5.107 - A Windows system has an incorrect default DCOM authorization level. - None

Information

The DCOM default authentication level has been detected to be below the required setting. If the authentication level is None, then any user can access any object on the system without authentication.

Solution

Fortify DCOMs default permissions. This should be thoroughly tested to verify DCOM objects continue to function under tightened security.
Open a command prompt.
Execute 'Dcomcnfg.exe'.
In the 'Component Services' window, navigate to Component Services -> Computer -> My Computer
Right-click 'My Computer' and select 'Properties'.
Select the 'Default Properties' tab.
Select a 'Default Authentication Level' other than 'None' or 'Call'. For sensitive systems, an authentication level of 'Packet Privacy' is recommended.
Click OK.

See Also

http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-29736r2_rule, STIG-ID|5.107, Vuln-ID|V-6825

Plugin: Windows

Control ID: 1c69a72006c7aacc7485793eeaff399349b55fb0640123ffa82d4af134013115