Detections
Analytics

MSCM V1.0 Windows 7 SSLF Desktop

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: MSCM V1.0 Windows 7 SSLF Desktop

Updated: 4/2/2021

Authority: MSCM

Plugin: Windows

Revision: 1.4

Estimated Item Count: 227

Audit Items

DescriptionCategories
CCE-8414-5:Bypass traverse checking
CCE-8423-6:Change the time zone
CCE-8431-9:Create global objects
CCE-8467-3:Impersonate a client after authentication
CCE-8475-6:Perform volume maintenance tasks
CCE-8487-1:Interactive logon: Number of previous logons to cache (in case domain controller is not available)
CCE-8503-5:Microsoft network server: Server SPN target name validation level
CCE-8513-4:MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes
CCE-8560-5:MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)
CCE-8562-1:MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers
CCE-8583-7:Debug programs
CCE-8591-0:MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)
CCE-8612-4:Change the system time
CCE-8655-3:MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)
CCE-8732-0:Replace a process level token
CCE-8784-1:MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended)
CCE-8789-0:Audit: Audit the use of Backup and Restore privilege
CCE-8804-7:Network security: Allow LocalSystem NULL session fallback
CCE-8806-2:Network security: LAN Manager authentication level
CCE-8807-0:Recovery console: Allow automatic administrative logon
CCE-8811-2:User Account Control: Admin Approval Mode for the Built-in Administrator account
CCE-8813-8:User Account Control: Behavior of the elevation prompt for standard users
CCE-8817-9:User Account Control: Virtualize file and registry write failures to per-user locations
CCE-8818-7:Interactive logon: Require Domain Controller authentication to unlock workstation
CCE-8822-9:Audit Policy: Account Management: Application Group Management
CCE-8825-2:Microsoft network server: Digitally sign communications (if client agrees)
CCE-8853-4:Audit Policy: Logon-Logoff: Account Lockout
CCE-8856-7:Audit Policy: Logon-Logoff: Logoff
CCE-8868-2:Devices: Allowed to format and eject removable media
CCE-8870-8:Windows Firewall: Private: Outbound connections
CCE-8884-9:Windows Firewall: Private: Display a notification
CCE-8930-0:Enable computer and user accounts to be trusted for delegation
CCE-8936-7:Network access: Let Everyone permissions apply to anonymous users
CCE-8937-5:Network security: Do not store LAN Manager hash value on next password change
CCE-8945-8:Recovery console: Allow floppy copy and access to all drives and all folders
CCE-8956-5:Audit Policy: Logon-Logoff: IPsec Main Mode
CCE-8958-1:User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
CCE-8974-8:Domain member: Digitally encrypt or sign secure channel data (always)
CCE-8999-5:Increase scheduling priority
CCE-9007-6:Windows Firewall: Public: Inbound connections
CCE-9014-2:Shut down the system
CCE-9021-7:User Account Control: Only elevate executables that are signed and validated
CCE-9026-6:Devices: Prevent users from installing printer drivers
CCE-9040-7:Microsoft network server: Digitally sign communications (always)
CCE-9048-0:Increase a process working set
CCE-9067-0:Interactive logon: Smart card removal behavior
CCE-9068-8:Adjust memory quotas for a process
CCE-9069-6:Windows Firewall: Domain: Allow unicast response
CCE-9096-9:Network security: Allow Local System to use computer identity for NTLM
CCE-9107-4:Allow log on through Remote Desktop Services