Skip to content
Log In

Microsoft Windows Server 2022 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Windows Server 2022 must preserve zone information when saving attachments.

    Attachments from outside sources may contain malicious code. Preserving zone of origin (internet, intranet, local, restricted) information on file attachments allows Windows to determine risk.
    Rule Medium Severity
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • Windows Server 2022 Act as part of the operating system user right must not be assigned to any groups or accounts.

    Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with the "Act as part of the operating system" user right can assume the ident...
    Rule High Severity
    Show

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • Windows Server 2022 Allow log on locally user right must only be assigned to the Administrators group.

    Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with the "Allow log on locally" user right can log on interactively to a system.
    Rule Medium Severity
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • Windows Server 2022 create a token object user right must not be assigned to any groups or accounts.

    Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. The "Create a token object" user right allows a process to create an access token. This...
    Rule High Severity
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • Windows Server 2022 create symbolic links user right must only be assigned to the Administrators group.

    Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with the "Create symbolic links" user right can create pointers to other objec...
    Rule Medium Severity
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • Windows Server 2022 force shutdown from a remote system user right must only be assigned to the Administrators group.

    Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with the "Force shutdown from a remote system" user right can remotely shut do...
    Rule Medium Severity
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • Windows Server 2022 impersonate a client after authentication user right must only be assigned to Administrators, Service, Local Service, and Network Service.

    Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. The "Impersonate a client after authentication" user right allows a program to imperson...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules