Skip to content

Active Directory Domain Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Usage of administrative accounts must be monitored for suspicious and anomalous activity.

    <VulnDiscussion>Monitoring the usage of administrative accounts can alert on suspicious behavior and anomalous account usage that would be in...
    Rule Medium Severity
  • SRG-OS-000480

    <GroupDescription></GroupDescription>
    Group
  • Systems must be monitored for attempts to use local accounts to log on remotely from other systems.

    &lt;VulnDiscussion&gt;Monitoring for the use of local accounts to log on remotely from other systems may indicate attempted lateral movement in a P...
    Rule Medium Severity
  • SRG-OS-000480

    <GroupDescription></GroupDescription>
    Group
  • Systems must be monitored for remote desktop logons.

    &lt;VulnDiscussion&gt;Remote Desktop activity for administration should be limited to specific administrators, and from limited management workstat...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules