ensures pages using SSL or TLS are not cached to the local drive. This ensu
                                      This correctly
DTBI014-IE SSL/TLS parameter is not set parameter ensures SSL and TLS are able to be used from the browser.
                                      This parameter warns users if the certifcate being presented by the web site is invalid. Since
DTBI015-IE warning of invalid certificates not set
                                       correctly
DTBI016-IE changing zones is not setThis parameter warns the user when changing between zones. This conveys important inforrm
                                      This parameter warns the user that input from the forrm is being redirected to another web site
DTBI017-IE forrm redirect is not set correctly
                                      Since most IE
DTBI021-Users can change advanced settings in of the IE settings can be changed through the GUI, it is important to ensure that us
                                      Active X controls
DTBI022-Download signed Active X controls-Internet can contain potentially malicious code and must only be allowed to be downl
                                       controls-Interne
DTBI023-Download unsigned ActiveXActive X controls can contain potentially malicious code and must only be allowed to be downl
                                      ActiveX
DTBI024-Initialize and script ActiveX controls controls that are not marked safe scripting should not be executed. Although this is n
                                      forr scripting
DTBI026-Script ActiveX marked safe ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableWebPnPDownload does not exist.
                                                           Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows\DriverSearching\DontSearchWindowsUpdate does Configuration -> Administrative
                                                Medium
                                                           Configure the policy value forr User Configuration
The value: Software\Policies\Microsoft\Windows\System\Power\PromptPasswordOnResume does not exist. -> Administrative Tem
                                                Medium
                                                           Configure the policy value forr User Configuration exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\SaveZoneInformation does not -> Administrative Tem
                                                Medium
                                                Medium     Configure the policy value forr User Configuration -> Administrative Tem
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\HideZoneInfoOnProperties does not exist.
                                                Medium     Configure policy value forr User Configuration -> Administrative Templat
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus does not exist.
                                                           Deploy the CMA Plugins\EPOAGENT3000 does not accordance with th
The key: SOFTWARE\Network Associates\ePolicy Orchestrator\Application agent as detailed in the CTO and in exist.
                                                Medium
                                                           Configure the
The value: Software\Policies\Microsoft\Peernet\Disabled does not exist. policy value forr Computer Configuration -> Administrative
                                                Medium
                                                           Configure the policy value forr Computer Configuration
The value: Software\Policies\Microsoft\Windows\Network Connections\NC_AllowNetBridge_NLA does not exist. -> Administrative
                                                Medium
                                                           Configure the policy value forr Computer Configuration
The value: Software\Policies\Microsoft\Windows\Network Connections\NC_ShowSharedAccessUI does not exist. -> Administrative
                                                Medium
                                                           Configure the policy value forr Computer not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetOpenWith doesConfiguration -> Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\WindowsMovieMaker\CodecDownload does not exist.
                                                           Configure the policy exist.
The value: Software\Policies\Microsoft\WindowsMovieMaker\Webhelp does notvalue forr Computer Configuration -> Administrative
                                                Medium
                                                           Configure the policy not exist.
The value: Software\Policies\Microsoft\WindowsMovieMaker\WebPublish does value forr Computer Configuration -> Administrative
                                                Medium
                                                           Configure the does value forr
The value: Software\Policies\Microsoft\Windows NT\IIS\PreventIISInstall policynot exist. Computer Configuration -> Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\PreXPSP2ShellProtocolBehavior does not exist.
                                                           Configure the policy value forr
The value: Software\Policies\Microsoft\Windows\Installer\SafeForScripting does not exist.Computer Configuration -> Administrative
                                                Medium
                                                           Configure the policy value exist.
The value: Software\Policies\Microsoft\Windows\Installer\EnableUserControl does notforr Computer Configuration -> Administrative
                                                Medium
quartz.dll is the wrong version.                Medium     No Manual Fix Procedures (Download and apply the appropriate patches
                                                  High     No Manual Fix Procedures (Download and apply the appropriate patches
Afd.sys is the wrong version.Dnsapi.dll is the wrong version.Mswsock.dll is the wrong version.Tcpip.sys is the wrong version.Tcpip6
mscms.dll is the wrong version.                   High     No Manual Fix Procedures (Download and apply the appropriate patches
Es.dll is the wrong version.                      High     No Manual Fix Procedures (Download and apply the appropriate patches
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint\Enabled does not exist.
                                                           Configure the policy value forr Computer Configuration -> does not exist
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings\AllowInboundEchoRequest Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\AllowUserPrefMerge does not exist.
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\AllowUserPrefMerge does not e
                                                           Configure the policy value forr Computer Configuration -> not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework\Enabled does Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\DisableUnicastResponsesToMulticastBroadcast does n
                                                           Configure the policy value forr Computer Configuration -> exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint\Enabled does notAdministrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings\AllowInboundEchoRequest does not exis
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\\AllowUserPrefMerge does not exis
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\\AllowUserPrefMerge does not
                                                           Configure the policy value forr Computer Configuration not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings\\Enabled does-> Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop\\Enabled does not exist.
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework\\Enabled does not exist.
                                                           Configure the policy value forr Computer does not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DoNotAllowExceptionsConfiguration -> Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DisableUnicastResponsesToMulticastBroadcast does
                                                           Configure the policy value forr Computer exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall does not Configuration -> Administrative
                                                Medium
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall does not exist.
                                                  High     No Manual Fix Procedures (Download and apply the appropriate patches
Msw3prt.dll is the wrong version.Win32spl.dll is the wrong version.
                                                  High     Add the registry value as specified in does not exist.
The value: SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\(null) the manual check. (In the Registry
                                                Medium     No Manual Fix Procedures (Download
Shdocvw.dll is the wrong version.Urlmon.dll is the wrong version.Wininet.dll is the wrong version. and apply the appropriate patches
Afd.sys is the wrong version.                   Medium     Client Deployment Inforrmation1. Download the client version of this sec
                                                 Page does Change StartPage value to about:blank, a trusted site, or a local file. (Pro
Software\Microsoft\Internet Explorer\Main\StartMedium       not contain the substring about:blank.
                                                Medium     Change the value of registry key not <= 67.
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags isHKCU\Software\Microsoft\Windows\Cu
                                                Medium     Under Settings\PrivacyAdvanced does Privacy Tab and click the Advan
The value of Software\Microsoft\Windows\CurrentVersion\InternetTools/Internet Options, select the not equal 1.The value of Softwar
                                                Medium     Change the value of registry key HKCU\Software\Microsoft\Windows\Cu
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages does not exist.
                                                Medium     Change registry key HKCU\Software\Microsoft\Windows\CurrentVersion
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonZoneCrossing does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect does not exist.
                                                Explorer\Control Panel\AdvancedTab does not exist.
The value: Software\Policies\Microsoft\Internet Medium     Change the registry key HKCU\Software\Policies\Microsoft\Internet Explo
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1405 does not exist.
192.168.0.7   prolific   V0014260   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014261   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014267   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014268   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014269   Windows XP   Pro106.xml
192.168.0.7   prolific   V0014270   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015505   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015666   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015667   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015669   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015674   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015677   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015678   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015679   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015681   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015683   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015684   Windows XP   Pro106.xml
192.168.0.7   prolific   V0015685   Windows XP   Pro106.xml
192.168.0.7   prolific   V0016036   Windows XP   Pro106.xml
192.168.0.7   prolific   V0016147   Windows XP   Pro106.xml
192.168.0.7   prolific   V0016737   Windows XP   Pro106.xml
192.168.0.7   prolific   V0016744   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017390   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017391   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017392   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017393   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017397   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017399   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017400   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017401   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017402   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017403   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017404   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017405   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017406   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017407   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017409   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017410   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017411   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017793   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017900   Windows XP   Pro106.xml
192.168.0.7   prolific   V0017909   Windows XP   Pro106.xml
192.168.0.7   prolific              Windows XP   Pro106.xml
192.168.0.7   prolific   V0006228   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006233   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006234   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006237   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006238   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006239   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006240   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006241   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006242   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006243   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006244   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006245   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006246   Windows XP   Pro106.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                       Download
DTBI030-Font download control - Internet Zone of fonts can sometimes contain malicious code.
                                       Java must have
DTBI031-Java Permissions not set forr Internet Zone level of protections based upon the site being browsed.
                                        domains-Interne
DTBI032-Access data sources acrossAccess to data sources across multiple domains must be controlled based upon the site being
                                       Display mixed content must have level of protection based upon the site being browsed.
DTBI034-Display mixed content - Internet Zone
                                       Drag and Drop
DTBI036-Drag and drop or copy and paste-Internet or copy and paste files must have level of protection based upon the site being
                                        - Internet
DTBI037-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI038-Launching programs and files in IFRAME-Int
                                        domains-Interne
DTBI039-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                       Software Channel permissions must have level of protection based upon the site being access
DTBI040-Software channel permissions - Internet
                                       data - Internet
DTBI041-Submit non-encryped forrm The user needs to be prompted beforre sending inforrmation from a browser that is not encryp
                                       Userdata
DTBI042-Userdata persistence - Internet Zone persistence must have level of protection based upon the site being accessed.
                                       Allow paste operations via script must have level of protection based upon the site being acce
DTBI044-Allow paste operations via script-Internet
                                       Java Applets
DTBI045-Scripting of Java applets - Internet Zone must have level of protection based upon the site being accessed.
                                        Internet Zone
DTBI046-User Authentication-Logon -Care must be taken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls
DTBI056-Script ActiveX controls marked safe-Local that are not marked safe forr scripting should not be executed. Although this
                                       Java must
DTBI061-Java Permissions not set - Local Zone have level of protection based upon the site being browsed.
                                       Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI065-Dont prompt client certificate - Local zon
                                       Software Zone
DTBI070-Software channel permissions - Localchannel permissions must have level of protection based upon the site being access
                                       The - Local
DTBI074-Allow paste operations via scriptAllow paste operations via script must have level of protection based upon the site being
                                        - Local Zone
DTBI076-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls can contain potentially malicious code and must only be allowed to be downlo
DTBI082-Download signed ActiveX - Trusted Sites
                                        - Trusted Sites
DTBI083-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                        Trusted Si
DTBI084-Initialize and script Activex -ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                       ActiveX controls
DTBI086-Activex controls marked safe - Trusted Sit that are not marked safe forr scripting should not be executed. Although this
                                       Java must have level of protection based upon the site being browsed.
