Windows Server 2019 must not allow anonymous enumeration of Security Account Manager (SAM) accounts.

An XCCDF Rule

Details
Profiles

Description

Anonymous enumeration of SAM accounts allows anonymous logon users (null session connections) to list all accounts names, thus providing a list of potential points to attack the system.

ID: SV-205914r991589_rule
Version: WN19-SO-000220
Severity: High
References: CCI-000366
Updated: 6 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network access: Do not allow anonymous enumeration of SAM accounts" to "Enabled".

Windows Server 2019 must not allow anonymous enumeration of Security Account Manager (SAM) accounts.

Description

Remediation Templates

A Manual Procedure