Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1081 | 2.008 | SV-29478r1_rule | High |
Description |
---|
This is a category 1 finding because the ability to set access permissions and audit critical directories and files is only available by using the NTFS file system. The capability to assign access permissions to file objects is a DOD policy requirement. The FAT file system only provides the capability to make files read-only and hidden. The capability to change these attributes is not restricted to any users. An unauthorized individual could boot the machine from a floppy disk and gain full and unrecorded access to file data. |
STIG | Date |
---|---|
Windows 2008 Domain Controller Security Technical Implementation Guide | 2017-07-28 |
Check Text ( None ) |
---|
None |
Fix Text (F-53r1_fix) |
---|
Format all partitions/drives to use NTFS. |