Changing the screen saver must be prevented.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36775 | WN12-UC-000004 | SV-51761r1_rule | PESL-1 | Low |
| Description |
|---|
| Unattended systems are susceptible to unauthorized use and must be locked. Preventing users from changing the screen saver ensures an approved screen saver is used. This protects critical and sensitive data from exposure to unauthorized personnel with physical access to the computer. |
| STIG | Date |
|---|---|
| Windows Server 2012 / 2012 R2 Member Server Security Technical Implementation Guide | 2016-12-19 |
Details
| Check Text ( C-46890r1_chk ) |
|---|
| If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_CURRENT_USER Registry Path: \Software\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: NoDispScrSavPage Type: REG_DWORD Value: 1 |
| Fix Text (F-44836r1_fix) |
|---|
| Configure the policy value for User Configuration -> Administrative Templates -> Control Panel -> Personalization -> "Prevent changing screen saver" to "Enabled". |