Microsoft Windows PAW Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Administrative accounts of all high-value IT resources must be assigned to a specific administrative tier in Active Directory to separate highly privileged administrative accounts from less privileged administrative accounts.
<VulnDiscussion>Note: The Microsoft Tier 0-2 AD administrative tier model (https://docs.microsoft.com/en-us/windows-server/identity/securing-...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
A Windows PAW must only be used to manage high-value IT resources assigned to the same tier.
<VulnDiscussion>Note: Allowed exception - For sites that are constrained in the number of available workstations, an acceptable approach is t...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
All high-value IT resources must be assigned to a specific administrative tier to separate highly sensitive resources from less sensitive resources.
<VulnDiscussion>Note: The Microsoft Tier 0-2 AD administrative tier model (https://docs.microsoft.com/en-us/windows-server/identity/securing-...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.