Microsoft Windows Server 2022 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000112-GPOS-00057
Group -
Windows Server 2022 Kerberos user logon restrictions must be enforced.
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is e...Rule Medium Severity -
SRG-OS-000112-GPOS-00057
Group -
SRG-OS-000112-GPOS-00057
Group -
SRG-OS-000112-GPOS-00057
Group -
SRG-OS-000112-GPOS-00057
Group -
Windows Server 2022 computer clock synchronization tolerance must be limited to five minutes or less.
This setting determines the maximum time difference (in minutes) that Kerberos will tolerate between the time on a client's clock and the time on a server's clock while still considering the two cl...Rule Medium Severity -
SRG-OS-000324-GPOS-00125
Group -
Windows Server 2022 permissions on the Active Directory data files must only allow System and Administrators access.
Improper access permissions for directory data-related files could allow unauthorized users to read, modify, or delete directory data or audit trails. Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-0...Rule High Severity -
SRG-OS-000324-GPOS-00125
Group -
Windows Server 2022 Active Directory SYSVOL directory must have the proper access control permissions.
Improper access permissions for directory data files could allow unauthorized users to read, modify, or delete directory data. The SYSVOL directory contains public files (to the domain) such as po...Rule High Severity -
SRG-OS-000324-GPOS-00125
Group -
SRG-OS-000324-GPOS-00125
Group -
SRG-OS-000324-GPOS-00125
Group -
Windows Server 2022 organization created Active Directory Organizational Unit (OU) objects must have proper access control permissions.
When directory service database objects do not have appropriate access control permissions, it may be possible for malicious users to create, read, update, or delete the objects and degrade or dest...Rule High Severity -
SRG-OS-000138-GPOS-00069
Group -
SRG-OS-000095-GPOS-00049
Group -
Windows Server 2022 domain controllers must run on a machine dedicated to that function.
Executing application servers on the same host machine with a directory server may substantially weaken the security of the directory server. Web or database server applications usually require the...Rule Medium Severity -
SRG-OS-000396-GPOS-00176
Group -
SRG-OS-000480-GPOS-00227
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.