Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1154 | 3.032 | SV-32301r1_rule | ECSC-1 | Medium |
Description |
---|
Disabling the Ctrl+Alt+Del security attention sequence can compromise system security. Because only Windows responds to the Ctrl+Alt+Del security sequence, you can be assured that any passwords you enter following that sequence are sent only to Windows. If you eliminate the sequence requirement, malicious programs can request and receive your Windows password. Disabling this sequence also suppresses a custom logon banner. |
STIG | Date |
---|---|
Windows Server 2008 R2 Member Server Security Technical Implementation Guide | 2015-06-25 |
Check Text ( None ) |
---|
None |
Fix Text (F-92r1_fix) |
---|
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “Interactive Logon: Do not require CTRL ALT DEL” to “Disabled”. |