III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000480
Group -
Membership in the Group Policy Creator Owners and Incoming Forest Trust Builders groups must be limited.
Membership in the Group Policy Creator Owners and Incoming Forest Trust Builders groups assigns a high privilege level for AD functions. Unnecessary membership increases the risk from compromise o...Rule Medium Severity -
SRG-OS-000480
Group -
User accounts with delegated authority must be removed from Windows built-in administrative groups or remove the delegated authority from the accounts.
In AD it is possible to delegate account and other AD object ownership and administration tasks. (This is commonly done for help desk or other user support staff.) This is done to avoid the need to...Rule Low Severity -
SRG-OS-000480
Group -
Read-only Domain Controller (RODC) architecture and configuration must comply with directory services requirements.
The RODC role provides a unidirectional replication method for selected information from your internal network to the DMZ. If not properly configured so that the risk footprint is minimized, the in...Rule Medium Severity -
SRG-OS-000480
Group -
Usage of administrative accounts must be monitored for suspicious and anomalous activity.
Monitoring the usage of administrative accounts can alert on suspicious behavior and anomalous account usage that would be indicative of potential malicious credential reuse.Rule Medium Severity -
SRG-OS-000480
Group -
Systems must be monitored for attempts to use local accounts to log on remotely from other systems.
Monitoring for the use of local accounts to log on remotely from other systems may indicate attempted lateral movement in a Pass-the-Hash attack.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.