III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000076-GPOS-00044
Group -
Passwords must be configured to expire.
Passwords that do not expire or are reused increase the exposure of a password with greater probability of being discovered or cracked.Rule Medium Severity -
SRG-OS-000363-GPOS-00150
Group -
System files must be monitored for unauthorized changes.
Monitoring system files for changes against a baseline on a regular basis may help detect the possible introduction of malicious code on a system.Rule Medium Severity -
SRG-OS-000138-GPOS-00069
Group -
Non-system-created file shares on a system must limit access to groups that require it.
Shares on a system provide network access. To prevent exposing sensitive information, where shares are necessary, permissions must be reconfigured to give the minimum access to accounts that requir...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
Software certificate installation files must be removed from Windows Server 2016.
Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.Rule Medium Severity -
SRG-OS-000185-GPOS-00079
Group -
Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.
This requirement addresses protection of user-generated data as well as operating system-specific configuration data. Organizations may choose to employ different mechanisms to achieve confidential...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.