DTBI091-Java Permissions not set - Trusted Sites
                                        domains-Trusted
DTBI092-Access data sources acrossAccess data sources across domains must have level of protection based upon the site being
                                       Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI095-Dont prompt client certificates - Trusted
                                        - Trusted of
DTBI097-Installation of desktop itemsInstallationSi items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI098-Launching programs and files in IFRAME-Tru
                                       The Software channel permissions must have level of protection based upon the site being ac
DTBI100-Software channel permissions - Trusted Sit
                                       Allow paste operations via script must have level of protection based upon the site being acce
DTBI104-Allow paste operations via script-Trusted
                                        - Trusted be
DTBI106-User Authentication - LogonCare must Sitetaken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls
DTBI112-Download signed ActiveX - Restricted Sites can contain potentially malicious code and must only be allowed to be downlo
                                        - Restricted Sit
DTBI113-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                       ActiveX controls that are not marked safe forr scripting should not be executed. Although this
DTBI114-Initialize and script ActiveX - Restricted
                                       ActiveX controls
DTBI115-Run ActiveX controls and plugins-Restricte that are not marked safe forr scripting should not be executed. Although this
                                       ActiveX controls
DTBI116-Script ActiveX controls marked safe-Restri that are not marked safe forr scripting should not be executed. Although this
                                       Files Sites
DTBI119-File download control - Restrictedshould not be able to be downloaded from sites that are considered restricted.
                                       Download of
DTBI120-Font download control - Restricted Sites fonts can sometimes contain malicious code. Files should not be downloaded f
                                       The restricted zones is used forr MS Outlook. This zone must be set properly to ensure Outlo
DTBI122-Access data sources - Restricted Sites
                                       Allow META
DTBI123-Allow META REFRESH - Restricted SitesREFRESH must have level of protection based upon the site being browsed.
                                       Mixed Sites
DTBI124-Display mixed content - Restricted content poses a risk when coming from a restricted site.
                                       Drag - Restrict
DTBI126-Drag and drop or copy and paste and Drop of files must have level of protection based upon the site being accessed.
                                        - Restricted
DTBI127-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI128-Launching programs and files in IFRAME-Res
                                        domain - Restri
DTBI129-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                       Software channel permissions must have level of protection based upon the site being access
DTBI130-Software channel permissions - Restricted
                                        data-Restricted
DTBI131-Submit non-encrypted forrmSubmit non-encrypted forrm data must have level of protection based upon the site being acce
                                       No perseistant data should exist and be used in the Restricted sites zone.
DTBI132-Userdata persistence - Restricted Sites
                                       Sites
DTBI133-Active scripting - Restricted Active Scripting must have level of protection based upon the site being accessed.
                                       The Allow paste
DTBI134-Allow paste operations via scripts-Restric operations via script must have level of protection based upon the site being
                                        - Restricted
DTBI136-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                        set ensures
DTBI160-Hash setting forr SHA is notThis properly that the Hash value forr SHA is enabled.
                                        installed
DTBG010-DoD Root Certificate is notThe DOD root certificate will ensure that the trust chain is established forr server certificated is
                                       This parameter ensures automatic searches are not perforrmed from the address bar. When
DTBI011-IE search parameter is not set correctly.
                                       Java must have level of protection based upon the site being browsed.
DTBI121-Java Permissions not set forr Restricted
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609 does not exist.
                                               Medium    If a value forr Settings\Zones\3\1802 not not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet this zone is present anddoesset to 3 change the registry ke
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1607 does not exist.
                                               Medium    Procedure: Use the Windows Registry Editor to navigate to the following
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1606 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1407 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1402 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00 does not exist.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1405 does not equal 1.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1C00 does not exist.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A04 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1E05 does not equal 65536.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1407 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A00 does not equal 65536.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1001 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVer
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1004 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1201 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1405 does not equal 1.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1C00 does not exist.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1406 does not equal 3.
                                               Medium    Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A04 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1800 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1804 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1E05 does not equal 65536.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1407 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A00 does not equal 65536.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1604 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1608 does not exist.
                                               Medium    Procedure: Use the Windows Registry Editor exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609 does notto navigate to the following
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1802 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1607 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1E05 does not exist.
                                               Medium    Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1601 does not equal 3.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1606 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1400 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1407 does not exist.
                                               Medium    Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1A00 does not exist.
                                               Medium    Navigate to the registry key HKLM\SYSTEM\CurrentControlSet\Control\S
The value: SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA\Enabled does not exist.
                                               Medium    Install the DOD root certificate. (Netscape Procedure: On the Edit menu
The key: SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\10F193F340AC91D6DE5F1EDC006247C4F25D9671 does n
                                               Medium    Use the Windows Registry Editor to navigate to the following key: HKCU
The value: Software\Microsoft\Internet Explorer\Main\AutoSearch does not exist.
                                               Medium    Use the Windows Registry Editor to navigate to the following key: HKLM
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1C00 does not exist.
192.168.0.7   prolific   V0006248   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006249   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006250   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006251   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006253   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006254   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006255   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006256   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006257   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006258   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006259   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006260   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006261   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006262   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006266   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006267   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006271   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006274   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006275   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006276   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006277   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006278   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006279   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006280   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006281   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006282   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006283   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006284   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006285   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006286   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006287   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006288   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006289   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006290   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006291   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006292   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006293   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006294   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006295   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006297   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006298   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006299   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006301   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006302   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006303   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006304   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006305   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006306   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006307   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006308   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006309   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006311   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006316   Windows XP   Pro106.xml
192.168.0.7   prolific   V0006318   Windows XP   Pro106.xml
192.168.0.7   prolific   V0007006   Windows XP   Pro106.xml
192.168.0.7   prolific   V0007007   Windows XP   Pro106.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                       This policy setting
DTBI025 - The Download signed ActiveX controls pro allows you to manage whether users may download signed ActiveX controls
Incorrect ACLs forr event logs         Event logs are susceptible to unauthorized, and possibly anonymous, tampering if proper ACL
File Auditing Configuration            Improper modification of the core system files can render a system inoperable. Further, modif
POSIX subsystem registry               For the system to comply with Security requirements, the POSIX subsystem must be disabled
Restrict Anonymous Network Shares This is a Category 1 finding because it allows anonymous logon users (null session connectio
Bad Logon Attempts                     The account lockout feature, when enabled, prevents brute-forrce password attacks on the sy
Bad Logon Counter Reset                This parameter specifies the amount of time that must pass between two successive login atte
Lockout Duration                       This parameter specifies the amount of time that must pass beforre a locked-out account is au
User Rights Assignments                Inappropriate granting of user and advanced user rights can provide system, administrative, a
Maximum Password Age                   The longer a password is in use, the greater the opportunity forr someone to gain unauthorize
Minimum Password Age                   Permitting passwords to be changed in immediate succession within the same day, allows use
Password Uniqueness                    A system is more vulnerable to unauthorized access when system users recycle the same pas
Rename Built-in Guest Account          A system faces an increased vulnerability threat if the built-in guest account is not renamed or
                                       The
Rename Built-in Administrator Account built-in administrator account is a known account that can be initialized with a blank passw
Event Log Sizes                        Inadequate log size will cause the log to fill up quickly and require frequent clearing by adminis
Password Protected Screen Saver The system should be locked when unattended. Unattended systems are susceptible to unau
                                       An account who does not have administrator duties should not have Administrator rights. Such
Restricted Administrator Group Membership
System File ACLs                       Failure to properly configure ACL file and directory permissions, allows the possibility of unaut
Dial Up Password Saved                 The default Windows configuration enables the option to save the password used to gain acce
LanMan Authentication Level            The Kerberos v5 authentication protocol is the default forr authentication of users who are logg
                                       Disabling the Ctrl+Alt+Del security attention sequence can compromise system security. Beca
Ctrl+Alt+Del Security Attention Sequence
Deny Access from the Network           This is a Category 1 finding because allowing network logins by the built-in guest accounts, wh
Smart Card Removal Option              Determines what should happen when the smart card forr a logged-on user is removed from th
                                       If this policy is enabled, it causes the Windows Server Message Block (SMB) server to perforr
SMB Server Packet Signing (if client agrees)
ACLs forr disabled services            When configuring either the startup mode or access control list forr a service, you must config
Disable Media Autoplay                 Autoplay begins reading from a drive as soon as you insert media in the drive. As a result, the
                                       This setting is used to control the rules forr remote control of Terminal Services user sessions
Terminal Service - Remote Control Settings
                                       This setting
Remote Assistance - Solicit Remote Assistance controls whether or not solicited remote assistance is allowed from this computer.
Windows Messenger - Do Not Allow To RunThis setting prevents the Windows Messenger client from being run. Instant Messaging client
                                       This setting
Windows Messenger - Do Not Start Automatically prevents the automatic launch of Windows Messenger at user logon. Instant Mes
Strong Session Key                     This setting controls the required strength of a session key.
