| NIST Windows XP - 2.1 Local
Policies - Audit Policy Settings |
| Use this policy to configure the
system audit settings consistent with the NIST recommendations
for Windows XP. |
| NIST Windows XP - 2.2 Local
Policies - User Rights Assignment Settings |
| This policy assures that User Rights
Assignments are consistent with the NIST recommendations. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Control system shut down
when unable to log security audits |
| This policy assures compliance with
the NIST recommendation that computers should be configured
to shut down immediately when security events cannot be
written to the Security log file. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - FIPS Certified Cryptography |
| This policy assures compliance with
the NIST recommendation for the use of FIPS (Federal Information
Processing Standards ) compliant algorithms for encryption,
hashing, and signing in Windows XP High Security environments. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden Devices settings |
| This policy assures that Devices
settings are consistent with the NIST recommendations for
strengthening Devices security options to achieve greater
security than the default settings provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden Domain Member settings |
| This policy assures that Domain
member settings are consistent with the NIST recommendations
for strengthening Domain member security options to achieve
greater security than the default settings provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden Microsoft network
client settings |
| This policy assures that Microsoft
network client settings are consistent with the NIST recommendations
for strengthening Microsoft network client security options
to achieve greater security than the default settings
provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden Microsoft network
server settings |
| This policy assures that Microsoft
network server settings are consistent with the NIST recommendations
for strengthening Microsoft network server security options
to achieve greater security than the default settings
provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden network access settings |
| This policy assures that the network
access settings are consistent with the NIST recommendations
for restricting which types of network access may be performed,
in order to achieve greater security than the default
settings provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden network security
settings |
| This policy assures that the network
security settings are consistent with the NIST recommendations
for strengthening the network security settings, in order
to achieve greater security than the default settings
provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden Recovery console
settings |
| This policy assures that Recovery
console settings are consistent with the NIST recommendations
for strengthening Recovery console security options to
achieve greater security than the default settings provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden System objects settings |
| This policy assures that the System
objects settings are consistent with the NIST recommendations
for strengthening System objects security options to achieve
greater security than the default settings provide. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden the Interactive logon
settings |
| This policy assures that the interactive
logon settings are consistent with the NIST recommendations. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Harden the Shutdown settings |
| This policy assures that shutdown
settings are consistent with the NIST recommendations. |
| NIST Windows XP - 2.3 Local
Policies - Security Options - Limit local account use
of blank passwords to console only |
| This policy assures that this setting
is enabled, consistent with the NIST recommendation. |
| NIST Windows XP - 3.0 Event
Log Policy Parameters |
| This policy assures that the Event
Log settings are consistent with the NIST recommendations. |
| NIST Windows XP - 4.0 Restricted
Groups Settings |
| This policy removes all users from
the Remote Desktop Users and Power Users groups. |
| NIST Windows XP - 5.0 System
Services Settings |
| This policy disables and secures
the services that the NIST guidance indicates are unnecessary
for Windows XP. |
| NIST Windows XP - 6.0 File Permission
Settings |
| This security policy restricts access
to 26 operating system executables, protecting them from
unauthorized modification and usage. |
| NIST Windows XP - 7.0 Registry
Permission Settings |
| This security policy restricts access
to these critical registry keys. |
| NIST Windows XP - 8.1 Registry
Values - Debugging |
| This policy disables the Dr. Watson
program debugger, and disables creation of the Dr. Watson
memory dump file. |
| NIST Windows XP - 8.2 Registry
Values - Automatic Functions - Disable automatic logon |
| This policy assures that the automatic
logon feature is disabled. |
| NIST Windows XP - 8.2 Registry
Values - Automatic Functions - Disable automatic reboot |
| This policy assures that the automatic
reboot feature is disabled. |
| NIST Windows XP - 8.2 Registry
Values - Automatic Functions - Disable Automatically Running
CD-ROMs |
| This policy assures that the automatic
execution of CD-ROM content is disabled. |
| NIST Windows XP - 8.3 Registry
Values - Networking - Harden the Microsoft TCPIP stack
settings |
| This policy assures that the Microsoft
TCP/IP stack settings are configured to be consistent
with the NIST recommendations. |
| NIST Windows XP - 8.3 Registry
Values - Networking - Strengthen miscellaneous networking
settings |
| This policy assures that the networking
settings are consistent with the NIST recommendations. |
