UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Windows 7 Security Technical Implementation Guide


Overview

Date Finding Count (342)
2012-08-22 CAT I (High): 32 CAT II (Med): 224 CAT III (Low): 86
STIG Description
The Windows 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as the Windows 7 Security Guide and security templates published by Microsoft Corporation. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-3379 High The system is configured to store the LAN Manager hash of the password in the SAM.
V-6834 High Named pipes and shares can be accessed anonymously.
V-18010 High Unauthorized users will not have the "Debug programs" user right.
V-17900 High Disallow AutoPlay/Autorun from Autorun.inf
V-1093 High Anonymous enumeration of shares will be restricted.
V-17418 High Windows Firewall Domain Profile - Block unsolicited inbound connections.
V-26283 High Anonymous enumeration of SAM accounts will not be allowed.
V-26070 High Standard user accounts will only have Read permissions to the Winlogon registry key.
V-1159 High The Recovery Console option is set to permit automatic logon to the system.
V-1152 High Anonymous access to the Registry is not restricted.
V-1153 High The Send download LanMan compatible password option is not set to Send NTLMv2 response only\refuse LM & NTLM.
V-1155 High The "Deny Access to this computer from the network" user right will be configured to include "Guests".
V-2374 High The system is configured to autoplay removable media.
V-17438 High Windows Firewall Public Profile – Block unsolicited inbound connections.
V-1145 High Administrator automatic logon is enabled.
V-2908 High Unencrypted remote access is permitted to system services.
V-3338 High Unauthorized named pipes are accessible with anonymous credentials.
V-3339 High Unauthorized registry paths are remotely accessible.
V-3337 High Anonymous SID/Name translation is allowed.
V-3343 High Solicited Remote Assistance is allowed.
V-3340 High Unauthorized shares can be accessed anonymously.
V-3347 High Internet Information System (IIS) or its subcomponents are installed on a workstation.
V-3344 High The use of local accounts with blank passwords is not restricted to console logons only.
V-1102 High Unauthorized users will not be granted the "Act as part of the operating system" user right.
V-1074 High An approved DoD virus scan program is not used and/or updated.
V-1073 High Systems must be at supported service pack (SP) or release levels.
V-26479 High Unauthorized accounts will not have the "Create a token object" user right.
V-1081 High Local volumes are not formatted using NTFS.
V-32282 High Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key.
V-17428 High Windows Firewall Private Profile – Block unsolicited inbound connections.
V-7002 High DoD information system access does not require the use of a password.
V-4443 High Unauthorized registry paths and sub-paths are remotely accessible.
V-17429 Medium Windows Firewall Private Profile - Allow outbound connections.
V-16006 Medium Unnecessary features are installed.
V-16008 Medium UAC - All application are elevated.
V-26503 Medium Unauthorized accounts will not have the "Replace a process level token" user right.
V-26501 Medium Unauthorized accounts will not have the "Profile system performance" user right.
V-26500 Medium Unauthorized accounts will not have the "Profile single process" user right.
V-1168 Medium Members of the Backup Operators group do not have separate accounts for backup duties and normal operational tasks.
V-26505 Medium Unauthorized accounts will not have the "Shut down the system" user right.
V-26504 Medium Unauthorized accounts will not have the "Restore files and directories" user right.
V-1164 Medium Outgoing secure channel traffic is not signed when possible.
V-1166 Medium The Windows SMB client is not enabled to perform SMB packet signing when possible.
V-3378 Medium The system is not configured to use the Classic security model.
V-1163 Medium Outgoing secure channel traffic is not encrypted when possible.
V-1162 Medium The Windows SMB server is not enabled to perform SMB packet signing when possible.
V-26469 Medium Unauthorized accounts will not have the "Access Credential Manager as a trusted caller" user right.
V-6836 Medium For systems utilizing a logon ID as the individual identifier, passwords are not at a minimum of 14-characters.
V-6832 Medium The Windows SMB client is not enabled to always perform SMB packet signing.
V-6833 Medium The Windows SMB server is not enabled to always perform SMB packet signing.
V-6831 Medium Outgoing secure channel traffic is not encrypted or signed.
V-1099 Medium Lockout duration does not meet minimum requirements.
V-1098 Medium Time before bad-logon counter is reset does not meet minimum requirements.
V-1097 Medium Number of allowed bad-logon attempts does not meet minimum requirements.
V-6840 Medium To the extent system capabilities permit, system mechanisms are not implemented to enforce automatic expiration of passwords and to prevent reuse.
V-17415 Medium Windows Firewall Domain Profile - Enable the firewall.
V-17417 Medium Windows Firewall Public Profile - Enable the firewall.
V-17416 Medium Windows Firewall Private Profile - Enable the firewall.
V-17419 Medium Windows Firewall Domain Profile - Allow outbound connections.
V-14241 Medium User Account Control - Switch to secure desktop.
V-14240 Medium User Account Control - Run all admins in Admin Approval Mode.
V-14243 Medium Require username and password to elevate a running application.
V-14242 Medium User Account Control - Non UAC compliant applications run in virtualized file and registry entries.
V-14247 Medium Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop Client.
V-14249 Medium Terminal Services / Remote Desktop Services - Local drives prevented from sharing with Terminal Servers/Remote Session Hosts.
V-14248 Medium Terminal Services / Remote Desktop Services - Prevent users from connecting using Terminal Services or Remote Desktop.
V-1122 Medium The system configuration is not set with a password-protected screen saver.
V-1127 Medium A non-administrator account has administrator rights on the system.
V-15666 Medium Turn off Windows Peer-to-Peer Networking Services.
V-15667 Medium Prohibit Network Bridge in Windows.
V-3828 Medium Security-related software patches are not applied.
V-21980 Medium Explorer Data Execution Prevention is disabled.
V-26495 Medium Unauthorized accounts will not have the "Log on as a batch job" user right.
V-26494 Medium Unauthorized accounts will not have the "Lock pages in memory" user right.
V-26497 Medium Unauthorized accounts will not have the "Modify an object label" user right.
V-26496 Medium Unauthorized accounts will not have the "Manage auditing and security log" user right.
V-26558 Medium The system will be configured to audit "System -> System Integrity" failures.
V-26490 Medium Unauthorized accounts will not have the "Impersonate a client after authentication" user right.
V-26493 Medium Unauthorized accounts will not have the "Load and unload device drivers" user right.
V-26492 Medium Unauthorized accounts will not have the "Increase scheduling priority" user right.
V-26554 Medium The system will be configured to audit "System -> Security State Change" failures.
V-26555 Medium The system will be configured to audit "System -> Security System Extension" successes.
V-26556 Medium The system will be configured to audit "System -> Security System Extension" failures.
V-26557 Medium The system will be configured to audit "System -> System Integrity" successes.
V-26499 Medium Unauthorized accounts will not have the "Perform volume maintenance tasks" user right.
V-26551 Medium The system will be configured to audit "System -> IPSec Driver" successes.
V-26552 Medium The system will be configured to audit "System -> IPSec Driver" failures.
V-26553 Medium The system will be configured to audit "System -> Security State Change" successes.
V-15700 Medium Disable remote access to the plug and play interface.
V-15706 Medium Password is required on resume from sleep (plugged in).
V-15705 Medium Password is required on resume from sleep (on battery).
V-16048 Medium Disable Help Ratings feed back.
V-26491 Medium Unauthorized accounts will not have the "Increase a process working set" user right.
V-26506 Medium Unauthorized accounts will not have the "Take ownership of files or other objects" user right.
V-26550 Medium The system will be configured to audit "Privilege Use -> Sensitive Privilege Use" failures.
V-26498 Medium Unauthorized accounts will not have the "Modify firmware environment values" user right.
V-3385 Medium The system is configured to allow case insensitivity.
V-3383 Medium The system is not configured to use FIPS compliant algorithms for encryption, hashing, and signing.
V-3382 Medium The system is not configured to meet the minimum requirement for session security for NTLM SSP based clients.
V-3381 Medium The system is not configured to recommended LDAP client signing requirements.
V-3380 Medium The system is not configured to force users to log off when their allowed logon hours expire.
V-16047 Medium Disable the built-in admin account.
V-17448 Medium Windows Firewall Outbound Rule - IPv6 Block Protocols 41
V-17449 Medium Windows Firewall Outbound Rules - IPv6 Block UDP 3544
V-17442 Medium Windows Firewall Public Profile - Applying local firewall rules.
V-17443 Medium Windows Firewall Public Profile - Applying local connection rules.
V-17441 Medium Windows Firewall Public Profile - Block unicast responses to multicast or broadcast messages.
V-15697 Medium Disable the Responder network protocol driver.
V-15696 Medium Disable the Mapper I/O Driver.
V-15699 Medium Disable the Windows Connect Now wizards.
V-15698 Medium The configuration of wireless devices using Windows Connect Now will be disabled.
V-1154 Medium Ctrl+Alt+Del security attention sequence is disabled.
V-1157 Medium The smart card removal option is set to take no action.
V-2372 Medium Reversible password encryption is not disabled.
V-3458 Medium Remote Desktop Services idle session time limit does not meet the requirement.
V-3453 Medium Remote Desktop Services is not configured to always prompt a client for passwords upon connection.
V-3457 Medium Remote Desktop Services is not configured to set a time limit for disconnected sessions.
V-3456 Medium Remote Desktop Services is not configured to delete temporary folders.
V-3455 Medium Remote Desktop Services is configured to use a common temporary folder for all sessions.
V-3454 Medium Remote Desktop Services is not configured with the client connection encryption set to the required level.
V-22692 Medium Configure the default autorun behavior to prevent autorun commands.
V-14258 Medium Search Companion prevented from automatically downloading content updates.
V-14259 Medium Prevent printing over HTTP.
V-14256 Medium Web publishing and online ordering wizards prevented from downloading list of providers.
V-14257 Medium Windows Messenger prevented from collecting anonymous information.
V-14254 Medium Client computers required to authenticate for RPC communication.
V-14255 Medium File and Folder Publish to Web option unavailable.
V-14253 Medium Restrict unauthenticated RPC clients.
V-14250 Medium Prevent Automatic Updates from being run.
V-1119 Medium Booting into alternate operating systems is permitted.
V-1114 Medium The built-in guest account has not been renamed.
V-1115 Medium The built-in administrator account has not been renamed.
V-1113 Medium The built-in guest account is not disabled.
V-16021 Medium Help Experience Improvement Program is disabled.
V-16020 Medium Windows Customer Experience Improvement Program is disabled.
V-21951 Medium Computer Identity Authentication for NTLM is used.
V-21950 Medium Configure the SPN target name validation level.
V-21953 Medium Prevent PKU2U authentication using online identities.
V-21952 Medium Prevent NTLM from falling back to a Null session.
V-21954 Medium Configure Kerberos encryption types.
V-28285 Medium Unauthorized users will not have the "Log on as a service" User Right.
V-26482 Medium Unauthorized accounts will not have the "Create symbolic links" user right.
V-26483 Medium The "Deny log on as a batch job" user right will be configured to include "Guests".
V-26480 Medium Unauthorized accounts will not have the "Create global objects" user right.
V-26481 Medium Unauthorized accounts will not have the "Create permanent shared objects" user right.
V-26486 Medium The "Deny log on through Remote Desktop Services" user right will be configured to include "Everyone".
V-26487 Medium Unauthorized accounts will not have the "Enable computer and user accounts to be trusted for delegation" user right.
V-26484 Medium The "Deny log on as a service" user right will be configured to include no one (blank).
V-26485 Medium The "Deny log on locally" user right will be configured to include "Guests".
V-26488 Medium Unauthorized accounts will not have the "Force shutdown from a remote system" user right.
V-26489 Medium Unauthorized accounts will not have the "Generate security audits" user right.
V-15711 Medium Turn off indexing of encrypted files.
V-15713 Medium Turn off Windows Defender SpyNet reporting.
V-15715 Medium Turn off Windows Error Reporting to Microsoft.
V-15505 Medium The HBSS McAfee Agent is not installed.
V-15823 Medium Remove Software Certificate Installation Files
V-17439 Medium Windows Firewall Public Profile - Allow outbound connections.
V-17433 Medium Windows Firewall Private Profile - Applying local connection rules.
V-17432 Medium Windows Firewall Private - Applying local firewall rules.
V-17431 Medium Windows Firewall Private Profile - Block unicast responses to multicast or broadcast messages.
V-14262 Medium IPv6 will be disabled until a deliberate transition strategy has been implemented.
V-14261 Medium Windows is prevented from using Windows Update to search for drivers.
V-14260 Medium Computer prevented from downloading print driver packages over HTTP.
V-14269 Medium Hide mechanism for removing zone information from file attachments.
V-14268 Medium Preserve zone information when saving attachments.
