The built-in guest account has not been renamed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-1114	4.021	SV-25024r1_rule	IAAC-1	Medium

Description
A system faces an increased vulnerability threat if the built-in guest account is not renamed or disabled. The built-in guest account is a known user account on all Windows systems and, as initially installed, does not require a password. This can allow access to system resources by unauthorized users. This account is a member of the group Everyone and has all the rights and permissions associated with that group and could provide access to system resources to unauthorized users.

Description

A system faces an increased vulnerability threat if the built-in guest account is not renamed or disabled. The built-in guest account is a known user account on all Windows systems and, as initially installed, does not require a password. This can allow access to system resources by unauthorized users. This account is a member of the group Everyone and has all the rights and permissions associated with that group and could provide access to system resources to unauthorized users.

STIG	Date
Windows 7 Security Technical Implementation Guide	2014-04-02

Details

Check Text ( C-403r1_chk )
Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for “Accounts: Rename guest account” is not set to a value other than “Guest”, then this is a finding.

Fix Text (F-5761r1_fix)
Configure the system to rename the built-in guest account