Anonymous enumeration of Security Account Manager (SAM) accounts must not be allowed.

An XCCDF Rule

Details
Profiles

Description

Anonymous enumeration of SAM accounts allows anonymous logon users (null session connections) to list all accounts names, thus providing a list of potential points to attack the system.

ID: SV-225045r991589_rule
Version: WN16-SO-000260
Severity: High
References: CCI-000366
Updated: 15 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network access: Do not allow anonymous enumeration of SAM accounts" to "Enabled".

Anonymous enumeration of Security Account Manager (SAM) accounts must not be allowed.

Description

Remediation Templates

A Manual Procedure