V-15684 Medium IE security prompt is enabled for web-based installations.
V-1140 Medium Users with administrative privilege are not documented or do not have separate accounts for administrative duties and normal operational tasks.
V-26579 Medium The Application event log will be configured to a minimum size requirement.
V-15682 Medium Prevent RSS attachment downloads.
V-15683 Medium Shell protocol runs in protected mode.
V-1141 Medium Unencrypted password is sent to third-party SMB server.
V-15685 Medium Prevent users from changing Windows installer options.
V-26529 Medium The system will be configured to audit "Account Logon -> Credential Validation" successes.
V-3480 Medium Media Player is configured to allow automatic checking for updates.
V-32274 Medium The DoD Interoperability Root CA to DoD Root CA 2 cross certificate must be installed.
V-32272 Medium The DoD Root Certificate must be installed.
V-32273 Medium The External CA Root Certificate must be installed.
V-14229 Medium Audit of backup and restore privileges is not turned off.
V-14228 Medium Audit access to global system objects is not turned off.
V-14225 Medium Administrator passwords are changed when necessary.
V-14224 Medium The system does not have a backup administrator account.
V-1107 Medium Password uniqueness does not meet minimum requirements.
V-1105 Medium Minimum password age does not meet minimum requirements.
V-1104 Medium Maximum password age does not meet minimum requirements.
V-1077 Medium ACLs for event logs will conform to minimum requirements.
V-1072 Medium Shared user accounts are permitted on the system.
V-1070 Medium Physical security of the Automated Information System (AIS) does not meet DISA requirements.
V-26576 Medium The IP-HTTPS IPv6 transition technology will be disabled.
V-26577 Medium The ISATAP IPv6 transition technology will be disabled.
V-26575 Medium The 6to4 IPv6 transition technology will be disabled.
V-26578 Medium The Teredo IPv6 transition technology will be disabled.
V-1171 Medium Ejection of removable NTFS media is not restricted to administrators.
V-26478 Medium Unauthorized accounts will not have the "Create a pagefile" user right.
V-26476 Medium Unauthorized accounts will not have the "Change the system time" user right.
V-26474 Medium Unauthorized accounts will not have the "Back up files and directories" user right.
V-26473 Medium Unauthorized accounts will not have the "Allow log on through Remote Desktop Services" user right.
V-26472 Medium Unauthorized accounts will not have the "Allow log on locally" user right.
V-26471 Medium Unauthorized accounts will not have the "Adjust memory quotas for a process" user right.
V-26470 Medium Unauthorized accounts will not have the "Access this computer from the network" user right.
V-15725 Medium The More Gadgets link will be disabled.
V-15724 Medium Unsigned gadgets will not be installed.
V-15727 Medium Prevent users from sharing files from within their profiles.
V-15726 Medium Turn off user-installed gadgets.
V-15722 Medium Prevent Windows Media Digital Rights Management (DRM) from accessing the Internet.
V-1089 Medium The required legal notice must be configured to display before console logon.
V-3471 Medium The system is configured to automatically forward error information.
V-3470 Medium The system is configured to allow unsolicited remote assistance offers.
V-1088 Medium Registry key auditing configuration does not meet minimum requirements.
V-3479 Medium The system is not configured to use Safe DLL search mode.
V-1080 Medium File-auditing configuration does not meet minimum requirements.
V-26582 Medium The System event log will be configured to a minimum size requirement.
V-26581 Medium The Setup event log will be configured to a minimum size requirement.
V-26580 Medium The Security event log will be configured to a minimum size requirement.
V-3376 Medium The system is configured to permit storage of passwords and credentials.
V-3377 Medium The system is configured to give anonymous users Everyone rights.
V-3374 Medium The system is not configured to require a strong session key.
V-17421 Medium Windows Firewall Domain Profile - Block unicast response to multicast or broadcast messages.
V-17422 Medium Windows Firewall Domain Profile - Applying local firewall rules.
V-17423 Medium Windows Firewall Domain Profile - Applying local connection rules.
V-14270 Medium Notify antivirus when file attachments are opened.
V-14271 Medium Application account passwords length and change requirement.
V-1130 Medium ACLs for system files and directories do not conform to minimum requirements.
V-1131 Medium A password filter that enforces DoD requirements is not installed.
V-1137 Medium An Auditors group has not been created to restrict access to the Windows Event Logs.
