Skip to content
Log In

Microsoft Windows Server 2022 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • Windows Server 2022 must have software certificate installation files removed.

    Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.
    Rule Medium Severity
    Show

  • SRG-OS-000185-GPOS-00079

    Group
    Show

  • SRG-OS-000425-GPOS-00189

    Group
    Show

  • Windows Server 2022 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.

    Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, for example, during aggregation, at protocol transformation points, and during pa...
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • Windows Server 2022 must have a host-based firewall installed and enabled.

    A firewall provides a line of defense against attack, allowing or blocking inbound and outbound connections based on a set of rules. Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000480-GPOS-00232
    Rule Medium Severity
    Show

  • SRG-OS-000191-GPOS-00080

    Group
    Show

  • SRG-OS-000002-GPOS-00002

    Group
    Show

  • Windows Server 2022 must automatically remove or disable temporary user accounts after 72 hours.

    If temporary user accounts remain active when no longer needed or for an excessive period, these accounts may be used to gain unauthorized access. To mitigate this risk, automated termination of al...
    Rule Medium Severity
    Show

  • SRG-OS-000123-GPOS-00064

    Group
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • Windows Server 2022 must not have the Fax Server role installed.

    Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption or may provide unauthorized access to the system.
    Rule Medium Severity
    Show

  • SRG-OS-000096-GPOS-00050

    Group
    Show

  • Windows Server 2022 must not have the Microsoft FTP service installed unless required by the organization.

    Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • Windows Server 2022 must not have the Peer Name Resolution Protocol installed.

    Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption or may provide unauthorized access to the system.
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • Windows Server 2022 must not have Simple TCP/IP Services installed.

    Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption or may provide unauthorized access to the system.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules