UCF STIG Viewer Logo

Users with Administrative privilege will be documented and have separate accounts for administrative duties and normal operational tasks.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1140 1.006 SV-32259r2_rule High
Description
Using a privileged account to perform routine functions makes the computer vulnerable to attack by any virus or Trojan Horse inadvertently introduced during a session that has been granted full privileges. The rule of least privilege should always be enforced.
STIG Date
Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide 2019-06-18

Details

Check Text ( C-32884r2_chk )
Ask the System Administrator (SA) to show the necessary documentation that identifies the members of this privileged group.

This check verifies each user with administrative privileges has been assigned a unique account, separate from the built-in “Administrator” account. This check also verifies the default “Administrator” account is not being used. Administrators should be properly trained before being permitted to perform administrator duties. The IAO will maintain a list of all users belonging to the Administrator’s group.

If any of the following conditions are true, then this is a finding:

-Each SA does not have a unique userid dedicated for administering the system.
-Each SA does not have a separate account for normal user tasks.
-The built-in administrator account is used to administer the system.
-Administrators have not been properly trained.
-The IAO does not maintain a list of users belonging to the Administrator’s group.
Fix Text (F-32r2_fix)
Create the necessary documentation that identifies the members of this privileged group. Ensure each member has a separate account for user duties and one for his privileged duties and the other requirements outlined in the manual check are met.