V-15674 Medium Disable Internet File Association Service.
V-26538 Medium The system will be configured to audit "Account Management -> User Account Management" failures.
V-26539 Medium The system will be configured to audit "Detailed Tracking -> Process Creation" successes.
V-26532 Medium The system will be configured to audit "Account Management -> Computer Account Management" failures.
V-26533 Medium The system will be configured to audit "Account Management -> Other Account Management Events" successes.
V-26530 Medium The system will be configured to audit "Account Logon -> Credential Validation" failures.
V-26531 Medium The system will be configured to audit "Account Management -> Computer Account Management" successes.
V-26536 Medium The system will be configured to audit "Account Management -> Security Group Management" failures.
V-26537 Medium The system will be configured to audit "Account Management -> User Account Management" successes.
V-26534 Medium The system will be configured to audit "Account Management -> Other Account Management Events" failures.
V-26535 Medium The system will be configured to audit "Account Management -> Security Group Management" successes.
V-21975 Medium Prevent the system from joining a homegroup.
V-21973 Medium Turn off autoplay for non-volume devices.
V-26549 Medium The system will be configured to audit "Privilege Use -> Sensitive Privilege Use" successes.
V-26548 Medium The system will be configured to audit "Policy Change -> Authentication Policy Change" successes.
V-26547 Medium The system will be configured to audit "Policy Change -> Audit Policy Change" failures.
V-26546 Medium The system will be configured to audit "Policy Change -> Audit Policy Change" successes.
V-26545 Medium The system will be configured to audit "Object Access -> Registry" failures.
V-26544 Medium The system will be configured to audit "Object Access -> File System" failures.
V-26543 Medium The system will be configured to audit "Logon/Logoff -> Special Logon" successes.
V-26542 Medium The system will be configured to audit "Logon/Logoff -> Logon" failures.
V-26541 Medium The system will be configured to audit "Logon/Logoff -> Logon" successes.
V-26540 Medium The system will be configured to audit "Logon/Logoff -> Logoff" successes.
V-4448 Medium Group Policy objects are not reprocessed if they have not changed.
V-3666 Medium The system is not configured to meet the minimum requirement for session security for NTLM SSP based servers.
V-14239 Medium User Account Control - Elevate UIAccess applications that are in secure locations.
V-14230 Medium Audit policy using subcategories is enabled.
V-14234 Medium User Account Control for the built In admin runs in Admin Approval Mode
V-14235 Medium User Account Control is configured for the appropriate elevation prompt for administrators
V-14236 Medium User Account Control is configured for the appropriate elevation prompt for standard users.
V-14237 Medium User Account Control is configured to detect application installations.
V-3245 Medium File share ACLs have not been reconfigured to remove the Everyone group.
V-16007 Low 8dot3 name creation is prevented.
V-26359 Low The Windows dialog box title for the legal banner must be configured.
V-26502 Low Unauthorized accounts will not have the "Remove computer from docking station" user right.
V-1165 Low The computer account password is prevented from being reset.
V-1091 Low System halts once an event log has reached its maximum size.
V-1090 Low Caching of logon credentials is not limited.
V-1128 Low Security configuration tools are not being used to configure platforms for security compliance.
V-21964 Low Prevent device metadata retrieval from the Internet.
V-21965 Low Prevent Windows Update for device driver search
V-21966 Low Prevent handwriting personalization data sharing with Microsoft.
V-21967 Low Prevent Microsoft Support Diagnostic Tool (MSDT) interactive communication with Microsoft.
V-21960 Low Require domain users to elevate when setting a network’s location.
V-21961 Low Route all Direct Access traffic through internal network.
V-21963 Low Prevent searching Windows Update for point and print drivers.
V-21969 Low Prevent access to Windows Online Troubleshooting Service (WOTS).
V-15703 Low Users will not be prompted to search Windows Update for device drivers.
V-15702 Low A Windows error report is not sent when a generic driver is installed.
V-15701 Low Enable restore points for device driver installations.
V-15707 Low Session logging for Remote Assistance is enabled.
V-15704 Low Handwriting recognition error reports (Tablet PCs) are not sent to Microsoft.
V-15709 Low Disable Game Explorer information downloads.
V-17446 Low Windows Firewall Public Profile - Log dropped packets.
V-17447 Low Windows Firewall Public Profile - Log successful connections.
