III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000478-GPOS-00223
Group -
Windows Server 2022 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.
This setting ensures the system uses algorithms that are FIPS-compliant for encryption, hashing, and signing. FIPS-compliant algorithms meet specific standards established by the U.S. Government an...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
Windows Server 2022 default permissions of global system objects must be strengthened.
Windows systems maintain a global list of shared system resources such as DOS device names, mutexes, and semaphores. Each type of object is created with a default Discretionary Access Control List ...Rule Low Severity -
SRG-OS-000373-GPOS-00156
Group -
Windows Server 2022 User Account Control (UAC) approval mode for the built-in Administrator must be enabled.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures the built-in Administrator account so that it run...Rule Medium Severity -
SRG-OS-000134-GPOS-00068
Group -
Windows Server 2022 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop.
User Account Control (UAC) is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting prevents User Interface Accessibility...Rule Medium Severity -
SRG-OS-000134-GPOS-00068
Group -
Windows Server 2022 User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures the elevation requirements for logged-on administ...Rule Medium Severity -
SRG-OS-000373-GPOS-00156
Group -
Windows Server 2022 User Account Control (UAC) must automatically deny standard user requests for elevation.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting controls the behavior of elevation when requested by a stand...Rule Medium Severity -
SRG-OS-000134-GPOS-00068
Group -
Windows Server 2022 User Account Control (UAC) must be configured to detect application installations and prompt for elevation.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting requires Windows to respond to application installation requ...Rule Medium Severity -
SRG-OS-000134-GPOS-00068
Group -
Windows Server 2022 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures Windows to only allow applications installed in a...Rule Medium Severity -
SRG-OS-000373-GPOS-00156
Group -
Windows Server 2022 User Account Control (UAC) must run all administrators in Admin Approval Mode, enabling UAC.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting enables UAC. Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-00...Rule Medium Severity -
SRG-OS-000134-GPOS-00068
Group -
Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations.
UAC is a security mechanism for limiting the elevation of privileges, including administrative accounts, unless authorized. This setting configures non-UAC-compliant applications to run in virtuali...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.