                                       This
Storage of Credentials or .NET Passports setting controls the storage of authentication credentials or .NET passports on the local s
Sharing and Security Model forr LocalWindows includes two network-sharing security models—Classic and Guest only. With the cla
                                        Accounts
LAN Manager Hash Value Stored          This setting controls whether or not a LAN Manager hash of the password is stored in the SAM
                                       This
Force Logoff When Logon Hours Expire setting controls whether or not users are forrced to log off when their allowed logon hours
                                       Starting with
Session Security forr NTLM SSP Based Clients Windows 2000 Microsoft has implemented a variety of security support providers
FIPS Compliant Algorithms              This setting ensures that the system uses algorithms that are FIPS compliant forr encryption, h
                                        Sharing
NetMeeting Disable Remote Desktop Remote desktop sharing enables several users to interact and control one desktop. This coul
IE - Zones: Use Only Machine Settings  This setting enforrces consistent security zone settings to all users of the computer. Security
                                       This Policies
IE - Zones: Do Not Allow Users to Change setting prevents users from changing the Internet Explorer policies on the machine. Polic
                                       This setting prevents users from adding sites to various security zones. Users should not be a
IE - Zones: Do Not Allow Users to Add/Delete Sites
                                       This setting
IE - Disable Automatic Install of IE Compenents controls the ability of Internet Explorer to automatically install components if it goe
                                       This setting determines whether or not Internet Explorer will periodically check the Microsoft w
IE - Disable Periodic Check forr IE Updates
Terminal Services - Session Limit This setting limits users to one remote session. It is possible, if this setting is disabled, forr us
                                       This setting
Terminal Services - Limit Number of Connections limits the number of simultaneous connections allowed to the terminal server. By
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                       This
Terminal Services - Password Prompting setting, which is located under the Encryption and Security section of the Terminal Servic
                                       This
Terminal Services - Set Encryption Level setting, which is located under the Encryption and Security section of the Terminal Servic
                                       This setting,
Terminal Services - Do Not Use Temp Folders which is located under the Temporary Folders section of the Terminal Services co
                                       This
Terminal Services - Delete Temp Folders setting, which is located under the Temporary Folders section of the Terminal Services co
                                       This setting,
Terminal Services - Time Limit forr Disc. Session which is located under the Sessions section of the Terminal Services configuratio
                                       This setting,
Terminal Services - Time Limit forr Idle Session which is located under the Sessions section of the Terminal Services configuratio
                                       This setting,
Terminal Services - Original Client Reconnection which is located under the Sessions section of the Terminal Services configuratio
                                        Time Limit
Terminal Services - Enforrce Session This setting, which is located under the Sessions section of the Terminal Services configuratio
                                       This setting
Remote Assistance - Offer Remote Assistance controls whether unsolicited offers of help to this computer are allowed. The list o
Error Reporting - Report Errors        This setting controls the reporting of errors to Microsoft and, if defined, a corporate error repor
                                                              The policy value forr Computer Configuration -> does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1001 Administrative Template
                                                 Medium
                                                              Set the ACL permissions on the following Event Logs as defined files m
The following files have incorrect permissions: CHK(90000)C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.EvtThe following in theha
                                                 Medium
                                                 Medium       Configure auditing on each partition/drive to audit all "Failures" forr and S
The following files have incorrect audit settings: CHK(90077)C:\C:\AUTOEXEC.BATC:\boot.iniC:\CONFIG.SYSC:\Documents the "E
                                                 Medium       Remove the following Registry value from the Windows Registry:HKLM\S
The value SYSTEM\CurrentControlSet\Control\Session Manager\Subsystems\Posix exists.
                                                              Configure the system to prevent
The value of System\CurrentControlSet\Control\Lsa\RestrictAnonymous does not equal 1. anonymous users from listing account n
                                                    High
Account lockout is not enabled.                  Medium       Configure the system to lock out an account after 3 invalid logon attempt
The local lockout counter resets after 30 minutes.
                                                 Medium       Configure the system to have the lockout counter reset itself after a minim
The local lockout duration is set to: 30 minutes.Medium       Configure the system so that the bad logon lockout duration conforrms to
                                                              Configure the system to prevent have this right. The unauthorized Use
2 accounts have the Logon Right: Allow log on Medium terminal server. No accounts shouldaccounts from havingaccounts that have
                                                  through
                                                              Configure the
The maximum local password age is set to: TIMEQ_FOREVER (infinite). Maximum Password Age so that it is not "0" and doesn't ex
                                                 Medium
The minimum local password age is set to: 0 days.Medium       Configure the Minimum Password Age so that it is a minimum of "1". (An
The local password history length is set to: 0 Medium         Configure the system to remember a minimum of "24" used passwords. (
The account Guest has the incorrect name.        Medium       Configure the system to rename the built-in Guest account (Analyze the
The account Administrator has the incorrect name.Medium       Configure the system to rename the Administrator account. (Analyze the
                                                              Configure the system to have the required value of Event log sizes. (An
The value of System\CurrentControlSet\Services\EventLog\System\MaxSize is not >= 16777216.The minimumSystem\CurrentContr
                                                 Medium
                                                              Configure The policy values forr User Configuration -> value: Software\P
The value: Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure does not exist.The Administrative Te
                                                 Medium
                                                 Medium       Configure the system to prevent non-administrators from having Adminis
The following users are members of the Administrators group:XPVM1\Pop
***DETAILS TOO LONG TO INCLUDE HERE. Medium                   RESULT the Security Option:

                                                   SEE RAW Configure FILE FOR DETAILS.***     Windows 2003 - ―Network access: Let ev
                                                                                              

                                                              Configure the system to prevent does not exist.
The value: System\CurrentControlSet\Services\Rasman\Parameters\DisableSavePasswordthe dial-up networking password from b
                                                 Medium
                                                              Configure the system to 4.
The value of System\CurrentControlSet\Control\Lsa\LMCompatibilityLevel is not >= the required level of LanMan authentication. (An
                                                    High
                                                              Configure this policy.The Remote GPO is not effecting the SAS sequenc
The local registry does not set this policy.The local GPO does not set the system to require the Ctrl+Alt+Del key sequence to log on.
                                                 Medium
                                                              Configure the system to give the right "Deny access to
Required account does not have the Logon Right: Deny access this computer over the network. Account: Guests this computer from
                                                    High
                                                              Configure the system to, at a minimum, lock
The value of Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SCRemoveOption is not >= 1. the system if a smart card is
                                                 Medium
                                                 Medium       Configure the system to have the SMB Server sign SMB packets when p
The value of System\CurrentControlSet\Services\LanmanServer\Parameters\EnableSecuritySignature does not equal 1.
                                                              Create a Custom Security service Human Interface Device Access.Inco
                                                  for service ClipBook.Incorrect ACL forTemplate using the Security Template MMC S
Incorrect ACL for service Alerter.Incorrect ACL Medium
                                                              Configure the system as specified in the does not exist.
The value: SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRunmanual check to prevent remov
                                                    High
The value: Software\Policies\Microsoft\Windows High           Configure the system to prevent remote control of the computer by settin
                                                    NT\Terminal Services\Shadow does not exist.
The value: Software\Policies\Microsoft\Windows High           Configure the system to disable Remote Assistance by setting the policy
                                                    NT\Terminal Services\fAllowToGetHelp does not exist.
                                                              Configure does not value
The value: Software\Policies\Microsoft\Messenger\Client\PreventRunthe policy exist. forr Computer Configuration -> Administrative
                                                 Medium
                                                              Configure the policy not exist.
The value: Software\Policies\Microsoft\Messenger\Client\PreventAutoRun doesvalue forr Computer Configuration -> Administrative
                                                 Medium
                                                              Configure the system to require the use equal 1.
The value of System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKey does notof a strong session key. (Analyz
                                                 Medium
                                                              Configure the system to equal 1.
The value of System\CurrentControlSet\Control\Lsa\DisableDomainCreds does not prevent the storage of credentials and .NET pas
                                                 Medium
                                                              Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\ForceGuest doesthe system 0. use the Classic logon, which requires users to lo
                                                 Medium
                                                              Configure not equal to
The value of System\CurrentControlSet\Control\Lsa\NoLMHash doesthe system1. prevent the LAN Manager hash from being store
                                                    High
                                                              Configure the system logon time expires.
The local user is forced to logoff TIMEQ_FOREVER (infinite) seconds after theirto log off users when their allowed logon hours exp
                                                 Medium
                                                              Configure the system does not equal 537395248.
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSecto meet requirements forr NTLM SSP based client
                                                 Medium
                                                              Configure the does not require
The value of System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicysystem to equal 1.the use of FIPS compliant algorithms. (A
                                                 Medium
                                                              Configure the policy
The value: Software\Policies\Microsoft\Conferencing\NoRDS does not exist. value forr Computer Configuration -> Administrative
                                                 Medium
                                                              Configure the Settings\Security_HKLM_only does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                 Medium
                                                              Configure the Settings\Security_Options_Edit does not -> Administrative
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration exist.
                                                 Medium
                                                              Configure the Settings\Security_Zones_Map_Edit does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet policy value forr Computer Configuration -> Administrative
                                                 Medium
The value: Software\Policies\Microsoft\Internet Medium        Configure the policy value forr Computer Configuration -> Administrative
                                                  Explorer\InfoDelivery\Restrictions\NoJITSetup does not exist.
                                                              Configure the policy value forr Computer Configuration
                                                  Explorer\InfoDelivery\Restrictions\NoUpdateCheck does not exist. -> Administrative
The value: Software\Policies\Microsoft\Internet Medium
                                                              2003/XP - Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fSingleSessionPerUser doesComputer Configuration -> Adm
                                                 Medium
                                                              Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxInstanceCount does not Configuration -> Administrative
                                                 Medium
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fWritableTSCCPermTab does not exist.
                                                 Medium       Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword does not exist.
                                                              Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel does notConfiguration -> Administrative
                                                 Medium
                                                 Medium       Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\PerSessionTempDir does not exist.
                                                              Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DeleteTempDirsOnExit doesConfiguration -> Administrative
                                                 Medium
                                                              Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxDisconnectionTime doesConfiguration -> Administrative
                                                 Medium
                                                              Configure the policy value forr not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\MaxIdleTime doesComputer Configuration -> Administrative
                                                 Medium
                                                 Medium       Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fReconnectSame does not exist.
                                                              Configure the policy value does not exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fResetBroken forr Computer Configuration -> Administrative
                                                 Medium
                                                 Medium       Configure the system to prevent unsolicited remote assistance offers by
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited does not exist.
