| Automatic log off after period
of inactivity |
| This automatic log off policy can
be implemented to minimize the likelihood that an unauthorized
individual may access the workstation |
| Disable the Print Screen key |
| This policy disables the Print Screen
key. |
| Disable the use of USB storage
devices |
| This policy prevents users from
connecting to USB storage devices. |
| Prevent writing to USB storage
devices |
| This policy prevents write operations
to USB block storage devices, such as memory sticks. |
| Disable Remote Login |
| This policy stops users from logging
in to the computer from remote machines. |
| Secure a file |
| This sample policy demonstrates
how you can ensure that a file can only be accessed by
authorized users. |
| Secure a folder |
| This sample policy demonstrates
how you can ensure that a folder can only be accessed
by authorized users. |
| Secure Electronic Protected
Health Information |
| This sample policy demonstrates
how you can ensure that Electronic Protected Health Information
(ePHI) can only be accessed by authorized users. |
| Disable Computer Browser Service |
| This policy disables the Computer
Browser Service. |
| Disable Error Reporting Service |
| This policy stops your computers
from reporting error information to Microsoft when an
application crashes. |
| Disable IIS on unauthorized
computers |
| IIS should not be operational unless
the computer has the "IIS Server" role. |
| Disable Messenger Service |
| This policy stops the Microsoft
Messenger Service from popping up broadcast messages on
your computers. This is not related to the MSN Messenger
Instant Messaging program. |
| Disable Remote Registry Service |
| This policy stops users from connecting
to a computers registry from a remote machine. |
| Disable RPC Service |
| This policy turns off the Remote
Procedure Call (RPC) Service (a service that allows remote
computers to programmatically execute commands on client
machines). |
| Disable Task Scheduler Service |
| This policy stops the Task Scheduler
Service from launching applications at scheduled times.
|
| Disable TCP/IP NetBIOS Helper
Service |
| This policy disables the TCP/IP
NetBIOS Helper Service (a service that is typically only
necessary if your network still uses the Windows Internet
Name Service (WINS) protocol). |
| Disable the Server Service |
| This turns off a service which provides
support for file and print serving as well as RPC. |
| Disable Windows Update |
| This policy disables the "automatic
update" feature of Windows Update. |
| Disable Wireless Zero Configuration
Service |
| This policy turns off automatic
configuration of Wi-Fi connections. |
