III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
Windows Server 2019 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client.
<VulnDiscussion>SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks s...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
Windows Server 2019 must not have Windows PowerShell 2.0 installed.
<VulnDiscussion>Windows PowerShell 5.x added advanced logging features that can provide additional detail when malware has been run on a syst...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
Windows Server 2019 must prevent the display of slide shows on the lock screen.
<VulnDiscussion>Slide shows that are displayed on the lock screen could display sensitive information to unauthorized personnel. Turning off ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
Windows Server 2019 must have WDigest Authentication disabled.
<VulnDiscussion>When the WDigest Authentication protocol is enabled, plain-text passwords are stored in the Local Security Authority Subsyste...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
Windows Server 2019 downloading print driver packages over HTTP must be turned off.
<VulnDiscussion>Some features may communicate with the vendor, sending system information or downloading data or components for the feature. ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.