                                                              Configure the system to prevent
The value: Software\Policies\Microsoft\PCHealth\ErrorReporting\DoReport does not exist. error forrwarding by setting the policy va
                                                 Medium
192.168.0.7   prolific   V0016879   Windows XP   Pro106.xml
192.168.0.3   xpvm1      V0001077   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001080   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001083   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001093   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001097   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001098   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001099   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001103   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001104   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001105   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001107   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001114   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001115   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001118   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001122   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001127   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001130   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001139   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001153   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001154   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001155   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001157   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0001162   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0002371   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0002374   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003341   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003343   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003348   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003349   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003374   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003376   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003378   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003379   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003380   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003382   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003383   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003426   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003427   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003428   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003429   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003431   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003432   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003449   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003450   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003452   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003453   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003454   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003455   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003456   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003457   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003458   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003459   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003460   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003470   Windows XP   Pro107.xml
192.168.0.3   xpvm1      V0003471   Windows XP   Pro107.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                         Kernel-mode drivers are drivers that operate in kernel mode. Kernel mode allows virtually unl
Printers - Disallow Installation of Drivers
Safe DLL Search Mode                     The default search behavior, when an application calls a function in a Dynamic Link Library (D
                                         The
Media Player - Disabe Automatic Updates automatic check forr updates perforrm by the Windows Media Player must be disabled to
                                         The
Media Player - Prevent Codec Download Windows Media Player uses software components, referred to as CODECs, to play back
Unnecessary Services                     Unnecessary Services increase the attack surface of a system. Some Services may be run u
                                         Starting with
Session Security forr NTLM SSP based Servers Windows 2000 Microsoft has implemented a variety of security support providers
                                         Allowing
Terminal Services - Secure RPC Connection. unsecure RPC communication exposes the server to man in the middle attacks and
Group Policy - Registry Policy ProcessingEnabling this setting and then selecting the Process even if the Group Policy objects have not
SMB Client Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) client to perforrm
SMB Server Packet Signing (Always) If this policy is enabled, it causes the Windows Server Message Block (SMB) server to always
Minimum Password Length                  Inforrmation systems not protected with strong password schemes including passwords of min
Password Expiration                      Passwords that do not expire or are reused increase the exposure of a password with greater
Auditing Configuration                   Maintaining an audit trail of system activity logs can help identify configuration errors, troubles
Password Requirement                     The lack of password protection enables anyone to gain access to the inforrmation system, wh
                                         This check
Terminal Services - Prevent Password Saving verifies that the system is configured to prevent Users from saving passwords in th
RPC - Unathenticated RPC Clients This check verifies that the system is configured to restrict unauthenticated RPC clients from c
                                         T
RPC - Endpoint Mapper Authenticationhis check verifies that the system is configured to forrce client computers to provide authenti
Publish to Web                           This check verifies that the system is configured to make the options to publish to the web una
Internet Download / Online Ordering This check verifies that the system is configured to prevent Windows from downloading a list o
                                         This check
Windows Messenger Experience Improvement verifies that the system is configured to prevent Windows Messenger from collectin
                                         This
Search Companion Content File Updates check verifies that the system is configured to prevent Search Companion from automatic
Printing Over HTTP                       This check verifies that the system is configured to prevent the client computer‘s ability to prin
HTTP Printer Drivers                     This check verifies that the system is configured to prevent the computer from downloading pr
                                         This
Windows Update Device Drive Searching check verifies that the system is configured to prevent Windows from searching Windows
                                         This Resume
Power Managment - Require Password oncheck verifies that the user is prompted forr a password on resume from hibernate/suspe
Attachment Managaer - Preserve Zone Info This check verifies that file attachments are marked with their zone of origin allowing Windows
                                         This check verifies that users cannot manually remove zone inforrmation from saved file attac
Attachment Mgr - Hide Mech to Remove Zone Info
Attachment Mgr - Scan with Antivirus This check verifies that antivirus programs are notified when a user opens a file attachment.
HBSS CMA Agent                           None Specified.
Windows Peer to Peer Networking This check verifies Microsoft Peer-to-Peer Networking Service is turned off.
Prohibit Network Bridge                  This check verifies the Network Bridge can not be installed and configured.
Prohibit Internet Connection Sharing This check verifies Internet Connection Sharing can not be installed and configured.
Internet File Association Service        This check verifies that unhandled file associations will not use the Microsoft Web service to f
                                         This
Windows Movie Maker Codec Downloads check verifies that the codecs will not be automatically downloaded forr Windows Movie M
Windows Movie Maker Web Links This check verifies that the links to web sites in Windows Movie Maker will not be available.
Windows Movie Maker Online Hosting       This check verifies that movies can not be sent to a video hosting provider on the web.
                                         (IIS) Install
Prevent Internet Inforrmation Service This check verifies IIS is prevented from being installed on the system.
Windows Explorer – Shell Protocol Protected Mode
                                         This check verifies that the shell protocol is run in protected mode. (This allows applications t
Windows Installer – IE Security Prompt check verifies that users are notified if a web-based program attempts to install software.
                                         This
Windows Installer – User Control         This check verifies that users are prevented from changing installation options.
                                          Sharing
XP Firewall Domain – File and PrinterShared files and printers will not be available to other computers when connected to the doma
XP Firewall Domain – ICMP Exceptions Inbound ICMP echo requests will be allowed when connected to the domain.
                                         Only
XP Firewall Domain – Local Port Exceptions
                                         Local port exceptions can not be defined when connected to the domain.
                                          Excepti
XP Firewall Domain – Local ProgramLocal program exceptions can not be defined when connected to the domain.
XP Firewall Domain – Plug and Play Unsolicited Plug and Play messages will be blocked when connected to the domain.
XP Firewall Domain – Unicast Response receipt of unicast responses to outgoing multicast or broadcast messages will be blocked
                                         The
XP Firewall Standard – File and Printer Sharing and printers will not be available to other computers when not connected to the do
                                         Shared files
XP Firewall Standard – ICMP Requests     ICMP requests will be blocked when not connected to the domain.
XP Firewall Standard – Local Port Exceptions exceptions can not be defined when not connected to the domain.
                                         Local port
XP Firewall Standard – Local Program Exceptions exceptions can not be defined when not connected to the domain.
                                         Local program
XP Firewall Standard – Remote Administration
                                         Blocks incoming unsolicited messages related to remote administration when not connected to
XP Firewall Standard – Remote Desktop    Blocks Remote Desktop requests when not connected to the domain.
XP Firewall Standard – Plug and PlayBlocks unsolicited Plug and Play messages when not connected to the domain.
XP Firewall Standard – No Exceptions unsolicited incoming messages will be blocked when not connected to the domain.
                                         All
XP Firewall Standard – Unicast Responsereceipt of unicast responses to outgoing multicast or broadcast messages will be blocked
                                         The
XP Firewall Domain – Enable FirewallThis setting enables the Windows Firewall when connected to the domain.The domain profile
                                                            Configure the system to prevent it exist.
The value: Software\Policies\Microsoft\Windows NT\Printers\KMPrintersAreBlocked does not from allowing the installation of kernel
                                                Medium
                                                Medium      Configure the system to use Safe Dll Search Mode. (Analyze the system
The value: System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode does not exist.
                                                            Configure the policy value forr exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\DisableAutoupdate does notComputer Configuration -> Administrative
                                                Medium
                                                            Configure the policy value does not exist.
The value: Software\Policies\Microsoft\WindowsMediaPlayer\PreventCodecDownloadforr User Configuration -> Administrative Tem
                                                Medium
                                                            Configure the system to disable any services that are not required. mnm
The startup type for the Browser service is incorrect.The startup type for the CiSvc service is incorrect.The startup type for the (Wind
                                                Medium
                                                Medium      Configure the system to meet the minimum requirement forr session sec
The value of System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec does not equal 537395248.
                                                            Configure the policy value forr Computer exist.
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\fEncryptRPCTraffic does notConfiguration -> Administrative
                                                Medium
                                                Medium      Configure the system to reprocess Group Policy objects that have chang
The value: Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\NoGPOListChange
                                                            Configure the system to always sign SMB client traffic. not equal 1.
The value of System\CurrentControlSet\Services\LanManWorkstation\Parameters\RequireSecuritySignature does(Analyze the syst
                                                Medium
                                                            Configure the system so that the SMB Server does is set to always sign
The value of SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignaturepolicy not equal 1.
                                                Medium
The minimum local password length is set to: 0Medium        Configure all inforrmation systems to require passwords of the minimun l
                                                            Configure all password does not expire.Guest password does the DUM
The following accounts have passwords that do not expire:Administrator inforrmation systems to expire passwords. (Usingnot expire
                                                Medium
                                                Medium      Configure the system to audit categories as outlined in check procedure.
Success not audited for event type: Account Logon.Success not audited for event type: Account Management.Success not audited
                                                            Configure all DOD
The following accounts do not have the 'Password Required' flag set:Guest inforrmation systems to require passwords to gain acc
                                                  High
                                                Medium      Vista - Configure the policy value forr Computer Configuration -> Adminis
The value: Software\Policies\Microsoft\Windows NT\Terminal Services\DisablePasswordSaving does not exist.
                                                            Configure the policy does not exist.
The value: Software\Policies\Microsoft\Windows NT\Rpc\RestrictRemoteClientsvalue forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer
The value: Software\Policies\Microsoft\Windows NT\Rpc\EnableAuthEpResolution does not exist. Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPublishingWizard does Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebServices does not Configuration -> Administrative
                                                Medium
                                                            Configure the policy
The value: Software\Policies\Microsoft\Messenger\Client\CEIP does not exist. value forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure tThe policy value forr Computer
The value: Software\Policies\Microsoft\SearchCompanion\DisableContentFileUpdates does not exist. Configuration -> Administrativ
                                                Medium
                                                            Configure the policy value forr Computer
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableHTTPPrinting does not exist. Configuration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\Windows NT\Printers\DisableWebPnPDownload does not exist.
                                                            Configure the policy value forr Computer not exist.
The value: Software\Policies\Microsoft\Windows\DriverSearching\DontSearchWindowsUpdate does Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr User Configuration
The value: Software\Policies\Microsoft\Windows\System\Power\PromptPasswordOnResume does not exist. -> Administrative Tem
                                                Medium
                                                            Configure the policy value forr User Configuration exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\SaveZoneInformation does not -> Administrative Tem
                                                Medium
                                                Medium      Configure the policy value forr User Configuration -> Administrative Tem
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\HideZoneInfoOnProperties does not exist.
                                                Medium      Configure policy value forr User Configuration -> Administrative Templat
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ScanWithAntiVirus does not exist.
