II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000032-GPOS-00013
Group -
Windows Server 2019 must be configured to audit logon successes.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000032-GPOS-00013
Group -
Windows Server 2019 must be configured to audit logon failures.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
Windows Server 2019 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications.
Allowing unsecure RPC communication exposes the system to man-in-the-middle attacks and data disclosure attacks. A man-in-the-middle attack occurs when an intruder captures packets between a client...Rule Medium Severity -
SRG-OS-000033-GPOS-00014
Group -
Windows Server 2019 Remote Desktop Services must be configured with the client connection encryption set to High Level.
Remote connections must be encrypted to prevent interception of data or sensitive information. Selecting "High Level" will ensure encryption of Remote Desktop Services sessions in both directions. ...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Windows Server 2019 command line data must be included in process creation events.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000042-GPOS-00020
Group -
Windows Server 2019 PowerShell script block logging must be enabled.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 permissions for the Application event log must prevent access by non-privileged accounts.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 permissions for the Security event log must prevent access by non-privileged accounts.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 permissions for the System event log must prevent access by non-privileged accounts.
Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred, as well as detect attacks. A...Rule Medium Severity -
SRG-OS-000057-GPOS-00027
Group -
Windows Server 2019 Manage auditing and security log user right must only be assigned to the Administrators group.
Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities. Accounts with the "Manage auditing and security log" user right can manage the security...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.