Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1140 | 1.006 | SV-24997r3_rule | ECLP-1 | High |
Description |
---|
Using a privileged account to perform routine functions makes the computer vulnerable to malicious software inadvertently introduced during a session that has been granted full privileges. The rule of least privilege must always be enforced. |
STIG | Date |
---|---|
Windows 7 Security Technical Implementation Guide | 2015-09-02 |
Check Text ( C-62059r2_chk ) |
---|
Verify the following: The necessary documentation that identifies members of the Administrators group exists with the ISSO. Each user with administrative privileges has been assigned a unique administrator account, separate from the built-in "Administrator" account. Each user with administrative privileges has a separate account for performing normal (non-administrative) functions. Administrators must be properly trained before being permitted to perform administrator duties. Use of the built-in Administrator account must not be allowed. If any of these conditions are not met, this is a finding. |
Fix Text (F-66957r2_fix) |
---|
Create necessary documentation that identifies members of the Administrators group, to be maintained with the ISSO. Create unique administrator accounts, separate from the built-in "Administrator" account for each user with administrative privileges. Create separate accounts for performing normal (non-administrative) functions for each user with administrative privileges. Properly train users with administrative privileges. Do not allow the use of the built-in Administrator account. |