II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000032-GPOS-00013
<GroupDescription></GroupDescription>Group -
Windows Server 2019 must be configured to audit logon successes.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000032-GPOS-00013
<GroupDescription></GroupDescription>Group -
Windows Server 2019 must be configured to audit logon failures.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
<GroupDescription></GroupDescription>Group -
Windows Server 2019 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications.
<VulnDiscussion>Allowing unsecure RPC communication exposes the system to man-in-the-middle attacks and data disclosure attacks. A man-in-the...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
<GroupDescription></GroupDescription>Group -
Windows Server 2019 Remote Desktop Services must be configured with the client connection encryption set to High Level.
<VulnDiscussion>Remote connections must be encrypted to prevent interception of data or sensitive information. Selecting "High Level" will en...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
<GroupDescription></GroupDescription>Group -
Windows Server 2019 command line data must be included in process creation events.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
<GroupDescription></GroupDescription>Group -
Windows Server 2019 PowerShell script block logging must be enabled.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
Windows Server 2019 permissions for the Application event log must prevent access by non-privileged accounts.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
Windows Server 2019 permissions for the Security event log must prevent access by non-privileged accounts.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
Windows Server 2019 permissions for the System event log must prevent access by non-privileged accounts.
<VulnDiscussion>Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, ...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
<GroupDescription></GroupDescription>Group -
Windows Server 2019 Manage auditing and security log user right must only be assigned to the Administrators group.
<VulnDiscussion>Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with t...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.