                                                            Deploy the CMA Plugins\EPOAGENT3000 does not accordance with th
The key: SOFTWARE\Network Associates\ePolicy Orchestrator\Application agent as detailed in the CTO and in exist.
                                                Medium
                                                            Configure the
The value: Software\Policies\Microsoft\Peernet\Disabled does not exist. policy value forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer Configuration
The value: Software\Policies\Microsoft\Windows\Network Connections\NC_AllowNetBridge_NLA does not exist. -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer Configuration
The value: Software\Policies\Microsoft\Windows\Network Connections\NC_ShowSharedAccessUI does not exist. -> Administrative
                                                Medium
                                                            Configure the policy value forr Computer not exist.
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetOpenWith doesConfiguration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Policies\Microsoft\WindowsMovieMaker\CodecDownload does not exist.
                                                            Configure the policy exist.
The value: Software\Policies\Microsoft\WindowsMovieMaker\Webhelp does notvalue forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the policy not exist.
The value: Software\Policies\Microsoft\WindowsMovieMaker\WebPublish does value forr Computer Configuration -> Administrative
                                                Medium
                                                            Configure the does value forr
The value: Software\Policies\Microsoft\Windows NT\IIS\PreventIISInstall policynot exist. Computer Configuration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\PreXPSP2ShellProtocolBehavior does not exist.
                                                            Configure the policy value forr
The value: Software\Policies\Microsoft\Windows\Installer\SafeForScripting does not exist.Computer Configuration -> Administrative
                                                Medium
                                                            Configure the policy value exist.
The value: Software\Policies\Microsoft\Windows\Installer\EnableUserControl does notforr Computer Configuration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint\Enabled does not exist.
                                                            Configure the policy value forr Computer Configuration -> does not exist
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings\AllowInboundEchoRequest Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\AllowUserPrefMerge does not exist.
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\AllowUserPrefMerge does not e
                                                            Configure the policy value forr Computer Configuration -> not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework\Enabled does Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\DisableUnicastResponsesToMulticastBroadcast does n
                                                            Configure the policy value forr Computer Configuration -> exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint\Enabled does notAdministrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings\AllowInboundEchoRequest does not exis
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\\AllowUserPrefMerge does not exis
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\\AllowUserPrefMerge does not
                                                            Configure the policy value forr Computer Configuration not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings\\Enabled does-> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop\\Enabled does not exist.
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework\\Enabled does not exist.
                                                            Configure the policy value forr Computer does not exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DoNotAllowExceptionsConfiguration -> Administrative
                                                Medium
                                                Medium      Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\\DisableUnicastResponsesToMulticastBroadcast does
                                                            Configure the policy value forr Computer exist.
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall does not Configuration -> Administrative
                                                Medium
192.168.0.3   xpvm1   V0003478   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0003479   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0003480   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0003481   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0003487   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0003666   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0004447   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0004448   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006832   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006833   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006836   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006840   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006850   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0007002   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014247   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014253   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014254   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014255   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014256   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014257   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014258   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014259   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014260   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014261   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014267   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014268   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014269   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014270   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015505   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015666   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015667   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015669   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015674   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015677   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015678   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015679   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015681   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015683   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015684   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0015685   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017390   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017391   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017392   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017393   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017397   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017399   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017400   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017401   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017402   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017403   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017404   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017405   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017406   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017407   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017409   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017410   Windows XP   Pro107.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
XP Firewall Standard – Enable Firewall setting enables the Windows Firewall when not connected to the domain.The standard pr
                                      This
2008-B-0075                           Microsoft has addressed remote code execution vulnerability that exists on various Windows s
                                      This registry key will prevent the autorun.inf from executing commands.
Disallow AutoPlay/Autorun from Autorun.inf
                                       messages
DTAM005-McAfee VirusScan removeThis parameter controls if users can remove virus alerts from the display.
                                      This parameter controls if infected files are deleted.
DTAM007-McAfee VirusScan delete infected file
                                       size parameter
DTAM010-McAfee VirusScan limit logThis parameter controls the log size.
                                      This parameter
DTAM011-McAfee VirusScan log session parameter controls if session settings are being logged.
                                       actions email
DTAM029-McAfee VirusScan allowedThis parameter controls what actions should happen when a virus is detected.
                                      This parameter
DTAM030-McAfee VirusScan action prompt email ensures appropriate actions are prompted forr when a virus is found.
                                       size email
DTAM036-McAfee VirusScan limit logThis parameter deteremines the size of the log file to ensure data is available forr review.
                                      This setting
DTAM037-McAfee VirusScan log content email controls the entries that are stored in the virus scanning log.
                                       MIME encoded
DTAM053-McAfee VirusScan decodeThis file ensures that MIME encoded files are scanned forr viruses.
                                      This parameter controls the secondary action that is perforrmed when a virus is found.
DTAM057-McAfee VirusScan secondary action
                                      This parameter
DTAM060-McAfee VirusScan log file limit parameter determines the minimum size forr the log to ensure enough data is available fo
                                      This parameter
DTAM061-McAfee VirusScan log session settings ensures that session settings are logged.
                                      This
DTAM070-McAfee VirusScan schedule parameter ensures that the virus scan is scheduled to be executed.
                                      This setting is required forr the virus software.
DTAM092-McAfee VirusScan onaccess scan blocking
                                      This setting is required forr the virus software.
DTAM093-McAfee VirusScan onaccess scan blocking
                                      This setting
DTAM106-McAfee VirusScan scan inside archive is required forr the virus software.
                                      This setting is required forr the virus software.
DTAM107-McAfee VirusScan scan MIME files parameter
                                      This setting action
DTAM039-McAfee VirusScan unwanted programsis required forr the virus software.
                                       limitation
DTAM134-McAfee VirusScan log sizeThis setting is required forr the virus software.
                                      This Spyware
DTAM135-McAfee VirusScan detection of setting is required forr the virus software.
                                      This Adware
DTAM136-McAfee VirusScan detection of setting is required forr the virus software.
                                      By setting
DTBI001 - The IE home page is not set correctlythis parameter appropriately, a malicious web site will be automatically loaded into a
                                      This parameter
DTBI006-IE Local zone includes parameter not set controls which sites are by default in the local zone. Since this is the least res
                                      This parameter ensures that third party cookies are blocked. Third party cookies come from a
DTBI007-IE third party cookies not set correctly
                                      disk parameter
DTBI013-IE save encrypted pages to This is not set ensures pages using SSL or TLS are not cached to the local drive. This ensu
                                      This correctly
DTBI014-IE SSL/TLS parameter is not set parameter ensures SSL and TLS are able to be used from the browser.
                                      This parameter warns users if the certifcate being presented by the web site is invalid. Since
DTBI015-IE warning of invalid certificates not set
                                       correctly
DTBI016-IE changing zones is not setThis parameter warns the user when changing between zones. This conveys important inforrm
                                      This parameter warns the user that input from the forrm is being redirected to another web site
DTBI017-IE forrm redirect is not set correctly
                                      Since most IE
DTBI021-Users can change advanced settings in of the IE settings can be changed through the GUI, it is important to ensure that us
                                      Active X controls
DTBI022-Download signed Active X controls-Internet can contain potentially malicious code and must only be allowed to be downl
                                       controls-Interne
DTBI023-Download unsigned ActiveXActive X controls can contain potentially malicious code and must only be allowed to be downl
                                      ActiveX
DTBI024-Initialize and script ActiveX controls controls that are not marked safe scripting should not be executed. Although this is n
                                      forr scripting
DTBI026-Script ActiveX marked safe ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                      Download
DTBI030-Font download control - Internet Zone of fonts can sometimes contain malicious code.
                                      Java must have
DTBI031-Java Permissions not set forr Internet Zone level of protections based upon the site being browsed.
                                       domains-Interne
DTBI032-Access data sources acrossAccess to data sources across multiple domains must be controlled based upon the site being
                                      Display mixed content must have level of protection based upon the site being browsed.
DTBI034-Display mixed content - Internet Zone
                                      Drag and Drop
DTBI036-Drag and drop or copy and paste-Internet or copy and paste files must have level of protection based upon the site being
                                       - Internet
DTBI037-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                      Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI038-Launching programs and files in IFRAME-Int
                                       domains-Interne
DTBI039-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                      Software Channel permissions must have level of protection based upon the site being access
DTBI040-Software channel permissions - Internet
                                      data - Internet
DTBI041-Submit non-encryped forrm The user needs to be prompted beforre sending inforrmation from a browser that is not encryp
                                      Userdata
DTBI042-Userdata persistence - Internet Zone persistence must have level of protection based upon the site being accessed.
                                      Allow paste operations via script must have level of protection based upon the site being acce
DTBI044-Allow paste operations via script-Internet
                                      Java Applets
DTBI045-Scripting of Java applets - Internet Zone must have level of protection based upon the site being accessed.
                                       Internet Zone
DTBI046-User Authentication-Logon -Care must be taken with user credentials and how automatic logons are perforrmed and how d
                                      ActiveX controls
DTBI056-Script ActiveX controls marked safe-Local that are not marked safe forr scripting should not be executed. Although this
                                      Java must
DTBI061-Java Permissions not set - Local Zone have level of protection based upon the site being browsed.
                                      Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI065-Dont prompt client certificate - Local zon
                                      Software Zone
DTBI070-Software channel permissions - Localchannel permissions must have level of protection based upon the site being access
                                      The - Local
DTBI074-Allow paste operations via scriptAllow paste operations via script must have level of protection based upon the site being
                                                Medium     Configure the policy value forr Computer Configuration -> Administrative
The value: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\EnableFirewall does not exist.
                                                  High     No Manual Fix Procedures (Download and apply the appropriate patches
Msw3prt.dll is the wrong version.Win32spl.dll is the wrong version.
                                                  High     Add the registry value as specified in does not exist.
The value: SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\(null) the manual check. (In the Registry
                                                Medium     Change the registry key HKLM\Software\Network does not equal 0.
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\Alert_UsersCanRemoveAssociates\TVD\Share
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\Share
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\Alert_UsersCanDelete does not equal 1.