| Windows 2000 Professional: Baseline
Security Settings |
| This policy provides settings to
support the Evaluated Configuration of Windows 2000 under
the Common Criteria (CC) for Information Technology Security
Evaluation. |
| Windows 2000 Professional: High
Security Settings |
| This policy provides settings for
high security computers to support the Evaluated Configuration
of Windows 2000 under the Common Criteria (CC) for Information
Technology Security Evaluation. |
| Windows 2000 Server: Domain
Controller |
| This Security Configuration Template
provides settings to support the Windows 2000 Server domain-controller
security settings for the Securing Windows 2000 Server
Solution Guide. |
| Windows 2000 Server: File Server |
| This Security Configuration Template
provides settings to support the Windows 2000 Server File-Server
or Print-Server security settings for the Securing Windows
2000 Server Solution Guide. |
| Windows 2000 Server: IIS Server |
| This Security Configuration Template
provides settings to support the Windows 2000 Server IIS
Server security settings for the Securing Windows 2000
Server Solution Guide. |
| Windows 2000 Server: Infrastructure
Server |
| This Security Configuration Template
provides settings to support the Windows 2000 Server Infrastructure
Server security settings for the Securing Windows 2000
Server Solution Guide. |
| Windows 2000 Server: Member
Server |
| This Security Configuration Template
provides settings to support the Windows 2000 Server base
security settings for the Securing Windows 2000 Server
Solution Guide. |
| Windows 2000 Server: Print Server |
| This Security Configuration Template
provides settings to support the Windows 2000 Server File-Server
or Print-Server security settings for the Securing Windows
2000 Server Solution Guide. |
| Windows Server 2003: Enterprise
Client - Certificate Services |
| This policy provides incremental
settings for a Certificate Services Server in an environment
with only Windows 2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - Domain Controller |
| This policy provides settings for
a Domain Controller in an environment with only Windows
2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - File Server |
| This policy provides incremental
settings for a File Server in an environment with only
Windows 2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - IAS Server |
| This policy provides incremental
settings for an IAS Server in an environment with only
Windows 2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - IIS Server |
| This policy provides incremental
settings for an IIS Server in an environment with only
Windows 2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - Infrastructure Server |
| This policy provides incremental
settings for an Infrastructure Server in an environment
with only Windows 2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - Member Server Baseline |
| This policy provides baseline settings
for all Member Servers in an environment with only Windows
2000 or Windows XP clients. |
| Windows Server 2003: Enterprise
Client - Print Server |
| This policy provides incremental
settings for a Print Server in an environment with only
Windows 2000 or Windows XP clients. |
| Windows Server 2003: High Security
- Bastion Host |
| This policy provides settings for
a Bastion Host server. |
| Windows Server 2003: High Security
- Domain Controller |
| This policy provides settings for
a Domain Controller in an environment with high security
requirements. |
| Windows Server 2003: High Security
- File Server |
| This policy provides incremental
settings for a File Server in an environment with high
security requirements. |
| Windows Server 2003: High Security
- IIS Server |
| This policy provides incremental
settings for an IIS Server in an environment with high
security requirements. |
| Windows Server 2003: High Security
- Infrastructure Server |
| This policy provides incremental
settings for an Infrastructure Server in an environment
with high security requirements. |
| Windows Server 2003: High Security
- Member Server Baseline |
| This policy provides baseline settings
for all Member Servers in an environment with high security
requirements. |
| Windows Server 2003: High Security
- Print Server |
| This policy provides incremental
settings for a Print Server in an environment with high
security requirements. |
| Windows Server 2003: Legacy
Client - Domain Controller |
| This policy provides settings for
a Domain Controller in an environment with legacy clients. |
| Windows Server 2003: Legacy
Client - File Server |
| This policy provides incremental
settings for a File Server in an environment with legacy
clients. |
| Windows Server 2003: Legacy
Client - IIS Server |
| This policy provides incremental
settings for an IIS Server in an environment with legacy
clients. |
| Windows Server 2003: Legacy
Client - Infrastructure Server |
| This policy provides incremental
settings for an Infrastructure Server in an environment
with legacy clients. |
| Windows Server 2003: Legacy
Client - Member Server Baseline |
| This policy provides baseline settings
for all Member Servers in an environment with legacy clients. |
| Windows Server 2003: Legacy
Client - Print Server |
| This policy provides incremental
settings for a Print Server in an environment with legacy
clients. |
| Windows XP: Enterprise Client
- Desktop Computer |
| Enterprise client settings for Windows
XP desktop computers. |
| Windows XP: Enterprise Client-
Laptop Computer |
| Enterprise client settings for Windows
XP laptop computers. |
| Windows XP: High Security -
Desktop Computer |
| High Security Settings for Windows
XP desktop computers. |
| Windows XP: High Security -
Laptop Computer |
| High security settings for Windows
XP laptop computers. |
