Microsoft Windows Server 2019 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Windows Server 2019 must be configured to audit logon failures.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
Windows Server 2019 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications.
Allowing unsecure RPC communication exposes the system to man-in-the-middle attacks and data disclosure attacks. A man-in-the-middle attack occurs when an intruder captures packets between a client...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
SRG-OS-000042-GPOS-00020
Group -
Windows Server 2019 command line data must be included in process creation events.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Windows Server 2019 PowerShell script block logging must be enabled.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 permissions for the Application event log must prevent access by non-privileged accounts.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 permissions for the Security event log must prevent access by non-privileged accounts.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 Manage auditing and security log user right must only be assigned to the Administrators group.
Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with the "Manage auditing and security log" user right can manage the security...Rule Medium Severity -
SRG-OS-000062-GPOS-00031
Group -
SRG-OS-000066-GPOS-00034
Group -
Windows Server 2019 domain controllers must have a PKI server certificate.
Domain controllers are part of the chain of trust for PKI authentications. Without the appropriate certificate, the authenticity of the domain controller cannot be verified. Domain controllers must...Rule Medium Severity -
SRG-OS-000066-GPOS-00034
Group -
Windows Server 2019 domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA).
A PKI implementation depends on the practices established by the Certificate Authority (CA) to ensure the implementation is secure. Without proper practices, the certificates issued by a CA have li...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.