Skip to content

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have the Fax Server role installed.

    &lt;VulnDiscussion&gt;Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authe...
    Rule Medium Severity
  • SRG-OS-000096-GPOS-00050

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have the Microsoft FTP service installed unless required by the organization.

    &lt;VulnDiscussion&gt;Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authe...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have the Peer Name Resolution Protocol installed.

    &lt;VulnDiscussion&gt;Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authe...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have Simple TCP/IP Services installed.

    &lt;VulnDiscussion&gt;Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authe...
    Rule Medium Severity
  • SRG-OS-000096-GPOS-00050

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have the Telnet Client installed.

    &lt;VulnDiscussion&gt;Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authe...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have the TFTP Client installed.

    &lt;VulnDiscussion&gt;Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authe...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not the Server Message Block (SMB) v1 protocol installed.

    &lt;VulnDiscussion&gt;SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks s...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB server.

    &lt;VulnDiscussion&gt;SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks s...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client.

    &lt;VulnDiscussion&gt;SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks s...
    Rule Medium Severity
  • SRG-OS-000095-GPOS-00049

    <GroupDescription></GroupDescription>
    Group
  • Windows Server 2022 must not have Windows PowerShell 2.0 installed.

    &lt;VulnDiscussion&gt;Windows PowerShell 5.x added advanced logging features that can provide additional detail when malware has been run on a syst...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules