WN12-CC-000132 - Users must be prevented from mapping local COM ports and redirecting data from the Remote Desktop Session Host to local COM ports. (Remote Desktop Services Role).

Information

Preventing the redirection of Remote Desktop session data to a client computer's COM ports helps reduce possible exposure of sensitive data.

Solution

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Device and Resource Redirection -> 'Do not allow COM port redirection' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_MS_V3R7_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(1), CAT|II, CCI|CCI-002314, Rule-ID|SV-225404r852229_rule, STIG-ID|WN12-CC-000132, STIG-Legacy|SV-52224, STIG-Legacy|V-15997, Vuln-ID|V-225404

Plugin: Windows

Control ID: 4f7b17cf8a97cbee6b915654fafbff4ae4065698a0cae45233d731c66084c0c9