                                                Medium     Change the registry key HKLM\Software\Network >= 100.
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\dwMaxLogSizeMB is notAssociates\TVD\Share
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\Share
The value of Software\McAfee\VSCore\On Access Scanner\McShield\Configuration\bLogSettings does not equal 1.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email scanner
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ActionOptions\uAction does not equal 2.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email scanner
The value of Software\McAfee\VSCore\Email scanner\Outlook\OnDelivery\ActionOptions\dwPromptButton does not equal 31.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email Scanner
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions\dwMaxLogSizeMB is not >= 100.
                                                Medium     Change the registry key HKLM\Software\McAfee\VSCore\Email
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ReportOptions\dwLogEvent does not equal 304.Scanner
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\ScanMime does not equal
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\uSecAction does not equa
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\uKilobytes is not >= 20480
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\bLogSettings does not equ
                                                Medium     Change the registry key HKLM\Software\Network Associates\TVD\VirusS
The value of Software\McAfee\DesktopProtection\Tasks\{21221C11-A06D-4558-B833-98E8C7F6C4D2}\bSchedEnabled does not
                                                Medium     Procedure: Use the Windows Registry Editor >= 30.
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\VSIDBlockTimeout is notto navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to navigate to the
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\VSIDBlockOnNonVirus does not equal 1. following
                                                Medium     Procedure: Use the Windows Registry Editor does not equal 1.
The value of Software\McAfee\VSCore\On access scanner\McShield\Configuration\default\ScanArchivesto navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to not equal 1.
The value of Software\McAfee\VSCore\On access scanner\McShield\Configuration\default\ScanMime doesnavigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor to equal 2.
The value of Software\McAfee\VSCore\Email Scanner\Outlook\OnDelivery\ActionOptions\uAction does not navigate to the following
                                                Medium     Procedure: Use the Windows Registry Editor not >= 64.
The value of Software\McAfee\VSCore\On Access Scanner\BehaviourBlocking\dwMaxLogSizeMB_Ent isto navigate to the following
                                                Medium     Procedure: Use 1.
The value of software\McAfee\VSCore\NVP\DetectSpyware does not equal the Windows Registry Editor to navigate to the following
                                                Medium      does not equal the
The value of software\McAfee\VSCore\NVP\DetectAdware Procedure: Use1. Windows Registry Editor to navigate to the following
                                                Page does Change StartPage value to about:blank, a trusted site, or a local file. (Pro
Software\Microsoft\Internet Explorer\Main\StartMedium       not contain the substring about:blank.
                                                Medium     Change the value of registry key not <= 67.
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags isHKCU\Software\Microsoft\Windows\Cu
                                                Medium     Under Settings\PrivacyAdvanced does Privacy Tab and click the Advan
The value of Software\Microsoft\Windows\CurrentVersion\InternetTools/Internet Options, select the not equal 1.The value of Softwar
                                                Medium     Change the value of registry key HKCU\Software\Microsoft\Windows\Cu
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages does not exist.
                                                Medium     Change registry key HKCU\Software\Microsoft\Windows\CurrentVersion
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonZoneCrossing does not exist.
                                                Medium     Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value: Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect does not exist.
                                                Explorer\Control Panel\AdvancedTab does not exist.
The value: Software\Policies\Microsoft\Internet Medium     Change the registry key HKCU\Software\Policies\Microsoft\Internet Explo
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1405 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609 does not exist.
                                                Medium     If a value forr Settings\Zones\3\1802 not not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet this zone is present anddoesset to 3 change the registry ke
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1607 does not exist.
                                                Medium     Procedure: Use the Windows Registry Editor to navigate to the following
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1606 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1407 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1402 does not exist.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1405 does not equal 1.
                                                Medium     Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1C00 does not exist.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A04 does not equal 3.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1E05 does not equal 65536.
                                                Medium     Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1407 does not equal 3.
192.168.0.3   xpvm1   V0017411   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017793   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0017900   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006470   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006472   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006475   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006476   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006592   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006593   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006597   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006598   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006612   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006617   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006620   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006621   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006627   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014620   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014621   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014628   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014629   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014652   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014661   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014662   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0014663   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006228   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006233   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006234   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006237   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006238   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006239   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006240   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006241   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006242   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006243   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006244   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006245   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006246   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006248   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006249   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006250   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006251   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006253   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006254   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006255   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006256   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006257   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006258   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006259   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006260   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006261   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006262   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006266   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006267   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006271   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006274   Windows XP   Pro107.xml
192.168.0.3   xpvm1   V0006275   Windows XP   Pro107.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
                                        - Local Zone
DTBI076-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls can contain potentially malicious code and must only be allowed to be downlo
DTBI082-Download signed ActiveX - Trusted Sites
                                        - Trusted Sites
DTBI083-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                        Trusted Si
DTBI084-Initialize and script Activex -ActiveX controls that are not marked safe forr scripting should not be executed. Although this
                                       ActiveX controls
DTBI086-Activex controls marked safe - Trusted Sit that are not marked safe forr scripting should not be executed. Although this
                                       Java must have level of protection based upon the site being browsed.
DTBI091-Java Permissions not set - Trusted Sites
                                        domains-Trusted
DTBI092-Access data sources acrossAccess data sources across domains must have level of protection based upon the site being
                                       Client certificates should not be presented to web sites without the user's acknowledgement.
DTBI095-Dont prompt client certificates - Trusted
                                        - Trusted of
DTBI097-Installation of desktop itemsInstallationSi items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI098-Launching programs and files in IFRAME-Tru
                                       The Software channel permissions must have level of protection based upon the site being ac
DTBI100-Software channel permissions - Trusted Sit
                                       Allow paste operations via script must have level of protection based upon the site being acce
DTBI104-Allow paste operations via script-Trusted
                                        - Trusted be
DTBI106-User Authentication - LogonCare must Sitetaken with user credentials and how automatic logons are perforrmed and how d
                                       ActiveX controls
DTBI112-Download signed ActiveX - Restricted Sites can contain potentially malicious code and must only be allowed to be downlo
                                        - Restricted Sit
DTBI113-Download unsigned ActiveXActiveX controls can contain potentially malicious code and must only be allowed to be downlo
                                       ActiveX controls that are not marked safe forr scripting should not be executed. Although this
DTBI114-Initialize and script ActiveX - Restricted
                                       ActiveX controls
DTBI115-Run ActiveX controls and plugins-Restricte that are not marked safe forr scripting should not be executed. Although this
                                       ActiveX controls
DTBI116-Script ActiveX controls marked safe-Restri that are not marked safe forr scripting should not be executed. Although this
                                       Files Sites
DTBI119-File download control - Restrictedshould not be able to be downloaded from sites that are considered restricted.
                                       Download of
DTBI120-Font download control - Restricted Sites fonts can sometimes contain malicious code. Files should not be downloaded f
                                       The restricted zones is used forr MS Outlook. This zone must be set properly to ensure Outlo
DTBI122-Access data sources - Restricted Sites
                                       Allow META
DTBI123-Allow META REFRESH - Restricted SitesREFRESH must have level of protection based upon the site being browsed.
                                       Mixed Sites
DTBI124-Display mixed content - Restricted content poses a risk when coming from a restricted site.
                                       Drag - Restrict
DTBI126-Drag and drop or copy and paste and Drop of files must have level of protection based upon the site being accessed.
                                        - Restricted
DTBI127-Installation of desktop itemsInstallation of items must have level of protection based upon the site being accessed.
                                       Launching of programs in IFRAME must have level of protection based upon the site being ac
DTBI128-Launching programs and files in IFRAME-Res
                                        domain - Restri
DTBI129-Navigate sub-frames acrossFrames that navigate across different domains are a security concern because the user may t
                                       Software channel permissions must have level of protection based upon the site being access
DTBI130-Software channel permissions - Restricted
                                        data-Restricted
DTBI131-Submit non-encrypted forrmSubmit non-encrypted forrm data must have level of protection based upon the site being acce
                                       No perseistant data should exist and be used in the Restricted sites zone.
DTBI132-Userdata persistence - Restricted Sites
                                       Sites
DTBI133-Active scripting - Restricted Active Scripting must have level of protection based upon the site being accessed.
                                       The Allow paste
DTBI134-Allow paste operations via scripts-Restric operations via script must have level of protection based upon the site being
                                        - Restricted
DTBI136-User Authentication - LogonCare must be taken with user credentials and how automatic logons are perforrmed and how d
                                        set ensures
DTBI160-Hash setting forr SHA is notThis properly that the Hash value forr SHA is enabled.
                                        installed
DTBG010-DoD Root Certificate is notThe DOD root certificate will ensure that the trust chain is established forr server certificated is
                                       This parameter ensures automatic searches are not perforrmed from the address bar. When
DTBI011-IE search parameter is not set correctly.
                                       Java must have level of protection based upon the site being browsed.
DTBI121-Java Permissions not set forr Restricted
                                       This policy setting
DTBI025 - The Download signed ActiveX controls pro allows you to manage whether users may download signed ActiveX controls
Required auditing parameters for database auditing are not set.
DBMS audit record access               Audit data is frequently targeted by malicious users as it can provide a means to detect their a
DBMS shared account authorization Unauthorized shared accounts limit accountability of individual users.
DBMS privileges to restore database data or other DBMS configurations, features, or objects are not restricted to authorized DBMS
DBMS user account authorization        Unauthorized user accounts provide unauthorized access to the database and may allow acce
DBMS inactive accounts                 Unused or expired DBMS accounts provide a means for undetected, unauthorized access to t
Access to external DBMS executables is not disabled or restricted. master sp_AddFunctionalUnitToComponent master sp_batch
DBMS files critical for DBMS recovery should be stored on RAID or other high-availability storage devices. master c:\Program Files
Database privileged role assignments are not restricted to IAO-authorized DBMS accounts. master BUILTIN\Administrators maste
Unauthorized access to external database objects has not been removed from application user roles. master public sp_AddFunction
DBMS account passwords should be set to expire every 60 days or more frequently. master sa
DBMS default accounts have not been assigned custom passwords. master sa
DBMS default account names have not been changed.
