| 1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements. | |
| 1.006 - Users with administrative privilege must be documented and have separate accounts for administrative duties and normal operational tasks. | |
| 1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email. | |
| 1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks. | CONFIGURATION MANAGEMENT |
| 1.008 - Shared user accounts must not be permitted on the system. | ACCESS CONTROL |
| 1.013 - System information backups are not created, updated, and protected according to DISA requirements. | |
| 1.016 - Security configuration tools are not being used to configure platforms for security compliance. | |
| 2.001 - Permissions for event logs must conform to minimum requirements - application.evtx | AUDIT AND ACCOUNTABILITY |
| 2.001 - Permissions for event logs must conform to minimum requirements - system.evtx | AUDIT AND ACCOUNTABILITY |
| 2.001 - Permissions for event logs must conform to minimum requirements. | AUDIT AND ACCOUNTABILITY |
| 2.005 - Systems must be at supported service pack (SP) or release levels. | SYSTEM AND INFORMATION INTEGRITY |
| 2.006 - Permissions for system files and directories must conform to minimum requirements - 'C:' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.006 - Permissions for system files and directories must conform to minimum requirements - 'C:\Program Files' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.006 - Permissions for system files and directories must conform to minimum requirements - 'C:\Windows' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.008 - Local volumes must be formatted using NTFS. | ACCESS CONTROL |
| 2.015 - File share permissions must be reconfigured to remove the Everyone group. | CONFIGURATION MANAGEMENT |
| 2.019 - Security-related software patches are not applied. | |
| 2.021 - Software certificate installation files must be removed from a system. | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.003 - System pagefile is cleared upon shutdown. | CONFIGURATION MANAGEMENT |
| 3.004 - Secure Removable Media - CD-ROM | MEDIA PROTECTION |
| 3.006 - Floppy media devices are not allocated upon user logon. | MEDIA PROTECTION |
| 3.007 - The system allows shutdown from the logon dialog box. | ACCESS CONTROL |
| 3.011 - The required legal notice must be configured to display before console logon. | ACCESS CONTROL |
| 3.013 - Caching of logon credentials must be limited. | IDENTIFICATION AND AUTHENTICATION |
| 3.014 - The Windows dialog box title for the legal banner must be configured. | ACCESS CONTROL |
| 3.018 - Anonymous enumeration of shares must be restricted. | ACCESS CONTROL |
| 3.019 - Anonymous enumeration of SAM accounts will not be allowed. | ACCESS CONTROL |
| 3.027 - Printer share permissions must be restricted to Print for non administrators. | |
| 3.028 - The built-in Windows password complexity policy must be enabled. | IDENTIFICATION AND AUTHENTICATION |
| 3.029 - Print driver installation privilege must be restricted to administrators. | ACCESS CONTROL |
| 3.030 - Anonymous access to the registry must be restricted - registry key exist | ACCESS CONTROL |
| 3.030 - Anonymous access to the registry must be restricted - registry key permissions | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.031 - The Lan Manager authentication level must be set to send NTLMv2 response only, and to refuse LM and NTLM. | IDENTIFICATION AND AUTHENTICATION |
| 3.032 - Ctrl+Alt+Del security attention sequence is disabled. | CONFIGURATION MANAGEMENT |
| 3.034 - Unencrypted passwords must not be sent to third-party SMB Servers. | SYSTEM AND INFORMATION INTEGRITY |
| 3.040 - Automatic logons must be disabled. | ACCESS CONTROL |
| 3.042 - Outgoing secure channel traffic is not signed when possible. | IDENTIFICATION AND AUTHENTICATION |
| 3.043 - Outgoing secure channel traffic is not encrypted when possible. | IDENTIFICATION AND AUTHENTICATION |
| 3.044 - The computer account password is prevented from being reset. | IDENTIFICATION AND AUTHENTICATION |
| 3.045 - The Windows SMB client is not enabled to perform SMB packet signing when possible. | IDENTIFICATION AND AUTHENTICATION |
| 3.046 - The Windows SMB server is not enabled to perform SMB packet signing when possible. | IDENTIFICATION AND AUTHENTICATION |
| 3.047 - The Smart Card removal option must be configured to Force Logoff or Lock Workstation. | ACCESS CONTROL |
| 3.052 - Ejection of removable NTFS media is not restricted to administrators. | MEDIA PROTECTION |
| 3.054 - Users are not warned in advance that their passwords will expire. | IDENTIFICATION AND AUTHENTICATION |
| 3.055 - The default permissions of global system objects are not increased. | CONFIGURATION MANAGEMENT |
| 3.057 - Reversible password encryption must be disabled. | IDENTIFICATION AND AUTHENTICATION |
| 3.059 - The system is configured to autoplay removable media. | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.061 - Unencrypted remote access to system services must not be permitted. | ACCESS CONTROL |
| 3.062 - Anonymous SID/Name translation must not be allowed. | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
