Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1081 | 2.008 | SV-29478r1_rule | ECCD-1 ECCD-2 | High |
Description |
---|
This is a category 1 finding because the ability to set access permissions and audit critical directories and files is only available by using the NTFS file system. The capability to assign access permissions to file objects is a DOD policy requirement. The FAT file system only provides the capability to make files read-only and hidden. The capability to change these attributes is not restricted to any users. An unauthorized individual could boot the machine from a floppy disk and gain full and unrecorded access to file data. |
STIG | Date |
---|---|
Windows 2008 Domain Controller Security Technical Implementation Guide | 2014-01-07 |
Check Text ( C-24r1_chk ) |
---|
Open Windows Explorer and use the Properties function on each fixed local partition/drive to examine the File System specified on the General Tab. If the File System does not specify NTFS, then this is a finding. Documentable Explanation: Some hardware vendors create a small FAT partition to store troubleshooting and recovery data. No other files should be stored here. This requirement should be documented with the IAO. |
Fix Text (F-53r1_fix) |
---|
Format all partitions/drives to use NTFS. |