Detections
Analytics

DISA Windows Server 2012 and 2012 R2 MS STIG v3r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Windows Server 2012 and 2012 R2 MS STIG v3r2

Updated: 4/25/2022

Authority: Operating Systems and Applications

Plugin: Windows

Revision: 1.8

Estimated Item Count: 356

Audit Changelog

 
Revision 1.8

Apr 25, 2022

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
Revision 1.7

Apr 5, 2022

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.6

Feb 22, 2022

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
Added
  • WN12-UR-000019-MS - The Deny log on as a service user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems. No other groups or accounts must be assigned this right.
Removed
  • WN12-UR-000019-MS - The Deny log on as a service user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems. No other groups or accounts must be assigned this right.
Revision 1.5

Jan 7, 2022

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
  • WN12-PK-000004 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.
Miscellaneous
  • Metadata updated.
Revision 1.4

Dec 17, 2021

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
Revision 1.3

Nov 29, 2021

Functional Update
  • WN12-00-000007 - Windows 2012/2012 R2 password for the built-in Administrator account must be changed at least annually or when a member of the administrative team leaves the organization.
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
Revision 1.2

Nov 4, 2021

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
  • WN12-PK-000004 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.
Revision 1.1

Oct 27, 2021

Functional Update
  • WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch
  • WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater.
  • WN12-AU-000204 - Permissions for the Application event log must prevent access by nonprivileged accounts.
  • WN12-AU-000205 - Permissions for the Security event log must prevent access by nonprivileged accounts.
  • WN12-AU-000206 - Permissions for the System event log must prevent access by nonprivileged accounts.