Audit records do not contain required information.
Fixed Server roles should have only authorized users or groups assigned as members. master sa sysadmin master BUILTIN\Adm
MS SQL Server Instance name includes a SQL Server or other software version number. master SQLEXPRESS
Access to registry extended stored procedures is not restricted to sysadmins. master public xp_regread Execute
Trace Rollover is not enabled for audit traces that have a maximum trace file size.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1A00 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1001 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVer
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1004 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1201 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1405 does not equal 1.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1C00 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1406 does not equal 3.
                                                 Medium       Change the registry key HKCU\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A04 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1800 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1804 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1E05 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1407 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1A00 does not equal 65536.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1604 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1608 does not exist.
                                                 Medium       Procedure: Use the Windows Registry Editor exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609 does notto navigate to the following
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1802 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1607 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1E05 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Microsoft\Windows\CurrentVers
The value of Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1601 does not equal 3.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1606 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1400 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1407 does not exist.
                                                 Medium       Change the registry key HKLM\Software\Policies\Microsoft\Windows\Cur
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1A00 does not exist.
                                                 Medium       Navigate to the registry key HKLM\SYSTEM\CurrentControlSet\Control\S
The value: SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA\Enabled does not exist.
                                                 Medium       Install the DOD root certificate. (Netscape Procedure: On the Edit menu
The key: SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\10F193F340AC91D6DE5F1EDC006247C4F25D9671 does n
                                                 Medium       Use the Windows Registry Editor to navigate to the following key: HKCU
The value: Software\Microsoft\Internet Explorer\Main\AutoSearch does not exist.
                                                 Medium       Use the Windows Registry Editor to navigate to the following key: HKLM
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1C00 does not exist.
                                                              The policy value forr Computer Configuration -> does not exist.
The value: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1001 Administrative Template
                                                 Medium
Required auditing parameters for database auditing are not set.
                                                 Medium       DB-DG0032-DB2 (Manual) Restrict access pro_VAS public sysprotects
Audit records are not restricted to authorized individuals. pro_VAS public dm_exec_sessions SELECT to the db2audit.log file to aut
                                                 and shared accounts are not documented with the IAO. master NT AUTHORITY\SY
All database non-interactive, n-tier connection, Medium
DBMS privileges to restore database data or other DBMS configurations, features, or objects are not restricted to authorized DBMS
                                                 Medium
Unauthorized user accounts exist. master NT AUTHORITY\SYSTEM
                                                 Medium
Unapproved inactive or expired database accounts have been found on the database. master sa
Access to external DBMS executables is not disabled or restricted. master sp_AddFunctionalUnitToComponent master sp_batch
DBMS files critical for DBMS recovery should be stored on RAID or other high-availability storage devices. master c:\Program Files
Database privileged role assignments are not restricted to IAO-authorized DBMS accounts. master BUILTIN\Administrators maste
Unauthorized access to external database objects has not been removed from application user roles. master public sp_AddFunction
DBMS account passwords should be set to expire every 60 days or more frequently. master sa
DBMS default accounts have not been assigned custom passwords. master sa
DBMS default account names have not been changed.
Audit records do not contain required information.
Fixed Server roles should have only authorized users or groups assigned as members. master sa sysadmin master BUILTIN\Adm
MS SQL Server Instance name includes a SQL Server or other software version number. master SQLEXPRESS
Access to registry extended stored procedures is not restricted to sysadmins. master public xp_regread Execute
Trace Rollover is not enabled for audit traces that have a maximum trace file size.
192.168.0.3    xpvm1   V0006276   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006277   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006278   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006279   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006280   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006281   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006282   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006283   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006284   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006285   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006286   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006287   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006288   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006289   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006290   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006291   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006292   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006293   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006294   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006295   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006297   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006298   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006299   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006301   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006302   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006303   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006304   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006305   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006306   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006307   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006308   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006309   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006311   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006316   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0006318   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0007006   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0007007   Windows XP   Pro107.xml
192.168.0.3    xpvm1   V0016879   Windows XP   Pro107.xml
192.168.2.57           V0005685   SQL Server   VMSimport.xml
192.168.2.57           V0005686   SQL Server   VMSimport.xml
192.168.2.57           V0002424   SQL Server   VMSimport.xml
192.168.2.57           V0015107   SQL Server   VMSimport.xml
192.168.2.57           V0002508   SQL Server   VMSimport.xml
192.168.2.57           V0015130   SQL Server   VMSimport.xml
192.168.2.57           V0015618   SQL Server   VMSimport.xml
192.168.2.57           V0015119   SQL Server   VMSimport.xml
192.168.2.57           V0015626   SQL Server   VMSimport.xml
192.168.2.57           V0015105   SQL Server   VMSimport.xml
192.168.2.57           V0015153   SQL Server   VMSimport.xml
192.168.2.57           V0015635   SQL Server   VMSimport.xml
192.168.2.57           V0015638   SQL Server   VMSimport.xml
192.168.2.57           V0015646   SQL Server   VMSimport.xml
192.168.2.57           V0002427   SQL Server   VMSimport.xml
192.168.2.57           V0002436   SQL Server   VMSimport.xml
192.168.2.57           V0002473   SQL Server   VMSimport.xml
192.168.2.57           V0002500   SQL Server   VMSimport.xml
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   PGD 2.0.8.8
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
O   SRR V8R1.3    DB
Fixed database role members          Fixed database roles provide a mechanism to grant groups of privileges to users. These privile
Unauthorized object permission grantsSecurely designed applications require only that database application user accounts have per
                                     The guest account is available to users that do not have authorized accounts on the database
DBMS object permission grants to PUBLIC or Guest
                                     Object ownership provides all database object permissions to the owned object. Access to the
DBMS application object owner accounts
Fixed database role members          Fixed database roles provide a mechanism to grant groups of privileges to users. These privile
                                     The guest account is available to users that do not have authorized accounts on the database
DBMS object permission grants to PUBLIC or Guest
Fixed database role members          Fixed database roles provide a mechanism to grant groups of privileges to users. These privile
Unauthorized object permission grantsSecurely designed applications require only that database application user accounts have per
                                     The guest account is available to users that do not have authorized accounts on the database
DBMS object permission grants to PUBLIC or Guest
                                     Unauthorized
DBMS application user role privilege assignment access to the data can lead to loss of confidentiality and integrity of the data.
Fixed database role members          Fixed database roles provide a mechanism to grant groups of privileges to users. These privile
The guest account is not disabled. msdb Guest user has access to the database
Unauthorized object permission grantsSecurely designed applications require only that database application user accounts have per
                                     The guest account is available to users that do not have authorized accounts on the database
DBMS object permission grants to PUBLIC or Guest
                                     Object ownership provides all database object permissions to the owned object. Access to the
DBMS application object owner accounts
Fixed database role members          Fixed database roles provide a mechanism to grant groups of privileges to users. These privile
Unauthorized object permission grantsSecurely designed applications require only that database application user accounts have per
                                     The guest account is available to users that do not have authorized accounts on the database
DBMS object permission grants to PUBLIC or Guest
SMB Service Detection                ote service understands the CIFS (Common Internet File System)or Server Message Block (S
SMB Log In Possible                  ote host is running one of the Microsoft Windows operatingsystems. It was possible to log into
                                     ossible to get the remote operating system name andversion (Windows and/or Samba) by sen
SMB NativeLanManager Remote System Inforrmation Disclosure




SMB NULL Session Authentication ote host is running Microsoft Windows, and it was possible tolog into it using a NULL session
                                    the scanner
SMB registry can not be accessed by not possible to connect to PIPE\winreg on the remote host.If you intend to use Nessus to perfo
                                    possible
SMB LanMan Pipe Server Listing Disclosure to obtain the browse list of the remote Windows systemby send a request to the LAN

Service Detection                     ugin connects to every port and attempts to extract the bannerof the service running on each,
                                      ote Windows host
Using SMB to retrieve inforrmation from ahost listens on tcp port 445 and replies to SMB requests.By sending an NTLMSSP authen
Service Detection                     ugin connects to every port and attempts to extract the bannerof the service running on each,
                                      was able to resolve
Host Fully Qualified Domain Name (FQDN) Resolution the FQDN of the remote host.