V-17444 Low Windows Firewall Public Profile - Configure log file name and location.
V-17440 Low Windows Firewall Public Profile - Display notifications.
V-11806 Low The system is configured to allow the display of the last user name on the logon screen.
V-1158 Low The Recovery Console SET command is enabled.
V-1150 Low The built-in Microsoft password filter is not enabled.
V-1151 Low Print driver installation privilege is not restricted to administrators.
V-4438 Low TCP data retransmissions are not controlled.
V-1112 Low User account is dormant.
V-21955 Low Configure IPv6 source routing to highest protection.
V-21956 Low Configure IPv6 TCP data retransmissions to prevent resources from becoming exhausted.
V-15712 Low Turn off indexing of mail items in Exchange Folder when Outlook is running in uncached mode.
V-15714 Low Log error reporting events in the system event log.
V-15717 Low Requests for additional data in response to Error Reporting will be declined.
V-15718 Low Disable heap termination on corruption in Windows Explorer.
V-15719 Low Report whether logon server was accessible or cached credentials were used.
V-17430 Low Windows Firewall Private Profile - Display notifications.
V-17437 Low Windows Firewall Private Profile - Log successful connections.
V-17436 Low Windows Firewall Private Profile - Log dropped packets.
V-17435 Low Windows Firewall Private Profile - Configure log size.
V-17434 Low Windows Firewall Private Profile - Configure log file name and location.
V-15680 Low Enabled classic logon.
V-15686 Low Prevent users from installing vendor signed updates.
V-15687 Low Prevent first use dialog boxes for Windows Media Player from displaying for users.
V-1148 Low Local users exist on a workstation in a domain.
V-4108 Low The system does not generate an audit event when the audit log reaches a percent full threshold.
V-17445 Low Windows Firewall Public Profile - Configure log size.
V-1076 Low System information backups are not created, updated, and protected according to DISA requirements.
V-1075 Low The system allows shutdown from the logon dialog box.
V-1174 Low Amount of idle time required before suspending a session is improperly set.
V-1172 Low Users are not warned in advance that their passwords will expire.
V-1173 Low The default permissions of global system objects are not increased.
V-26477 Low Unauthorized accounts will not have the "Change the time zone" user right.
V-26475 Low Unauthorized accounts will not have the "Bypass traverse checking" user right.
V-3472 Low The system is configured to use an unauthorized time server.
V-1084 Low System pagefile is cleared upon shutdown.
V-1085 Low Floppy media devices are not allocated upon user logon.
V-3373 Low The maximum age for machine account passwords is not set to requirements.
V-3375 Low Domain Controller authentication is not required to unlock the workstation.
V-17420 Low Windows Firewall Domain Profile - Display notifications.
V-17424 Low Windows Firewall Domain Profile - Configure log file name and location.
V-17425 Low Windows Firewall Domain Profile - Configure the log size,
V-17426 Low Windows Firewall Domain Profile - Log dropped packets.
V-17427 Low Windows Firewall Domain Profile - Log sucessful connections.
V-1136 Low Users are not forcibly disconnected when logon hours expire.
V-1135 Low Printer share permissions are not configured as recommended.
V-15676 Low Order Prints Online is blocked.
V-15675 Low Windows Registration Wizard is blocked.
V-15673 Low The Internet Connection Wizard cannot download a list of ISPs from Microosft.
V-15672 Low Event Viewer events.asp links are available.
V-15671 Low Root certificates will not be updated automatically from Microsoft.
V-21974 Low Turn off downloading of game updates.
V-21971 Low Prevent the Application Compatibility Program Inventory from collecting data and sending the information to Microsoft.
V-21970 Low Disable Performance PerfTrack.
V-21978 Low Windows Anytime Upgrade is not disabled.
V-4113 Low The system is configured for a greater keep-alive time than recommended.
V-4112 Low The system is configured to detect and configure default gateway addresses.
V-4111 Low The system is configured to redirect ICMP.
V-4110 Low The system is configured to allow IP source routing.
V-4116 Low The system is configured to allow name-release attacks.
V-4442 Low This check verifies that Windows is configured to have password protection take effect within a limited time frame when the screen saver becomes active.
V-17373 Low Secure Removable Media – CD-ROM
V-14231 Low Hide computer from the browse list.
V-14232 Low IPSec exemptions are limited.