Local volumes are not formatted using NTFS.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-1081	2.008	SV-29477r1_rule	ECCD-2 ECCD-1	High

Description
This is a category 1 finding because the ability to set access permissions and audit critical directories and files is only available by using the NTFS file system. The capability to assign access permissions to file objects is a DOD policy requirement. The FAT file system only provides the capability to make files read-only and hidden. The capability to change these attributes is not restricted to any users. An unauthorized individual could boot the machine from a floppy disk and gain full and unrecorded access to file data.

Description

This is a category 1 finding because the ability to set access permissions and audit critical directories and files is only available by using the NTFS file system. The capability to assign access permissions to file objects is a DOD policy requirement. The FAT file system only provides the capability to make files read-only and hidden. The capability to change these attributes is not restricted to any users. An unauthorized individual could boot the machine from a floppy disk and gain full and unrecorded access to file data.

STIG	Date
Windows Vista Security Technical Implementation Guide	2015-06-25

Details

Check Text ( None )
None

Fix Text (F-53r1_fix)
Format all partitions/drives to use NTFS.