                                      (Network
Network Time Protocol (NTP) Server Detection Time Protocol) server is listening on this port. Itprovides inforrmation about the curre
SSL Certificate Inforrmation          ugin connects to every SSL-related port and attempts to extract and dump the X.509 certificat
Windows Terminal Services Enabled l Services allows a Windows user to remotely obtain a graphicallogin (and thereforre act as a l
                                      The remote
Microsoft SQL Server TCP/IP Listener Detection host is running MSSQL, a database server from Microsoft., It is possible to extrac
OS Identification
Nessus Server Detection               s daemon is listening on the remote port. It is notrecommended to let anyone connect to this p
                                      ote host supports the use of SSL ciphers that offer mediumstrength encryption, which we curre
SSL Medium Strength Cipher Suites Supported
SSL Cipher Suites Supported           ript detects which SSL ciphers are supported by the remoteservice forr encrypting communica
Nessus Scan Inforrmation              ript displays, forr each tested host, inforrmation about the scan itself:- The version of the plugi
                                                  or groups DB-DM0531-SQLSvr2K (Manual)
Fixed Database roles have unauthorized users Medium as members. master dbo db_ownerGrant fixed roles to authorized personn
                                                 Medium      public all_columns SELECT master public all_objects SELECT master
Object permission assignments are not authorized. master DB-DM1715-SQLServer (Manual) Revoke unauthorized permissions ass
                                                  GUEST. DB-DM6196-SQLSvr2K (Manual) master any object privileges assigned
Object permissions are assigned to PUBLIC or Medium master public all_columns SELECT Revoke public all_objects SELECT ma
                                                 Medium
Application object owner accounts are not disabled. tempdb saDB-DG0004-SQLServer (Manual) Disable logins for all application objec
                                                  or groups DB-DM0531-SQLSvr2K db_owner
Fixed Database roles have unauthorized users Medium as members. tempdb dbo (Manual) Grant fixed roles to authorized personn
                                                  GUEST. DB-DM6196-SQLSvr2K SELECT tempdb public all_objects SELECT te
Object permissions are assigned to PUBLIC or Medium tempdb public all_columns (Manual) Revoke any object privileges assigned
                                                  or groups DB-DM0531-SQLSvr2K (Manual)
Fixed Database roles have unauthorized users Medium as members. model dbo db_owner Grant fixed roles to authorized personn
                                                 Medium      DB-DM1715-SQLServer (Manual) public unauthorized permissions pu
Object permission assignments are not authorized. model public all_columns SELECT modelRevokeall_objects SELECT modelass
                                                  GUEST. DB-DM6196-SQLSvr2K (Manual) Revoke any all_objects SELECT mod
Object permissions are assigned to PUBLIC or Medium model public all_columns SELECT model public object privileges assigned
                                                 Medium      DB-DG0105-SQLServer (Manual) Use the grant and revoke commands
DBMS application user roles are assigned unauthorized privileges. msdb DatabaseMailUserRole sp_send_dbmail EXECUTE msdb
                                                  or groups DB-DM0531-SQLSvr2K (Manual)
Fixed Database roles have unauthorized users Medium as members. msdb dbo db_owner Grant fixed roles to authorized personn
The guest account is not disabled. msdb Guest user has access to the database
                                                 Medium      DB-DM1715-SQLServer (Manual) Revoke unauthorized permissions ass
Object permission assignments are not authorized. msdb db_dtsadmin sysdtslog90 REFERENCES msdb public all_columns SELE
                                                  GUEST. DB-DM6196-SQLSvr2K (Manual) Revoke any object privileges assigned
Object permissions are assigned to PUBLIC or Medium msdb public all_columns SELECT msdb public all_objects SELECT msdb
                                                 Medium      DB-DG0004-SQLServer (Manual) Disable logins for all application objec
Application object owner accounts are not disabled. pro_VAS sa
                                                  or groups DB-DM0531-SQLSvr2K (Manual) Grant fixed roles to authorized personn
Fixed Database roles have unauthorized users Medium as members. pro_VAS dbo db_owner
                                                 Medium      DB-DM1715-SQLServer (Manual) Revoke unauthorized permissions pro
Object permission assignments are not authorized. pro_VAS public all_columns SELECT pro_VAS public all_objects SELECT ass
                                                  GUEST. DB-DM6196-SQLSvr2K (Manual) Revoke any object guest sp_alterdiag
Object permissions are assigned to PUBLIC or Medium pro_VAS guest fn_diagramobjects EXECUTE pro_VASprivileges assigned
A CIFS server is running on this port.             None      n/a
                                                    CVE      n/a
- NULL sessions are enabled on the remote hostNone CVE-1999-0504, CVE-1999-0505, CVE-1999-0506, CVE-2000-0222, CVE-2
                                                   None
The remote Operating System is Windows 5.1 The remote n/a    native lan manager is Windows 2000 LAN Manager The remote SMB Do
PORT                                            Open Port
PORT                                            Open Port
PORT                                            Open Port
PORT                                            Open Port
PORT                                            Open Port
PORT                                            Open Port
                                                   None      n/a
 Synopsis : It is possible to log into the remote Windows host with a NULL session. Description : The remote host is running Micro
                                                   None      n/a
 Synopsis : Nessus is not able to access the remote Windows Registry. Description : It was not possible to connect to PIPE\\winre
                                                    ( os     n/a
Here is the browse list of the remote host MEMANone6.0 ) PROSODEV ( os 5.1 ) PROSOMNGR ( os 5.1 ) SCANME ( os 5.1 ) TUR
PORT                                            Open Port
                                                   None      N/A
The service closed the connection without sending any data. It might be protected by some sort of TCP wrapper.
                                                   None      n/a
The following 2 NetBIOS names have been gathered SCANME = Computer name PROSO = Workgroup / Domain name
A TLSv1 server answered on this port.              None      N/A
127.0.0.1 resolves as localhost.                   None      n/a
                                                   None
 Synopsis : An NTP server is listening on the remote host. n/aDescription : An NTP (Network Time Protocol) server is listening on thi
Subject NameOrganizationNessus Users UnitedNone              n/a
                                                   LocalityParis CountryFR Issuer NameOrganizationNessus Users United LocalityPa
                                                   None      Disable Terminal Services Terminal Services and do Windows user to
 Synopsis : The remote Windows host has Terminal Services enabled. Description : if you do not use it, allows anot allow thisservic
The remote SQL Server version is 10.0.1600.0. None           Restrict access to the database to allowed IPs only.
                                                   None
 Remote operating system : Microsoft Windows XP Service Pack 2 Microsoft Windows XP Service Pack 3 Confidence Level : 99 M
                                                   None      Filter incoming : A Nessus daemon is listening on the remote port. It is
 Synopsis : A Nessus daemon is listening on the remote port. Descriptiontraffic to this port.
                                                 Medium      the remote the affected application if possible to avoid use ofmedium s
Here is the only medium strength SSL cipher supported by Reconfigureserver Medium Strength Ciphers (>= 56-bit and < 112-bit key
                                                   None      n/a
Here is the list of SSL ciphers supported by the remote server Medium Strength Ciphers (>= 56-bit and < 112-bit key) TLSv1 DES-C
                                                   None
Information about this scan : Nessus version : 4.0.2 (Buildn/a1076) (Nessus 4.2.0 is available - consider upgrading) Plugin feed vers
192.168.2.57                     V0015151             SQL Server   VMSimport.xml
192.168.2.57                     V0002457             SQL Server   VMSimport.xml
192.168.2.57                     V0015172             SQL Server   VMSimport.xml
192.168.2.57                     V0005683             SQL Server   VMSimport.xml
192.168.2.57                     V0015151             SQL Server   VMSimport.xml
192.168.2.57                     V0015172             SQL Server   VMSimport.xml
192.168.2.57                     V0015151             SQL Server   VMSimport.xml
192.168.2.57                     V0002457             SQL Server   VMSimport.xml
192.168.2.57                     V0015172             SQL Server   VMSimport.xml
192.168.2.57                     V0015128             SQL Server   VMSimport.xml
192.168.2.57                     V0015151             SQL Server   VMSimport.xml
192.168.2.57                     V0002451             SQL Server   VMSimport.xml
192.168.2.57                     V0002457             SQL Server   VMSimport.xml
192.168.2.57                     V0015172             SQL Server   VMSimport.xml
192.168.2.57                     V0005683             SQL Server   VMSimport.xml
192.168.2.57                     V0015151             SQL Server   VMSimport.xml
192.168.2.57                     V0002457             SQL Server   VMSimport.xml
192.168.2.57                     V0015172             SQL Server   VMSimport.xml
localhost      localhost            11011             Windows XP   scanme_nessus.nessus
localhost      localhost            10394             Windows XP   scanme_nessus.nessus
localhost      localhost            10785             Windows XP   scanme_nessus.nessus
localhost      localhost      nessus (1241/tcp)       Windows XP   scanme_nessus.nessus
localhost      localhost    microsoft-ds (445/tcp)    Windows XP   scanme_nessus.nessus
localhost      localhost       epmap (135/tcp)        Windows XP   scanme_nessus.nessus
localhost      localhost   ms-wbt-server (3389/tcp)   Windows XP   scanme_nessus.nessus
localhost      localhost     startron (1057/tcp)      Windows XP   scanme_nessus.nessus
localhost      localhost     ms-sql-m (1434/tcp)      Windows XP   scanme_nessus.nessus
localhost      localhost            26920             Windows XP   scanme_nessus.nessus
localhost      localhost            26917             Windows XP   scanme_nessus.nessus
localhost      localhost            10397             Windows XP   scanme_nessus.nessus
localhost      localhost     ms-sql-s (1433/tcp)      Windows XP   scanme_nessus.nessus
localhost      localhost            22964             Windows XP   scanme_nessus.nessus
localhost      localhost            42410             Windows XP   scanme_nessus.nessus
localhost      localhost            22964             Windows XP   scanme_nessus.nessus
localhost      localhost            12053             Windows XP   scanme_nessus.nessus
localhost      localhost            10884             Windows XP   scanme_nessus.nessus
localhost      localhost            10863             Windows XP   scanme_nessus.nessus
localhost      localhost            10940             Windows XP   scanme_nessus.nessus
localhost      localhost            10144             Windows XP   scanme_nessus.nessus
localhost      localhost            11936             Windows XP   scanme_nessus.nessus
localhost      localhost            10147             Windows XP   scanme_nessus.nessus
localhost      localhost            42873             Windows XP   scanme_nessus.nessus
localhost      localhost            21643             Windows XP   scanme_nessus.nessus
localhost      localhost            19506             Windows XP   scanme_nessus.nessus
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
 O                          SRR V8R1.3   DB
Open    microsoft-ds (445/tcp)Nessus
Open    microsoft-ds (445/tcp)Nessus
Open    microsoft-ds (445/tcp)Nessus
Open      nessus (1241/tcp) Nessus
Open    microsoft-ds (445/tcp)Nessus
Open       epmap (135/tcp) Nessus
Open                          Nessus
       ms-wbt-server (3389/tcp)
Open     startron (1057/tcp) Nessus
Open     ms-sql-m (1434/tcp) Nessus
Open    microsoft-ds (445/tcp)Nessus
Open    microsoft-ds (445/tcp)Nessus
Open    microsoft-ds (445/tcp)Nessus
Open     ms-sql-s (1433/tcp) Nessus
Open     startron (1057/tcp) Nessus
Open    microsoft-ds (445/tcp)Nessus
Open      nessus (1241/tcp) Nessus
Open         general/tcp      Nessus
Open        ntp (123/udp)     Nessus
Open      nessus (1241/tcp) Nessus
Open                          Nessus
       ms-wbt-server (3389/tcp)
Open     ms-sql-s (1433/tcp) Nessus
Open         general/tcp      Nessus
Open      nessus (1241/tcp) Nessus
Open      nessus (1241/tcp) Nessus
Open      nessus (1241/tcp) Nessus
Open         general/tcp      Nessus

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:48
posted:11/11/2011
language:English
pages:157